1 |
type: security |
2 |
subject: Updated kernel-linus package fixes multiple security vulnerabilities |
3 |
CVE: |
4 |
- CVE-2013-0231 |
5 |
- CVE-2013-2850 |
6 |
- CVE-2013-2852 |
7 |
src: |
8 |
3: |
9 |
core: |
10 |
- kernel-linus-3.8.13.4-2.mga3 |
11 |
description: | |
12 |
This kernel-linus update provides the extended stable 3.8.13.4 kernel and |
13 |
fixes the follwing security issues: |
14 |
|
15 |
The pciback_enable_msi function in the PCI backend driver |
16 |
(drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux |
17 |
kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to |
18 |
cause a denial of service via a large number of kernel log messages. |
19 |
(CVE-2013-0231 / XSA-43) |
20 |
|
21 |
Heap-based buffer overflow in the iscsi_add_notunderstood_response function |
22 |
in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target |
23 |
subsystem in the Linux kernel through 3.9.4 allows remote attackers to |
24 |
cause a denial of service (memory corruption and OOPS) or possibly execute |
25 |
arbitrary code via a long key that is not properly handled during |
26 |
construction of an error-response packet. |
27 |
A reproduction case requires patching open-iscsi to send overly large |
28 |
keys. Performing discovery in a loop will Oops the remote server. |
29 |
(CVE-2013-2850) |
30 |
|
31 |
Format string vulnerability in the b43_request_firmware function in |
32 |
drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in |
33 |
the Linux kernel through 3.9.4 allows local users to gain privileges by |
34 |
leveraging root access and including format string specifiers in an |
35 |
fwpostfix modprobe parameter, leading to improper construction of an |
36 |
error message. (CVE-2013-2852) |
37 |
|
38 |
Other fixes: |
39 |
- enable support for more touchscreens |
40 |
- enable X86_X2APIC, X86_REROUTE_FOR_BROKEN_BOOT_IRQS, FHANDLE |
41 |
- disable COMPAT_VDSO (not needed since glibc-2.3.3) |
42 |
|
43 |
For other fixes in the extended stable update, see the referenced shortlog |
44 |
references: |
45 |
- http://kernel.ubuntu.com/git?p=ubuntu/linux.git;h=refs/heads/linux-3.8.y;a=shortlog |
46 |
- https://bugs.mageia.org/show_bug.cgi?id=10698 |
47 |
ID: MGASA-2013-0214 |