ELSA-2013-2504 -- Oracle kernel-uek, ofa and mlnx_enID: oval:org.secpod.oval:def:1500048 | Date: (C)2013-03-20 (M)2023-12-07 |
Class: PATCH | Family: unix |
An updated kernel-uek package that fixes one security issue and multiple bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel-uek is main component of an operating system. This security update re-applies the fix for CVE-2012-4530 issue, Execution of a carefully crafted sequence of scripts could allow an unprivileged user to leak kernel stack information to userspace. CVE-2013-0190 issue, A malicious guest can cause a memory leak in the host networking stack by sending malformed requests to the Xen backend driver, leading to a kernel panic. All users of kernel-uek are advised to upgrade to these updated packages, which contain back ported patches to correct these issues.
Product: |
kernel-uek |
ofa |
mlnx_en |