Scientific Linux alert SL-kern-20130206 (kernel)
| From: | Pat Riehecky <riehecky@fnal.gov> | |
| To: | "SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" <SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV> | |
| Subject: | Security ERRATA Moderate: kernel on SL6.x i386/x86_64 | |
| Date: | Wed, 6 Feb 2013 09:14:56 -0600 | |
| Message-ID: | <51127370.5060206@fnal.gov> |
Synopsis: Moderate: kernel security and bug fix update Issue Date: 2013-02-05 CVE Numbers: CVE-2012-4398 CVE-2012-4461 CVE-2012-4530 -- This update fixes the following security issues: * It was found that a deadlock could occur in the Out of Memory (OOM) killer. A process could trigger this deadlock by consuming a large amount of memory, and then causing request_module() to be called. A local, unprivileged user could use this flaw to cause a denial of service (excessive memory consumption). (CVE-2012-4398, Moderate) * A flaw was found in the way the KVM (Kernel-based Virtual Machine) subsystem handled guests attempting to run with the X86_CR4_OSXSAVE CPU feature flag set. On hosts without the XSAVE CPU feature, a local, unprivileged user could use this flaw to crash the host system. (The "grep --color xsave /proc/cpuinfo" command can be used to verify if your system has the XSAVE CPU feature.) (CVE-2012-4461, Moderate) * A memory disclosure flaw was found in the way the load_script() function in the binfmt_script binary format handler handled excessive recursions. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space by executing specially-crafted scripts. (CVE-2012-4530, Low) The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-279.22.1.el6.x86_64.rpm kernel-debug-2.6.32-279.22.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.22.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.22.1.el6.x86_64.rpm kernel-devel-2.6.32-279.22.1.el6.x86_64.rpm kernel-headers-2.6.32-279.22.1.el6.x86_64.rpm perf-2.6.32-279.22.1.el6.x86_64.rpm perf-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm python-perf-2.6.32-279.22.1.el6.x86_64.rpm i386 kernel-2.6.32-279.22.1.el6.i686.rpm kernel-debug-2.6.32-279.22.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.22.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.22.1.el6.i686.rpm kernel-debuginfo-2.6.32-279.22.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.22.1.el6.i686.rpm kernel-devel-2.6.32-279.22.1.el6.i686.rpm kernel-headers-2.6.32-279.22.1.el6.i686.rpm perf-2.6.32-279.22.1.el6.i686.rpm perf-debuginfo-2.6.32-279.22.1.el6.i686.rpm python-perf-debuginfo-2.6.32-279.22.1.el6.i686.rpm python-perf-2.6.32-279.22.1.el6.i686.rpm noarch kernel-doc-2.6.32-279.22.1.el6.noarch.rpm kernel-firmware-2.6.32-279.22.1.el6.noarch.rpm - Scientific Linux Development Team