- Home
- CVEs with nessus.description==From+Red+Hat+Security+Advisory+2012%3A1540+%3A%0A%0AUpdated+kernel+packages+that+fix+multiple+security+issues%2C+two+bugs%2C+and+add+two+enhancements+are+now+available+for+Red+Hat+Enterprise+Linux+5.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThese+packages+contain+the+Linux+kernel.%0A%0ASecurity+fixes+%3A%0A%0A%2A+A+race+condition+in+the+way+asynchronous+I%2FO+and+fallocate%28%29+interacted+when+using+ext4+could+allow+a+local%2C+unprivileged+user+to+obtain+random+data+from+a+deleted+file.+%28CVE-2012-4508%2C+Important%29%0A%0A%2A+A+flaw+in+the+way+the+Xen+hypervisor+implementation+range+checked+guest+provided+addresses+in+the+XENMEM_exchange+hypercall+could+allow+a+malicious%2C+para-virtualized+guest+administrator+to+crash+the+hypervisor+or%2C+potentially%2C+escalate+their+privileges%2C+allowing+them+to+execute+arbitrary+code+at+the+hypervisor+level.+%28CVE-2012-5513%2C+Important%29%0A%0A%2A+A+flaw+in+the+Reliable+Datagram+Sockets+%28RDS%29+protocol+implementation+could+allow+a+local%2C+unprivileged+user+to+cause+a+denial+of+service.+%28CVE-2012-2372%2C+Moderate%29%0A%0A%2A+A+race+condition+in+the+way+access+to+inet-%3Eopt+ip_options+was+synchronized+in+the+Linux+kernel%27s+TCP%2FIP+protocol+suite+implementation.+Depending+on+the+network+facing+applications+running+on+the+system%2C+a+remote+attacker+could+possibly+trigger+this+flaw+to+cause+a+denial+of+service.+A+local%2C+unprivileged+user+could+use+this+flaw+to+cause+a+denial+of+service+regardless+of+the+applications+the+system+runs.+%28CVE-2012-3552%2C+Moderate%29%0A%0A%2A+The+Xen+hypervisor+implementation+did+not+properly+restrict+the+period+values+used+to+initialize+per+VCPU+periodic+timers.+A+privileged+guest+user+could+cause+an+infinite+loop+on+the+physical+CPU.+If+the+watchdog+were+enabled%2C+it+would+detect+said+loop+and+panic+the+host+system.+%28CVE-2012-4535%2C+Moderate%29%0A%0A%2A+A+flaw+in+the+way+the+Xen+hypervisor+implementation+handled+set_p2m_entry%28%29+error+conditions+could+allow+a+privileged%2C+fully-virtualized+guest+user+to+crash+the+hypervisor.+%28CVE-2012-4537%2C+Moderate%29%0A%0ARed+Hat+would+like+to+thank+Theodore+Ts%27o+for+reporting+CVE-2012-4508%3B%0Athe+Xen+project+for+reporting+CVE-2012-5513%2C+CVE-2012-4535%2C+and+CVE-2012-4537%3B+and+Hafid+Lin+for+reporting+CVE-2012-3552.+Upstream+acknowledges+Dmitry+Monakhov+as+the+original+reporter+of+CVE-2012-4508.+CVE-2012-2372+was+discovered+by+Li+Honggang+of+Red+Hat.%0A%0ABug+fixes+%3A%0A%0A%2A+Previously%2C+the+interrupt+handlers+of+the+qla2xxx+driver+could+clear+pending+interrupts+right+after+the+IRQ+lines+were+attached+during+system+start-up.+Consequently%2C+the+kernel+could+miss+the+interrupt+that+reported+completion+of+the+link+initialization%2C+and+the+qla2xxx+driver+then+failed+to+detect+all+attached+LUNs.+With+this+update%2C+the+qla2xxx+driver+has+been+modified+to+no+longer+clear+interrupt+bits+after+attaching+the+IRQ+lines.+The+driver+now+correctly+detects+all+attached+LUNs+as+expected.+%28BZ%23870118%29%0A%0A%2A+The+Ethernet+channel+bonding+driver+reported+the+MII+%28Media+Independent+Interface%29+status+of+the+bond+interface+in+802.3ad+mode+as+being+up+even+though+the+MII+status+of+all+of+the+slave+devices+was+down.+This+could+pose+a+problem+if+the+MII+status+of+the+bond+interface+was+used+to+determine+if+failover+should+occur.+With+this+update%2C+the+agg_device_up%28%29+function+has+been+added+to+the+bonding+driver%2C+which+allows+the+driver+to+report+the+link+status+of+the+bond+interface+correctly%2C+that+is%2C+down+when+all+of+its+slaves+are+down%2C+in+the+802.3ad+mode.+%28BZ%23877943%29%0A%0AEnhancements+%3A%0A%0A%2A+This+update+backports+several+changes+from+the+latest+upstream+version+of+the+bnx2x+driver.+The+most+important+change%2C+the+remote-fault+link+detection+feature%2C+allows+the+driver+to+periodically+scan+the+physical+link+layer+for+remote+faults.+If+the+physical+link+appears+to+be+up+and+a+fault+is+detected%2C+the+driver+indicates+that+the+link+is+down.+When+the+fault+is+cleared%2C+the+driver+indicates+that+the+link+is+up+again.+%28BZ%23870120%29%0A%0A%2A+The+INET+socket+interface+has+been+modified+to+send+a+warning+message+when+the+ip_options+structure+is+allocated+directly+by+a+third-party+module+using+the+kmalloc%28%29+function.+%28BZ%23874973%29%0A%0AUsers+should+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues+and+add+these+enhancements.%0AThe+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top