LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Shumway lands in Firefox

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2013-2851 CVE-2013-2148 CVE-2013-2140 CVE-2013-2147 CVE-2013-2852 CVE-2013-2164
Created:June 13, 2013 Updated:August 20, 2013
Description:

From the Fedora advisory:

Bug #969515 - CVE-2013-2851 kernel: block: passing disk names as format strings https://bugzilla.redhat.com/show_bug.cgi?id=969515

Bug #971258 - CVE-2013-2148 Kernel: fanotify: info leak in copy_event_to_user https://bugzilla.redhat.com/show_bug.cgi?id=971258

Bug #971146 - CVE-2013-2140 kernel: xen: blkback: insufficient permission checks for BLKIF_OP_DISCARD https://bugzilla.redhat.com/show_bug.cgi?id=971146

Bug #971242 - CVE-2013-2147 Kernel: cpqarray/cciss: information leak via ioctl https://bugzilla.redhat.com/show_bug.cgi?id=971242

Bug #969518 - CVE-2013-2852 kernel: b43: format string leaking into error msgs https://bugzilla.redhat.com/show_bug.cgi?id=969518

Bug #973100 - CVE-2013-2164 Kernel: information leak in cdrom driver https://bugzilla.redhat.com/show_bug.cgi?id=973100

Alerts:
Fedora FEDORA-2013-10695 2013-06-13
CentOS CESA-2013:0620 2013-06-21
Fedora FEDORA-2013-9123 2013-07-01
Ubuntu USN-1899-1 2013-07-04
Ubuntu USN-1900-1 2013-07-04
Mageia MGASA-2013-0203 2013-07-06
Mageia MGASA-2013-0204 2013-07-09
Mageia MGASA-2013-0210 2013-07-16
Mageia MGASA-2013-0214 2013-07-16
Mageia MGASA-2013-0211 2013-07-16
Mageia MGASA-2013-0215 2013-07-16
Mageia MGASA-2013-0209 2013-07-16
Mageia MGASA-2013-0213 2013-07-16
Mageia MGASA-2013-0212 2013-07-16
Mandriva MDVSA-2013:194 2013-07-11
Red Hat RHSA-2013:1051-01 2013-07-16
Red Hat RHSA-2013:1080-01 2013-07-16
CentOS CESA-2013:1051 2013-07-17
Oracle ELSA-2013-1051 2013-07-16
CentOS CESA-2013:X002 2013-07-17
Scientific Linux SL-kern-20130717 2013-07-17
Oracle ELSA-2013-2537 2013-07-18
Oracle ELSA-2013-2537 2013-07-18
Oracle ELSA-2013-2538 2013-07-18
Oracle ELSA-2013-2538 2013-07-18
Ubuntu USN-1913-1 2013-07-29
Ubuntu USN-1912-1 2013-07-29
Ubuntu USN-1914-1 2013-07-29
Ubuntu USN-1917-1 2013-07-29
Ubuntu USN-1919-1 2013-07-29
Ubuntu USN-1915-1 2013-07-29
Ubuntu USN-1916-1 2013-07-29
Ubuntu USN-1918-1 2013-07-29
Ubuntu USN-1920-1 2013-07-30
Ubuntu USN-1929-1 2013-08-20
Ubuntu USN-1932-1 2013-08-20
Ubuntu USN-1935-1 2013-08-20
Ubuntu USN-1931-1 2013-08-20
Ubuntu USN-1936-1 2013-08-20
Ubuntu USN-1930-1 2013-08-20
Ubuntu USN-1933-1 2013-08-20
Ubuntu USN-1934-1 2013-08-20
Red Hat RHSA-2013:1166-01 2013-08-20
CentOS CESA-2013:1166 2013-08-21
Scientific Linux SLSA-2013:1166-1 2013-08-21
Oracle ELSA-2013-1166 2013-08-22
CentOS CESA-2013:X007 2013-08-22
Oracle ELSA-2013-1166 2013-08-22
Debian DSA-2745-1 2013-08-28
Oracle ELSA-2013-2543 2013-08-29
Oracle ELSA-2013-2543 2013-08-29
Oracle ELSA-2013-2542 2013-08-29
Oracle ELSA-2013-2542 2013-08-29
Ubuntu USN-1938-1 2013-09-05
Ubuntu USN-1944-1 2013-09-06
Ubuntu USN-1941-1 2013-09-06
Ubuntu USN-1943-1 2013-09-06
Ubuntu USN-1942-1 2013-09-06
Ubuntu USN-1945-1 2013-09-06
Ubuntu USN-1946 2013-09-06
Ubuntu USN-1947-1 2013-09-06
Red Hat RHSA-2013:1264-01 2013-09-16
Oracle ELSA-2013-2546 2013-09-17
Oracle ELSA-2013-2546 2013-09-17
SUSE SUSE-SU-2013:1473-1 2013-09-21
SUSE SUSE-SU-2013:1474-1 2013-09-21
Debian DSA-2766-1 2013-09-27
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds