Parent Directory | Revision Log
Adding security advisories for kernel-linus,rt, and vserver mga#10653, mga#10654, mga#10655
1 | type: security |
2 | subject: Updated kernel-linus package fixes security issues |
3 | CVE: |
4 | - CVE-2013-0231 |
5 | - CVE-2013-2850 |
6 | - CVE-2013-2852 |
7 | src: |
8 | 2: |
9 | core: |
10 | - kernel-linus-3.4.52-1.mga2 |
11 | description: | |
12 | This kernel update provides the upstream 3.4.52 kernel and fixes |
13 | the follwing security issues: |
14 | |
15 | The pciback_enable_msi function in the PCI backend driver |
16 | (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux |
17 | kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to |
18 | cause a denial of service via a large number of kernel log messages. |
19 | (CVE-2013-0231 / XSA-43) |
20 | |
21 | Heap-based buffer overflow in the iscsi_add_notunderstood_response function |
22 | in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target |
23 | subsystem in the Linux kernel through 3.9.4 allows remote attackers to |
24 | cause a denial of service (memory corruption and OOPS) or possibly execute |
25 | arbitrary code via a long key that is not properly handled during |
26 | construction of an error-response packet. |
27 | A reproduction case requires patching open-iscsi to send overly large |
28 | keys. Performing discovery in a loop will Oops the remote server. |
29 | (CVE-2013-2850) |
30 | |
31 | Format string vulnerability in the b43_request_firmware function in |
32 | drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in |
33 | the Linux kernel through 3.9.4 allows local users to gain privileges by |
34 | leveraging root access and including format string specifiers in an |
35 | fwpostfix modprobe parameter, leading to improper construction of an |
36 | error message. (CVE-2013-2852) |
37 | |
38 | Other fixes: |
39 | For other -stable fixes, read the referenced changelogs |
40 | references: |
41 | - https://bugs.mageia.org/show_bug.cgi?id=10653 |
42 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46 |
43 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47 |
44 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48 |
45 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49 |
46 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50 |
47 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51 |
48 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.52 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |