advisories/10655.adv

type: security
subject: Updated kernel-vserver package fixes security issues
CVE:
 - CVE-2013-0231
 - CVE-2013-2850
 - CVE-2013-2852
src:
  2:
   core:
     - kernel-vserver-3.4.51-1.mga2
description: |
  The pciback_enable_msi function in the PCI backend driver 
  (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux
  kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to
  cause a denial of service via a large number of kernel log messages.
  (CVE-2013-0231 / XSA-43)
  
  Heap-based buffer overflow in the iscsi_add_notunderstood_response function
  in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target
  subsystem in the Linux kernel through 3.9.4 allows remote attackers to
  cause a denial of service (memory corruption and OOPS) or possibly execute
  arbitrary code via a long key that is not properly handled during
  construction of an error-response packet.
  A reproduction case requires patching open-iscsi to send overly large
  keys. Performing discovery in a loop will Oops the remote server.
  (CVE-2013-2850)
  
  Format string vulnerability in the b43_request_firmware function in
  drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in
  the Linux kernel through 3.9.4 allows local users to gain privileges by
  leveraging root access and including format string specifiers in an
  fwpostfix modprobe parameter, leading to improper construction of an
  error message. (CVE-2013-2852)
  
  Other fixes:
  Fix up alx AR8161 breakage (mga #10079)
  
  For other -stable fixes, read the referenced changelogs
references:
 - https://bugs.mageia.org/show_bug.cgi?id=10655
 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46
 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47
 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48
 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49
 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50
 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51
1	type: security
2	subject: Updated kernel-vserver package fixes security issues
3	CVE:
4	- CVE-2013-0231
5	- CVE-2013-2850
6	- CVE-2013-2852
7	src:
8	2:
9	core:
10	- kernel-vserver-3.4.51-1.mga2
11	description: \|
12	The pciback_enable_msi function in the PCI backend driver
13	(drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux
14	kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to
15	cause a denial of service via a large number of kernel log messages.
16	(CVE-2013-0231 / XSA-43)
17
18	Heap-based buffer overflow in the iscsi_add_notunderstood_response function
19	in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target
20	subsystem in the Linux kernel through 3.9.4 allows remote attackers to
21	cause a denial of service (memory corruption and OOPS) or possibly execute
22	arbitrary code via a long key that is not properly handled during
23	construction of an error-response packet.
24	A reproduction case requires patching open-iscsi to send overly large
25	keys. Performing discovery in a loop will Oops the remote server.
26	(CVE-2013-2850)
27
28	Format string vulnerability in the b43_request_firmware function in
29	drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in
30	the Linux kernel through 3.9.4 allows local users to gain privileges by
31	leveraging root access and including format string specifiers in an
32	fwpostfix modprobe parameter, leading to improper construction of an
33	error message. (CVE-2013-2852)
34
35	Other fixes:
36	Fix up alx AR8161 breakage (mga #10079)
37
38	For other -stable fixes, read the referenced changelogs
39	references:
40	- https://bugs.mageia.org/show_bug.cgi?id=10655
41	- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.46
42	- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.47
43	- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.48
44	- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.49
45	- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.50
46	- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.51