- Home
- CVEs with nessus.description==Updated+kernel+packages+that+fix+two+security+issues+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+6.2+Extended+Update+Support.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+A+race+condition+was+found+in+the+way+asynchronous+I%2FO+and+fallocate%28%29+interacted+when+using+the+ext4+file+system.+A+local%2C+unprivileged+user+could+use+this+flaw+to+expose+random+data+from+an+extent+whose+data+blocks+have+not+yet+been+written%2C+and+thus+contain+data+from+a+deleted+file.+%28CVE-2012-4508%2C+Important%29%0A%0A%2A+An+information+leak+flaw+was+found+in+the+way+Linux+kernel%27s+device+mapper+subsystem%2C+under+certain+conditions%2C+interpreted+data+written+to+snapshot+block+devices.+An+attacker+could+use+this+flaw+to+read+data+from+disk+blocks+in+free+space%2C+which+are+normally+inaccessible.%0A%28CVE-2013-4299%2C+Moderate%29%0A%0ARed+Hat+would+like+to+thank+Theodore+Ts%27o+for+reporting+CVE-2012-4508%2C+and+Fujitsu+for+reporting+CVE-2013-4299.+Upstream+acknowledges+Dmitry+Monakhov+as+the+original+reporter+of+CVE-2012-4508.%0A%0AThis+update+also+fixes+the+following+bugs+%3A%0A%0A%2A+When+the+Audit+subsystem+was+under+heavy+load%2C+it+could+loop+infinitely+in+the+audit_log_start%28%29+function+instead+of+failing+over+to+the+error+recovery+code.+This+would+cause+soft+lockups+in+the+kernel.+With+this+update%2C+the+timeout+condition+in+the+audit_log_start%28%29+function+has+been+modified+to+properly+fail+over+when+necessary.+%28BZ%231017898%29%0A%0A%2A+When+handling+Memory+Type+Range+Registers+%28MTRRs%29%2C+the+stop_one_cpu_nowait%28%29+function+could+potentially+be+executed+in+parallel+with+the+stop_machine%28%29+function%2C+which+resulted+in+a+deadlock.+The+MTRR+handling+logic+now+uses+the+stop_machine%28%29+function+and+makes+use+of+mutual+exclusion+to+avoid+the+aforementioned+deadlock.+%28BZ%231017902%29%0A%0A%2A+Power-limit+notification+interrupts+were+enabled+by+default.+This+could+lead+to+degradation+of+system+performance+or+even+render+the+system+unusable+on+certain+platforms%2C+such+as+Dell+PowerEdge+servers.%0APower-limit+notification+interrupts+have+been+disabled+by+default+and+a+new+kernel+command+line+parameter+%27int_pln_enable%27+has+been+added+to+allow+users+to+observe+these+events+using+the+existing+system+counters.+Power-limit+notification+messages+are+also+no+longer+displayed+on+the+console.+The+affected+platforms+no+longer+suffer+from+degraded+system+performance+due+to+this+problem.+%28BZ%231020519%29%0A%0A%2A+Package+level+thermal+and+power+limit+events+are+not+defined+as+MCE+errors+for+the+x86+architecture.+However%2C+the+mcelog+utility+erroneously+reported+these+events+as+MCE+errors+with+the+following+message+%3A%0A%0Akernel%3A+%5BHardware+Error%5D%3A+Machine+check+events+logged%0A%0APackage+level+thermal+and+power+limit+events+are+no+longer+reported+as+MCE+errors+by+mcelog.+When+these+events+are+triggered%2C+they+are+now+reported+only+in+the+respective+counters+in+sysfs+%28specifically%2C+%2Fsys%2Fdevices%2Fsystem%2Fcpu%2Fcpu%2Fthermal_throttle%2F%29.+%28BZ%231021950%29%0A%0A%2A+An+insufficiently+designed+calculation+in+the+CPU+accelerator+could+cause+an+arithmetic+overflow+in+the+set_cyc2ns_scale%28%29+function+if+the+system+uptime+exceeded+208+days+prior+to+using+kexec+to+boot+into+a+new+kernel.+This+overflow+led+to+a+kernel+panic+on+systems+using+the+Time+Stamp+Counter+%28TSC%29+clock+source%2C+primarily+systems+using+Intel+Xeon+E5+processors+that+do+not+reset+TSC+on+soft+power+cycles.+A+patch+has+been+applied+to+modify+the+calculation+so+that+this+arithmetic+overflow+and+kernel+panic+can+no+longer+occur+under+these+circumstances.+%28BZ%231024453%29%0A%0AAll+kernel+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top