SCIENTIFIC-LINUX-USERS Archives

January 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Security ERRATA Important: kernel on SL6.x i386/srpm/x86_64
From:
Phil Wyett <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 28 Jan 2015 17:58:20 +0000
Content-Type:
multipart/signed
Parts/Attachments:
text/plain (3343 bytes) , signature.asc (851 bytes) 
On Wed, 2015-01-28 at 15:41 +0000, Pat Riehecky wrote:
> Synopsis:          Important: kernel security and bug fix update
> Advisory ID:       SLSA-2015:0087-1
> Issue Date:        2015-01-27
> CVE Numbers:       CVE-2014-7841
>                    CVE-2014-4656
> --
> 
> * A flaw was found in the way the Linux kernel's SCTP implementation
> validated INIT chunks when performing Address Configuration Change
> (ASCONF). A remote attacker could use this flaw to crash the system by
> sending a specially crafted SCTP packet to trigger a NULL pointer
> dereference on the system. (CVE-2014-7841, Important)
> 
> * An integer overflow flaw was found in the way the Linux kernel's
> Advanced Linux Sound Architecture (ALSA) implementation handled user
> controls. A local, privileged user could use this flaw to crash the
> system. (CVE-2014-4656, Moderate)
> 
> The system must be rebooted for this update to take effect.
> --
> 
> SL6
>   x86_64
>     kernel-devel-2.6.32-504.8.1.el6.x86_64.rpm
>     python-perf-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debug-devel-2.6.32-504.8.1.el6.x86_64.rpm
>     perf-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debug-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-headers-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debug-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debuginfo-common-x86_64-2.6.32-504.8.1.el6.x86_64.rpm
>     perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     python-perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>   i386
>     kernel-2.6.32-504.8.1.el6.i686.rpm
>     kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
>     perf-2.6.32-504.8.1.el6.i686.rpm
>     kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-debug-2.6.32-504.8.1.el6.i686.rpm
>     kernel-headers-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm
>     kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-devel-2.6.32-504.8.1.el6.i686.rpm
>     python-perf-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debug-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debuginfo-common-i686-2.6.32-504.8.1.el6.i686.rpm
>     perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     python-perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>   srpm
>     kernel-2.6.32-504.8.1.el6.src.rpm
>   noarch
>     perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debuginfo-common-i686-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debug-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debuginfo-common-x86_64-2.6.32-504.8.1.el6.x86_64.rpm
>     python-perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     python-perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
>     kernel-debug-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
>     kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
>     kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
> 
> - Scientific Linux Development Team

An FYI. This update fixes all issues with webcams I have had across
multiple systems.

Regards

Phil

ATOM RSS1 RSS2