The following package has been added to resolve an issue with dependencies:
SL6
x86_64
kmod-openafs-1.6.2-5.SL64.el6.noarch.rpm
i386
kmod-openafs-1.6.2-5.SL64.el6.noarch.rpm
On 04/24/2013 09:05 AM, Pat Riehecky wrote:
> Synopsis: Important: kernel security and bug fix update
> Advisory ID: SLSA-2013:0744-1
> Issue Date: 2013-04-23
> CVE Numbers: CVE-2013-0349
> CVE-2013-1767
> CVE-2013-1773
> CVE-2013-1774
> CVE-2013-1792
> CVE-2013-1796
> CVE-2013-1797
> CVE-2013-1798
> CVE-2013-1827
> CVE-2013-1826
> CVE-2013-0913
> CVE-2012-6547
> CVE-2012-6546
> CVE-2012-6537
> --
>
> * An integer overflow flaw, leading to a heap-based buffer overflow, was
> found in the way the Intel i915 driver in the Linux kernel handled the
> allocation of the buffer used for relocation copies. A local user with
> console access could use this flaw to cause a denial of service or
> escalate their privileges. (CVE-2013-0913, Important)
>
> * A buffer overflow flaw was found in the way UTF-8 characters were
> converted to UTF-16 in the utf8s_to_utf16s() function of the Linux
> kernel's FAT file system implementation. A local user able to mount a FAT
> file system with the "utf8=1" option could use this flaw to crash the
> system or, potentially, to escalate their privileges. (CVE-2013-1773,
> Important)
>
> * A flaw was found in the way KVM handled guest time updates when the
> buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine
> state register (MSR) crossed a page boundary. A privileged guest user
> could use this flaw to crash the host or, potentially, escalate their
> privileges, allowing them to execute arbitrary code at the host kernel
> level. (CVE-2013-1796, Important)
>
> * A potential use-after-free flaw was found in the way KVM handled guest
> time updates when the GPA (guest physical address) the guest registered by
> writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into
> a movable or removable memory region of the hosting user-space process (by
> default, QEMU-KVM) on the host. If that memory region is deregistered from
> KVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory
> reused, a privileged guest user could potentially use this flaw to
> escalate their privileges on the host. (CVE-2013-1797, Important)
>
> * A flaw was found in the way KVM emulated IOAPIC (I/O Advanced
> Programmable Interrupt Controller). A missing validation check in the
> ioapic_read_indirect() function could allow a privileged guest user to
> crash the host, or read a substantial portion of host kernel memory.
> (CVE-2013-1798, Important)
>
> * A race condition in install_user_keyrings(), leading to a NULL pointer
> dereference, was found in the key management facility. A local,
> unprivileged user could use this flaw to cause a denial of service.
> (CVE-2013-1792, Moderate)
>
> * A NULL pointer dereference in the XFRM implementation could allow a
> local user who has the CAP_NET_ADMIN capability to cause a denial of
> service. (CVE-2013-1826, Moderate)
>
> * A NULL pointer dereference in the Datagram Congestion Control Protocol
> (DCCP) implementation could allow a local user to cause a denial of
> service. (CVE-2013-1827, Moderate)
>
> * Information leak flaws in the XFRM implementation could allow a local
> user who has the CAP_NET_ADMIN capability to leak kernel stack memory to
> user-space. (CVE-2012-6537, Low)
>
> * Two information leak flaws in the Asynchronous Transfer Mode (ATM)
> subsystem could allow a local, unprivileged user to leak kernel stack
> memory to user-space. (CVE-2012-6546, Low)
>
> * An information leak was found in the TUN/TAP device driver in the
> networking implementation. A local user with access to a TUN/TAP virtual
> interface could use this flaw to leak kernel stack memory to user-space.
> (CVE-2012-6547, Low)
>
> * An information leak in the Bluetooth implementation could allow a local
> user who has the CAP_NET_ADMIN capability to leak kernel stack memory to
> user-space. (CVE-2013-0349, Low)
>
> * A use-after-free flaw was found in the tmpfs implementation. A local
> user able to mount and unmount a tmpfs file system could use this flaw to
> cause a denial of service or, potentially, escalate their privileges.
> (CVE-2013-1767, Low)
>
> * A NULL pointer dereference was found in the Linux kernel's USB Inside
> Out Edgeport Serial Driver implementation. An attacker with physical
> access to a system could use this flaw to cause a denial of service.
> (CVE-2013-1774, Low)
> --
>
> SL6
> x86_64
> kernel-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-debug-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-debug-debuginfo-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-debug-devel-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-debuginfo-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-debuginfo-common-x86_64-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-devel-2.6.32-358.6.1.el6.x86_64.rpm
> kernel-headers-2.6.32-358.6.1.el6.x86_64.rpm
> perf-2.6.32-358.6.1.el6.x86_64.rpm
> perf-debuginfo-2.6.32-358.6.1.el6.x86_64.rpm
> python-perf-debuginfo-2.6.32-358.6.1.el6.x86_64.rpm
> python-perf-2.6.32-358.6.1.el6.x86_64.rpm
> i386
> kernel-2.6.32-358.6.1.el6.i686.rpm
> kernel-debug-2.6.32-358.6.1.el6.i686.rpm
> kernel-debug-debuginfo-2.6.32-358.6.1.el6.i686.rpm
> kernel-debug-devel-2.6.32-358.6.1.el6.i686.rpm
> kernel-debuginfo-2.6.32-358.6.1.el6.i686.rpm
> kernel-debuginfo-common-i686-2.6.32-358.6.1.el6.i686.rpm
> kernel-devel-2.6.32-358.6.1.el6.i686.rpm
> kernel-headers-2.6.32-358.6.1.el6.i686.rpm
> perf-2.6.32-358.6.1.el6.i686.rpm
> perf-debuginfo-2.6.32-358.6.1.el6.i686.rpm
> python-perf-debuginfo-2.6.32-358.6.1.el6.i686.rpm
> python-perf-2.6.32-358.6.1.el6.i686.rpm
> noarch
> kernel-doc-2.6.32-358.6.1.el6.noarch.rpm
> kernel-firmware-2.6.32-358.6.1.el6.noarch.rpm
>
> - Scientific Linux Development Team
--
Pat Riehecky
Scientific Linux developer
http://www.scientificlinux.org/
|
