User: Password:
|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2014:0159-1 (kernel)

From:  Pat Riehecky <riehecky@fnal.gov>
To:  "SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" <SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV>
Subject:  Security ERRATA Important: kernel on SL6.x i386/x86_64
Date:  Wed, 12 Feb 2014 08:13:34 -0600
Message-ID:  <52FB818E.5080407@fnal.gov>

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2014:0159-1 Issue Date: 2014-02-11 CVE Numbers: CVE-2013-2929 CVE-2013-6381 CVE-2013-7263 CVE-2013-7265 -- * A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6381, Important) * A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. (CVE-2013-2929, Low) * It was found that certain protocol handlers in the Linux kernel's networking implementation could set the addr_len value without initializing the associated data structure. A local, unprivileged user could use this flaw to leak kernel stack memory to user space using the recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low). The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-431.5.1.el6.x86_64.rpm kernel-debug-2.6.32-431.5.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.5.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.5.1.el6.x86_64.rpm kernel-devel-2.6.32-431.5.1.el6.x86_64.rpm kernel-headers-2.6.32-431.5.1.el6.x86_64.rpm perf-2.6.32-431.5.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm python-perf-2.6.32-431.5.1.el6.x86_64.rpm i386 kernel-2.6.32-431.5.1.el6.i686.rpm kernel-debug-2.6.32-431.5.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.5.1.el6.i686.rpm kernel-debug-devel-2.6.32-431.5.1.el6.i686.rpm kernel-debuginfo-2.6.32-431.5.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.5.1.el6.i686.rpm kernel-devel-2.6.32-431.5.1.el6.i686.rpm kernel-headers-2.6.32-431.5.1.el6.i686.rpm perf-2.6.32-431.5.1.el6.i686.rpm perf-debuginfo-2.6.32-431.5.1.el6.i686.rpm python-perf-debuginfo-2.6.32-431.5.1.el6.i686.rpm python-perf-2.6.32-431.5.1.el6.i686.rpm noarch kernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpm kernel-doc-2.6.32-431.5.1.el6.noarch.rpm kernel-firmware-2.6.32-431.5.1.el6.noarch.rpm - Scientific Linux Development Team


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds