- Home
- CVEs with nessus.description==Updated+kernel+packages+that+fix+multiple+security+issues+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+6.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+moderate+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0AThis+update+fixes+the+following+security+issues+%3A%0A%0A%2A+An+integer+overflow+flaw+was+found+in+the+i915_gem_do_execbuffer%28%29+function+in+the+Intel+i915+driver+in+the+Linux+kernel.+A+local%2C+unprivileged+user+could+use+this+flaw+to+cause+a+denial+of+service.%0AThis+issue+only+affected+32-bit+systems.+%28CVE-2012-2384%2C+Moderate%29%0A%0A%2A+A+memory+leak+flaw+was+found+in+the+way+the+Linux+kernel%27s+memory+subsystem+handled+resource+clean+up+in+the+mmap%28%29+failure+path+when+the+MAP_HUGETLB+flag+was+set.+A+local%2C+unprivileged+user+could+use+this+flaw+to+cause+a+denial+of+service.+%28CVE-2012-2390%2C+Moderate%29%0A%0A%2A+A+race+condition+was+found+in+the+way+access+to+inet-%3Eopt+ip_options+was+synchronized+in+the+Linux+kernel%27s+TCP%2FIP+protocol+suite+implementation.+Depending+on+the+network+facing+applications+running+on+the+system%2C+a+remote+attacker+could+possibly+trigger+this+flaw+to+cause+a+denial+of+service.+A+local%2C+unprivileged+user+could+use+this+flaw+to+cause+a+denial+of+service+regardless+of+the+applications+the+system+runs.+%28CVE-2012-3552%2C+Moderate%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+dl2k+driver%2C+used+by+certain+D-Link+Gigabit+Ethernet+adapters%2C+restricted+IOCTLs.+A+local%2C+unprivileged+user+could+use+this+flaw+to+issue+potentially+harmful+IOCTLs%2C+which+could+cause+Ethernet+adapters+using+the+dl2k+driver+to+malfunction+%28for+example%2C+losing+network+connectivity%29.%0A%28CVE-2012-2313%2C+Low%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+msg_namelen+variable+in+the+rds_recvmsg%28%29+function+of+the+Linux+kernel%27s+Reliable+Datagram+Sockets+%28RDS%29+protocol+implementation+was+initialized.+A+local%2C+unprivileged+user+could+use+this+flaw+to+leak+kernel+stack+memory+to+user-space.%0A%28CVE-2012-3430%2C+Low%29%0A%0ARed+Hat+would+like+to+thank+Hafid+Lin+for+reporting+CVE-2012-3552%2C+and+Stephan+Mueller+for+reporting+CVE-2012-2313.+The+CVE-2012-3430+issue+was+discovered+by+the+Red+Hat+InfiniBand+team.%0A%0AThis+update+also+fixes+several+bugs.+Documentation+for+these+changes+will+be+available+shortly+from+the+Technical+Notes+document+linked+to+in+the+References+section.%0A%0AUsers+should+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues%2C+and+fix+the+bugs+noted+in+the+Technical+Notes.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top