- Home
- CVEs with nessus.description==Updated+kernel+packages+that+fix+three+security+issues+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+6.3+Extended+Update+Support.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+It+was+found+that+the+fix+for+CVE-2012-3552+released+via+RHSA-2012%3A1540+introduced+an+invalid+free+flaw+in+the+Linux+kernel%27s+TCP%2FIP+protocol+suite+implementation.+A+local%2C+unprivileged+user+could+use+this+flaw+to+corrupt+kernel+memory+via+crafted+sendmsg%28%29+calls%2C+allowing+them+to+cause+a+denial+of+service+or%2C+potentially%2C+escalate+their+privileges+on+the+system.+%28CVE-2013-2224%2C+Important%29%0A%0A%2A+An+information+leak+flaw+was+found+in+the+way+Linux+kernel%27s+device+mapper+subsystem%2C+under+certain+conditions%2C+interpreted+data+written+to+snapshot+block+devices.+An+attacker+could+use+this+flaw+to+read+data+from+disk+blocks+in+free+space%2C+which+are+normally+inaccessible.%0A%28CVE-2013-4299%2C+Moderate%29%0A%0A%2A+A+format+string+flaw+was+found+in+the+b43_do_request_fw%28%29+function+in+the+Linux+kernel%27s+b43+driver+implementation.+A+local+user+who+is+able+to+specify+the+%27fwpostfix%27+b43+module+parameter+could+use+this+flaw+to+cause+a+denial+of+service+or%2C+potentially%2C+escalate+their+privileges.+%28CVE-2013-2852%2C+Low%29%0A%0ARed+Hat+would+like+to+thank+Fujitsu+for+reporting+CVE-2013-4299%2C+and+Kees+Cook+for+reporting+CVE-2013-2852.%0A%0AThis+update+also+fixes+the+following+bugs+%3A%0A%0A%2A+An+insufficiently+designed+calculation+in+the+CPU+accelerator+could+cause+an+arithmetic+overflow+in+the+set_cyc2ns_scale%28%29+function+if+the+system+uptime+exceeded+208+days+prior+to+using+kexec+to+boot+into+a+new+kernel.+This+overflow+led+to+a+kernel+panic+on+the+systems+using+the+Time+Stamp+Counter+%28TSC%29+clock+source%2C+primarily+the+systems+using+Intel+Xeon+E5+processors+that+do+not+reset+TSC+on+soft+power+cycles.+A+patch+has+been+applied+to+modify+the+calculation+so+that+this+arithmetic+overflow+and+kernel+panic+can+no+longer+occur+under+these+circumstances.+%28BZ%231004185%29%0A%0A%2A+A+race+condition+in+the+abort+task+and+SPP+device+task+management+path+of+the+isci+driver+could%2C+under+certain+circumstances%2C+cause+the+driver+to+fail+cleaning+up+timed-out+I%2FO+requests+that+were+pending+on+an+SAS+disk+device.+As+a+consequence%2C+the+kernel+removed+such+a+device+from+the+system.+A+patch+applied+to+the+isci+driver+fixes+this+problem+by+sending+the+task+management+function+request+to+the+SAS+drive+anytime+the+abort+function+is+entered+and+the+task+has+not+completed.%0AThe+driver+now+cleans+up+timed-out+I%2FO+requests+as+expected+in+this+situation.+%28BZ%231007467%29%0A%0A%2A+A+kernel+panic+could+occur+during+path+failover+on+systems+using+multiple+iSCSI%2C+FC+or+SRP+paths+to+connect+an+iSCSI+initiator+and+an+iSCSI+target.+This+happened+because+a+race+condition+in+the+SCSI+driver+allowed+removing+a+SCSI+device+from+the+system+before+processing+its+run+queue%2C+which+led+to+a+NULL+pointer+dereference.+The+SCSI+driver+has+been+modified+and+the+race+is+now+avoided+by+holding+a+reference+to+a+SCSI+device+run+queue+while+it+is+active.+%28BZ%231008507%29%0A%0AAll+kernel+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top