/[advisories]/10655.adv
ViewVC logotype

Annotation of /10655.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 193 - (hide annotations) (download)
Tue Jul 16 07:34:48 2013 UTC (7 years, 3 months ago) by tmb
File size: 2066 byte(s)
MGASA-2013-0212: kernel-vserver-3.4.52-1.mga2
1 davidwhodgins 186 type: security
2     subject: Updated kernel-vserver package fixes security issues
3     CVE:
4     - CVE-2013-0231
5     - CVE-2013-2850
6     - CVE-2013-2852
7     src:
8     2:
9     core:
10     - kernel-vserver-3.4.51-1.mga2
11     description: |
12     The pciback_enable_msi function in the PCI backend driver
13     (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux
14     kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to
15     cause a denial of service via a large number of kernel log messages.
16     (CVE-2013-0231 / XSA-43)
17    
18     Heap-based buffer overflow in the iscsi_add_notunderstood_response function
19     in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target
20     subsystem in the Linux kernel through 3.9.4 allows remote attackers to
21     cause a denial of service (memory corruption and OOPS) or possibly execute
22     arbitrary code via a long key that is not properly handled during
23     construction of an error-response packet.
24     A reproduction case requires patching open-iscsi to send overly large
25     keys. Performing discovery in a loop will Oops the remote server.
26     (CVE-2013-2850)
27    
28     Format string vulnerability in the b43_request_firmware function in
29     drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in
30     the Linux kernel through 3.9.4 allows local users to gain privileges by
31     leveraging root access and including format string specifiers in an
32     fwpostfix modprobe parameter, leading to improper construction of an
33     error message. (CVE-2013-2852)
34    
35     Other fixes:
36     Fix up alx AR8161 breakage (mga #10079)
37    
38     For other -stable fixes, read the referenced changelogs
39     references:
40     - https://bugs.mageia.org/show_bug.cgi?id=10655
41     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46
42     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47
43     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48
44     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49
45     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50
46     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51
47 tmb 193 ID: MGASA-2013-0212

  ViewVC Help
Powered by ViewVC 1.1.28