Parent Directory | Revision Log
MGASA-2013-0211: kernel-rt-3.4.52-0.rt67.2.mga2
1 | type: security |
2 | subject: Updated kernel-rt package fixes security issues |
3 | CVE: |
4 | - CVE-2013-0231 |
5 | - CVE-2013-2850 |
6 | - CVE-2013-2852 |
7 | src: |
8 | 2: |
9 | core: |
10 | - kernel-rt-3.4.51-0.rt62.1.mga2 |
11 | description: | |
12 | The pciback_enable_msi function in the PCI backend driver |
13 | (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux |
14 | kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to |
15 | cause a denial of service via a large number of kernel log messages. |
16 | (CVE-2013-0231 / XSA-43) |
17 | |
18 | Heap-based buffer overflow in the iscsi_add_notunderstood_response function |
19 | in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target |
20 | subsystem in the Linux kernel through 3.9.4 allows remote attackers to |
21 | cause a denial of service (memory corruption and OOPS) or possibly execute |
22 | arbitrary code via a long key that is not properly handled during |
23 | construction of an error-response packet. |
24 | A reproduction case requires patching open-iscsi to send overly large |
25 | keys. Performing discovery in a loop will Oops the remote server. |
26 | (CVE-2013-2850) |
27 | |
28 | Format string vulnerability in the b43_request_firmware function in |
29 | drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in |
30 | the Linux kernel through 3.9.4 allows local users to gain privileges by |
31 | leveraging root access and including format string specifiers in an |
32 | fwpostfix modprobe parameter, leading to improper construction of an |
33 | error message. (CVE-2013-2852) |
34 | |
35 | Other fixes: |
36 | Fix up alx AR8161 breakage (mga #10079) |
37 | |
38 | For other -stable fixes, read the referenced changelogs |
39 | references: |
40 | - https://bugs.mageia.org/show_bug.cgi?id=10654 |
41 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46 |
42 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47 |
43 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48 |
44 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49 |
45 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50 |
46 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51 |
47 | ID: MGASA-2013-0211 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |