/[advisories]/10655.adv
ViewVC logotype

Diff of /10655.adv

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 193 by tmb, Tue Jul 16 07:34:48 2013 UTC revision 195 by tmb, Tue Jul 16 07:53:42 2013 UTC
# Line 2  type: security Line 2  type: security
2  subject: Updated kernel-vserver package fixes security issues  subject: Updated kernel-vserver package fixes security issues
3  CVE:  CVE:
4   - CVE-2013-0231   - CVE-2013-0231
5     - CVE-2013-2232
6     - CVE-2013-2234
7     - CVE-2013-2237
8   - CVE-2013-2850   - CVE-2013-2850
9   - CVE-2013-2852   - CVE-2013-2852
10  src:  src:
11    2:    2:
12     core:     core:
13       - kernel-vserver-3.4.51-1.mga2       - kernel-vserver-3.4.52-1.mga2
14  description: |  description: |
15      This kernel-vserver update provides the upstream 3.4.52 kernel and fixes
16      the follwing security issues:
17      
18    The pciback_enable_msi function in the PCI backend driver    The pciback_enable_msi function in the PCI backend driver
19    (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux    (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux
20    kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to    kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to
21    cause a denial of service via a large number of kernel log messages.    cause a denial of service via a large number of kernel log messages.
22    (CVE-2013-0231 / XSA-43)    (CVE-2013-0231 / XSA-43)
23        
24      ipv6: ip6_sk_dst_check() must not assume ipv6 dst
25      It's possible to use AF_INET6 sockets and to connect to an IPv4
26      destination. After this, socket dst cache is a pointer to a rtable,
27      not rt6_info. This bug can be exploited by local non-root users
28      to trigger various corruptions/crashes (CVE-2013-2232)
29      
30      af_key: fix info leaks in notify messages
31      key_notify_sa_flush() and key_notify_policy_flush() miss to
32      initialize the sadb_msg_reserved member of the broadcasted message
33      and thereby leak 2 bytes of heap memory to listeners (CVE-2013-2234)
34      
35      af_key: initialize satype in key_notify_policy_flush()
36      key_notify_policy_flush() miss to nitialize the sadb_msg_satype member
37      of the broadcasted message and thereby leak heap memory to listeners
38      (CVE-2013-2237)
39      
40    Heap-based buffer overflow in the iscsi_add_notunderstood_response function    Heap-based buffer overflow in the iscsi_add_notunderstood_response function
41    in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target    in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target
42    subsystem in the Linux kernel through 3.9.4 allows remote attackers to    subsystem in the Linux kernel through 3.9.4 allows remote attackers to
# Line 44  references: Line 66  references:
66   - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49   - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49
67   - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50   - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50
68   - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51   - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51
69     - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.52
70  ID: MGASA-2013-0212  ID: MGASA-2013-0212

Legend:
Removed from v.193  
changed lines
  Added in v.195

  ViewVC Help
Powered by ViewVC 1.1.28