Parent Directory
| 
Revision Log
MGASA-2013-0212: kernel-vserver-3.4.52-1.mga2
| 1 | davidwhodgins | 186 | type: security |
| 2 | subject: Updated kernel-vserver package fixes security issues | ||
| 3 | CVE: | ||
| 4 | - CVE-2013-0231 | ||
| 5 | - CVE-2013-2850 | ||
| 6 | - CVE-2013-2852 | ||
| 7 | src: | ||
| 8 | 2: | ||
| 9 | core: | ||
| 10 | - kernel-vserver-3.4.51-1.mga2 | ||
| 11 | description: | | ||
| 12 | The pciback_enable_msi function in the PCI backend driver | ||
| 13 | (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux | ||
| 14 | kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to | ||
| 15 | cause a denial of service via a large number of kernel log messages. | ||
| 16 | (CVE-2013-0231 / XSA-43) | ||
| 17 | |||
| 18 | Heap-based buffer overflow in the iscsi_add_notunderstood_response function | ||
| 19 | in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target | ||
| 20 | subsystem in the Linux kernel through 3.9.4 allows remote attackers to | ||
| 21 | cause a denial of service (memory corruption and OOPS) or possibly execute | ||
| 22 | arbitrary code via a long key that is not properly handled during | ||
| 23 | construction of an error-response packet. | ||
| 24 | A reproduction case requires patching open-iscsi to send overly large | ||
| 25 | keys. Performing discovery in a loop will Oops the remote server. | ||
| 26 | (CVE-2013-2850) | ||
| 27 | |||
| 28 | Format string vulnerability in the b43_request_firmware function in | ||
| 29 | drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in | ||
| 30 | the Linux kernel through 3.9.4 allows local users to gain privileges by | ||
| 31 | leveraging root access and including format string specifiers in an | ||
| 32 | fwpostfix modprobe parameter, leading to improper construction of an | ||
| 33 | error message. (CVE-2013-2852) | ||
| 34 | |||
| 35 | Other fixes: | ||
| 36 | Fix up alx AR8161 breakage (mga #10079) | ||
| 37 | |||
| 38 | For other -stable fixes, read the referenced changelogs | ||
| 39 | references: | ||
| 40 | - https://bugs.mageia.org/show_bug.cgi?id=10655 | ||
| 41 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46 | ||
| 42 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47 | ||
| 43 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48 | ||
| 44 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49 | ||
| 45 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50 | ||
| 46 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51 | ||
| 47 | tmb | 193 | ID: MGASA-2013-0212 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |