- Home
- CVEs with nessus.description==Updated+kernel+packages+that+fix+multiple+security+issues+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+6.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+Important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel+handled+GS+segment+register+base+switching+when+recovering+from+a+%23SS+%28stack+segment%29+fault+on+an+erroneous+return+to+user+space.+A+local%2C+unprivileged+user+could+use+this+flaw+to+escalate+their+privileges+on+the+system.%0A%28CVE-2014-9322%2C+Important%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+SCTP+implementation+handled+malformed+or+duplicate+Address+Configuration+Change+Chunks+%28ASCONF%29.+A+remote+attacker+could+use+either+of+these+flaws+to+crash+the+system.+%28CVE-2014-3673%2C+CVE-2014-3687%2C+Important%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+SCTP+implementation+handled+the+association%27s+output+queue.+A+remote+attacker+could+send+specially+crafted+packets+that+would+cause+the+system+to+use+an+excessive+amount+of+memory%2C+leading+to+a+denial+of+service.%0A%28CVE-2014-3688%2C+Important%29%0A%0A%2A+A+stack+overflow+flaw+caused+by+infinite+recursion+was+found+in+the+way+the+Linux+kernel%27s+UDF+file+system+implementation+processed+indirect+ICBs.+An+attacker+with+physical+access+to+the+system+could+use+a+specially+crafted+UDF+image+to+crash+the+system.+%28CVE-2014-6410%2C+Low%29%0A%0A%2A+It+was+found+that+the+Linux+kernel%27s+networking+implementation+did+not+correctly+handle+the+setting+of+the+keepalive+socket+option+on+raw+sockets.+A+local+user+able+to+create+a+raw+socket+could+use+this+flaw+to+crash+the+system.+%28CVE-2012-6657%2C+Low%29%0A%0A%2A+It+was+found+that+the+parse_rock_ridge_inode_internal%28%29+function+of+the+Linux+kernel%27s+ISOFS+implementation+did+not+correctly+check+relocated+directories+when+processing+Rock+Ridge+child+link+%28CL%29+tags.%0AAn+attacker+with+physical+access+to+the+system+could+use+a+specially+crafted+ISO+image+to+crash+the+system+or%2C+potentially%2C+escalate+their+privileges+on+the+system.+%28CVE-2014-5471%2C+CVE-2014-5472%2C+Low%29%0A%0ARed+Hat+would+like+to+thank+Andy+Lutomirski+for+reporting+CVE-2014-9322.+The+CVE-2014-3673+issue+was+discovered+by+Liu+Wei+of+Red+Hat.%0A%0ABug+fixes+%3A%0A%0A%2A+This+update+fixes+a+race+condition+issue+between+the+sock_queue_err_skb+function+and+sk_forward_alloc+handling+in+the+socket+error+queue+%28MSG_ERRQUEUE%29%2C+which+could+occasionally+cause+the+kernel%2C+for+example+when+using+PTP%2C+to+incorrectly+track+allocated+memory+for+the+error+queue%2C+in+which+case+a+traceback+would+occur+in+the+system+log.+%28BZ%231155427%29%0A%0A%2A+The+zcrypt+device+driver+did+not+detect+certain+crypto+cards+and+the+related+domains+for+crypto+adapters+on+System+z+and+s390x+architectures.+Consequently%2C+it+was+not+possible+to+run+the+system+on+new+crypto+hardware.+This+update+enables+toleration+mode+for+such+devices+so+that+the+system+can+make+use+of+newer+crypto+hardware.%0A%28BZ%231158311%29%0A%0A%2A+After+mounting+and+unmounting+an+XFS+file+system+several+times+consecutively%2C+the+umount+command+occasionally+became+unresponsive.%0AThis+was+caused+by+the+xlog_cil_force_lsn%28%29+function+that+was+not+waiting+for+completion+as+expected.+With+this+update%2C+xlog_cil_force_lsn%28%29+has+been+modified+to+correctly+wait+for+completion%2C+thus+fixing+this+bug.+%28BZ%231158325%29%0A%0A%2A+When+using+the+ixgbe+adapter+with+disabled+LRO+and+the+tx-usec+or+rs-usec+variables+set+to+0%2C+transmit+interrupts+could+not+be+set+lower+than+the+default+of+8+buffered+tx+frames.+Consequently%2C+a+delay+of+TCP+transfer+occurred.+The+restriction+of+a+minimum+of+8+buffered+frames+has+been+removed%2C+and+the+TCP+delay+no+longer+occurs.+%28BZ%231158326%29%0A%0A%2A+The+offb+driver+has+been+updated+for+the+QEMU+standard+VGA+adapter%2C+fixing+an+incorrect+displaying+of+colors+issue.+%28BZ%231158328%29%0A%0A%2A+Under+certain+circumstances%2C+when+a+discovered+MTU+expired%2C+the+IPv6+connection+became+unavailable+for+a+short+period+of+time.+This+bug+has+been+fixed%2C+and+the+connection+now+works+as+expected.+%28BZ%231161418%29%0A%0A%2A+A+low+throughput+occurred+when+using+the+dm-thin+driver+to+write+to+unprovisioned+or+shared+chunks+for+a+thin+pool+with+the+chunk+size+bigger+than+the+max_sectors_kb+variable.+%28BZ%231161420%29%0A%0A%2A+Large+write+workloads+on+thin+LVs+could+cause+the+iozone+and+smallfile+utilities+to+terminate+unexpectedly.+%28BZ%231161421%29
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top