Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2013:1801-1 Issue Date: 2013-12-12 CVE Numbers: CVE-2013-2141 CVE-2013-4470 CVE-2013-6367 CVE-2013-6368 -- * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload (UFO) feature was enabled on the output device. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-4470, Important) * A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's Local Advanced Programmable Interrupt Controller (LAPIC) implementation. A privileged guest user could use this flaw to crash the host. (CVE-2013-6367, Important) * A memory corruption flaw was discovered in the way KVM handled virtual APIC accesses that crossed a page boundary. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6368, Important) * An information leak flaw in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user space. (CVE-2013-2141, Low) This update also fixes several bugs and adds two enhancements. The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-431.1.2.el6.x86_64.rpm kernel-debug-2.6.32-431.1.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.1.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.1.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.1.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.1.2.el6.x86_64.rpm kernel-devel-2.6.32-431.1.2.el6.x86_64.rpm kernel-headers-2.6.32-431.1.2.el6.x86_64.rpm perf-2.6.32-431.1.2.el6.x86_64.rpm perf-debuginfo-2.6.32-431.1.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.1.2.el6.x86_64.rpm python-perf-2.6.32-431.1.2.el6.x86_64.rpm i386 kernel-2.6.32-431.1.2.el6.i686.rpm kernel-debug-2.6.32-431.1.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.1.2.el6.i686.rpm kernel-debug-devel-2.6.32-431.1.2.el6.i686.rpm kernel-debuginfo-2.6.32-431.1.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.1.2.el6.i686.rpm kernel-devel-2.6.32-431.1.2.el6.i686.rpm kernel-headers-2.6.32-431.1.2.el6.i686.rpm perf-2.6.32-431.1.2.el6.i686.rpm perf-debuginfo-2.6.32-431.1.2.el6.i686.rpm python-perf-debuginfo-2.6.32-431.1.2.el6.i686.rpm python-perf-2.6.32-431.1.2.el6.i686.rpm noarch kernel-abi-whitelists-2.6.32-431.1.2.el6.noarch.rpm kernel-doc-2.6.32-431.1.2.el6.noarch.rpm kernel-firmware-2.6.32-431.1.2.el6.noarch.rpm - Scientific Linux Development Team