- Home
- CVEs with nessus.description==Updated+kernel+packages+that+fix+one+security+issue+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+5.9+Extended+Update+Support.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+moderate+security+impact.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+from+the+CVE+link+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+An+information+leak+flaw+was+found+in+the+way+the+Linux+kernel%27s+device+mapper+subsystem%2C+under+certain+conditions%2C+interpreted+data+written+to+snapshot+block+devices.+An+attacker+could+use+this+flaw+to+read+data+from+disk+blocks+in+free+space%2C+which+are+normally+inaccessible.+%28CVE-2013-4299%2C+Moderate%29%0A%0ARed+Hat+would+like+to+thank+Fujitsu+for+reporting+this+issue.%0A%0AThis+update+also+fixes+the+following+bugs+%3A%0A%0A%2A+A+previous+fix+to+the+kernel+did+not+contain+a+memory+barrier+in+the+percpu_up_write%28%29+function.+Consequently%2C+under+certain+circumstances%2C+a+race+condition+could+occur%2C+leading+to+memory+corruption+and+a+subsequent+kernel+panic.+This+update+introduces+a+new+memory+barrier+pair%2C+light_mb%28%29+and+heavy_mb%28%29%2C+for+per-CPU+basis+read+and+write+semaphores+%28percpu-rw-semaphores%29+ensuring+that+the+race+condition+can+no+longer+occur.+In+addition%2C+the+read+path+performance+of+%27percpu-rw-semaphores%27+has+been+improved.+%28BZ%23884735%29%0A%0A%2A+Due+to+several+related+bugs+in+the+be2net+driver%2C+the+driver+did+not+handle+firmware+manipulation+of+the+network+cards+using+the+Emulex+XE201+I%2FO+controller+properly.+As+a+consequence%2C+these+NICs+could+not+recover+from+an+error+successfully.+A+series+of+patches+has+been+applied+that+fix+the+initialization+sequence%2C+and+firmware+download+and+activation+for+the+XE201+controller.+Error+recovery+now+works+as+expected+for+the+be2net+NICs+using+the+Emulex+XE201+I+%2FO+controller.%0A%28BZ%231019892%29%0A%0A%2A+A+bug+in+the+be2net+driver+could+cause+packet+corruption+when+handling+VLAN-tagged+packets+with+no+assigned+VLAN+group.+This+happened+because+the+be2net+driver+called+a+function+responsible+for+VLAN+tag+reinsertion+in+a+wrong+order+in+the+code.+The+code+has+been+restructured+and+the+be2net+driver+now+calls+the+__vlan_put_tag%28%29+function+correctly%2C+thus+avoiding+the+packet+corruption.+%28BZ%231019893%29%0A%0A%2A+A+previous+patch+to+the+kernel+introduced+the+%27VLAN+tag+re-insertion%27+workaround+to+resolve+a+problem+with+incorrectly+handled+VLAN-tagged+packets+with+no+assigned+VLAN+group+while+the+be2net+driver+was+in+promiscuous+mode.+However%2C+this+solution+led+to+packet+corruption+and+a+subsequent+kernel+oops+if+such+a+processed+packet+was+a+GRO+packet.+Therefore%2C+a+patch+has+been+applied+to+restrict+VLAN+tag+re-insertion+only+to+non-GRO+packets.+The+be2net+driver+now+processes+VLAN-tagged+packets+with+no+assigned+VLAN+group+correctly+in+this+situation.+%28BZ%231023347%29%0A%0AAll+kernel+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top