Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2014:0159-1 Issue Date: 2014-02-11 CVE Numbers: CVE-2013-2929 CVE-2013-6381 CVE-2013-7263 CVE-2013-7265 -- * A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6381, Important) * A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. (CVE-2013-2929, Low) * It was found that certain protocol handlers in the Linux kernel's networking implementation could set the addr_len value without initializing the associated data structure. A local, unprivileged user could use this flaw to leak kernel stack memory to user space using the recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low). The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-431.5.1.el6.x86_64.rpm kernel-debug-2.6.32-431.5.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.5.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.5.1.el6.x86_64.rpm kernel-devel-2.6.32-431.5.1.el6.x86_64.rpm kernel-headers-2.6.32-431.5.1.el6.x86_64.rpm perf-2.6.32-431.5.1.el6.x86_64.rpm perf-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.5.1.el6.x86_64.rpm python-perf-2.6.32-431.5.1.el6.x86_64.rpm i386 kernel-2.6.32-431.5.1.el6.i686.rpm kernel-debug-2.6.32-431.5.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.5.1.el6.i686.rpm kernel-debug-devel-2.6.32-431.5.1.el6.i686.rpm kernel-debuginfo-2.6.32-431.5.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.5.1.el6.i686.rpm kernel-devel-2.6.32-431.5.1.el6.i686.rpm kernel-headers-2.6.32-431.5.1.el6.i686.rpm perf-2.6.32-431.5.1.el6.i686.rpm perf-debuginfo-2.6.32-431.5.1.el6.i686.rpm python-perf-debuginfo-2.6.32-431.5.1.el6.i686.rpm python-perf-2.6.32-431.5.1.el6.i686.rpm noarch kernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpm kernel-doc-2.6.32-431.5.1.el6.noarch.rpm kernel-firmware-2.6.32-431.5.1.el6.noarch.rpm - Scientific Linux Development Team