[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2013-1801 -- Oracle kernel

ID: oval:org.secpod.oval:def:1500331Date: (C)2014-01-13   (M)2024-02-19
Class: PATCHFamily: unix




Updated kernel packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload feature was enabled on the output device. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges on the system. * A divide-by-zero flaw was found in the apic_get_tmcct function in KVM's Local Advanced Programmable Interrupt Controller implementation. A privileged guest user could use this flaw to crash the host. * A memory corruption flaw was discovered in the way KVM handled virtual APIC accesses that crossed a page boundary. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. * An information leak flaw in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user space. Red Hat would like to thank Hannes Frederic Sowa for reporting CVE-2013-4470, and Andrew Honig of Google for reporting CVE-2013-6367 and CVE-2013-6368. This update also fixes several bugs and adds two enhancements. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. The system must be rebooted for this update to take effect.

Platform:
Oracle Linux 6
Product:
kernel
perf
python-perf
Reference:
ELSA-2013-1801
CVE-2013-6368
CVE-2013-6367
CVE-2013-4470
CVE-2013-2141
CVE    4
CVE-2013-2141
CVE-2013-6368
CVE-2013-6367
CVE-2013-4470
...
CPE    313
cpe:/o:linux:linux_kernel:3.0.40
cpe:/o:linux:linux_kernel:3.1.10
cpe:/o:linux:linux_kernel:3.0.42
cpe:/o:linux:linux_kernel:3.0.41
...

© SecPod Technologies