Parent Directory | Revision Log
MGASA-2013-0212: kernel-vserver-3.4.52-1.mga2
1 | davidwhodgins | 186 | type: security |
2 | subject: Updated kernel-vserver package fixes security issues | ||
3 | CVE: | ||
4 | - CVE-2013-0231 | ||
5 | - CVE-2013-2850 | ||
6 | - CVE-2013-2852 | ||
7 | src: | ||
8 | 2: | ||
9 | core: | ||
10 | - kernel-vserver-3.4.51-1.mga2 | ||
11 | description: | | ||
12 | The pciback_enable_msi function in the PCI backend driver | ||
13 | (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux | ||
14 | kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to | ||
15 | cause a denial of service via a large number of kernel log messages. | ||
16 | (CVE-2013-0231 / XSA-43) | ||
17 | |||
18 | Heap-based buffer overflow in the iscsi_add_notunderstood_response function | ||
19 | in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target | ||
20 | subsystem in the Linux kernel through 3.9.4 allows remote attackers to | ||
21 | cause a denial of service (memory corruption and OOPS) or possibly execute | ||
22 | arbitrary code via a long key that is not properly handled during | ||
23 | construction of an error-response packet. | ||
24 | A reproduction case requires patching open-iscsi to send overly large | ||
25 | keys. Performing discovery in a loop will Oops the remote server. | ||
26 | (CVE-2013-2850) | ||
27 | |||
28 | Format string vulnerability in the b43_request_firmware function in | ||
29 | drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in | ||
30 | the Linux kernel through 3.9.4 allows local users to gain privileges by | ||
31 | leveraging root access and including format string specifiers in an | ||
32 | fwpostfix modprobe parameter, leading to improper construction of an | ||
33 | error message. (CVE-2013-2852) | ||
34 | |||
35 | Other fixes: | ||
36 | Fix up alx AR8161 breakage (mga #10079) | ||
37 | |||
38 | For other -stable fixes, read the referenced changelogs | ||
39 | references: | ||
40 | - https://bugs.mageia.org/show_bug.cgi?id=10655 | ||
41 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46 | ||
42 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47 | ||
43 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48 | ||
44 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49 | ||
45 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50 | ||
46 | - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51 | ||
47 | tmb | 193 | ID: MGASA-2013-0212 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |