Debian: DSA-2668-1: linux-2.6 security update

    Date14 May 2013
    CategoryDebian
    69
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - ----------------------------------------------------------------------
    Debian Security Advisory DSA-2668-1                security@debian.org
    http://www.debian.org/security/                           Dann Frazier
    May 14, 2013                        http://www.debian.org/security/faq
    - ----------------------------------------------------------------------
    
    Package        : linux-2.6
    Vulnerability  : privilege escalation/denial of service/information leak
    Problem type   : local/remote
    Debian-specific: no
    CVE Id(s)      : CVE-2012-2121 CVE-2012-3552 CVE-2012-4461 CVE-2012-4508
                     CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2012-6542
                     CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548
                     CVE-2012-6549 CVE-2013-0349 CVE-2013-0914 CVE-2013-1767
                     CVE-2013-1773 CVE-2013-1774 CVE-2013-1792 CVE-2013-1796
                     CVE-2013-1798 CVE-2013-1826 CVE-2013-1860 CVE-2013-1928
                     CVE-2013-1929 CVE-2013-2015 CVE-2013-2634 CVE-2013-3222
                     CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3228
                     CVE-2013-3229 CVE-2013-3231 CVE-2013-3234 CVE-2013-3235
    
    Several vulnerabilities have been discovered in the Linux kernel that may lead
    to a denial of service, information leak or privilege escalation. The Common
    Vulnerabilities and Exposures project identifies the following problems:
    
    CVE-2012-2121
    
        Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU
        mapping of memory slots used in KVM device assignment. Local users with
        the ability to assign devices could cause a denial of service due to a
        memory page leak.
    
    CVE-2012-3552
    
        Hafid Lin reported an issue in the IP networking subsystem. A remote user
        can cause a denial of service (system crash) on servers running
        applications that set options on sockets which are actively being
        processed.
    
    CVE-2012-4461
    
        Jon Howell reported a denial of service issue in the KVM subsystem.
        On systems that do not support the XSAVE feature, local users with
        access to the /dev/kvm interface can cause a system crash.
    
    CVE-2012-4508
    
        Dmitry Monakhov and Theodore Ts'o reported a race condition in the ext4
        filesystem. Local users could gain access to sensitive kernel memory.
    
    CVE-2012-6537
    
        Mathias Krause discovered information leak issues in the Transformation
        user configuration interface. Local users with the CAP_NET_ADMIN capability
        can gain access to sensitive kernel memory.
    
    CVE-2012-6539
    
        Mathias Krause discovered an issue in the networking subsystem. Local
        users on 64-bit systems can gain access to sensitive kernel memory.
    
    CVE-2012-6540
    
        Mathias Krause discovered an issue in the Linux virtual server subsystem.
        Local users can gain access to sensitive kernel memory. Note: this issue
        does not affect Debian provided kernels, but may affect custom kernels
        built from Debian's linux-source-2.6.32 package.
    
    CVE-2012-6542
    
        Mathias Krause discovered an issue in the LLC protocol support code.
        Local users can gain access to sensitive kernel memory.
    
    CVE-2012-6544
    
        Mathias Krause discovered issues in the Bluetooth subsystem.
        Local users can gain access to sensitive kernel memory.
    
    CVE-2012-6545
    
        Mathias Krause discovered issues in the Bluetooth RFCOMM protocol
        support. Local users can gain access to sensitive kernel memory.
    
    CVE-2012-6546
    
        Mathias Krause discovered issues in the ATM networking support. Local
        users can gain access to sensitive kernel memory.
    
    CVE-2012-6548
    
        Mathias Krause discovered an issue in the UDF file system support.
        Local users can obtain access to sensitive kernel memory.
    
    CVE-2012-6549
    
        Mathias Krause discovered an issue in the isofs file system support.
        Local users can obtain access to sensitive kernel memory.
    
    CVE-2013-0349
    
        Anderson Lizardo discovered an issue in the Bluetooth Human Interface
        Device Protocol (HIDP) stack. Local users can obtain access to sensitive
        kernel memory.
    
    CVE-2013-0914
    
        Emese Revfy discovered an issue in the signal implementation. Local
        users maybe able to bypass the address space layout randomization (ASLR)
        facility due to a leaking of information to child processes.
    
    CVE-2013-1767
    
        Greg Thelen reported an issue in the tmpfs virtual memory filesystem.
        Local users with sufficient privilege to mount filesystems can cause
        a denial of service or possibly elevated privileges due to a use-after-
        free defect.
    
    CVE-2013-1773
    
        Alan Stern provided a fix for a defect in the UTF8->UTF16 string conversion
        facility used by the VFAT filesystem. A local user could cause a buffer
        overflow condition, resulting in a denial of service or potentially
        elevated privileges.
    
    CVE-2013-1774
    
        Wolfgang Frisch provided a fix for a NULL-pointer dereference defect
        in the driver for some serial USB devices from Inside Out Networks.
        Local users with permission to access these devices can create a denial
        of service (kernel oops) by causing the device to be removed while it is
        in use.
    
    CVE-2013-1792
    
        Mateusz Guzik of Red Hat EMEA GSS SEG Team discovered a race condition
        in the access key retention support in the kernel. A local user could
        cause a denial of service (NULL pointer dereference).
    
    CVE-2013-1796
    
        Andrew Honig of Google reported an issue in the KVM subsystem. A user in
        a guest operating system could corrupt kernel memory, resulting in a
        denial of service.
    
    CVE-2013-1798
    
        Andrew Honig of Google reported an issue in the KVM subsystem. A user in
        a guest operating system could cause a denial of service due to a use-
        after-free defect.
        
    CVE-2013-1826
    
        Mathias Krause discovered an issue in the Transformation (XFRM) user
        configuration interface of the networking stack. A user with the
        CAP_NET_ADMIN capability maybe able to gain elevated privileges.
        
    CVE-2013-1860
    
        Oliver Neukum discovered an issue in the USB CDC WCM Device Management
        driver. Local users with the ability to attach devices can cause a
        denial of service (kernel crash) or potentially gain elevated privileges.
    
    CVE-2013-1928
    
        Kees Cook provided a fix for an information leak in the
        VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit
        kernel. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-1929
    
        Oded Horovitz and Brad Spengler reported an issue in the device driver for
        Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
        untrusted devices can create an overflow condition, resulting in a denial
        of service or elevated privileges.
    
    CVE-2013-2015
    
        Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local
        users with the ability to mount a specially crafted filesystem can cause
        a denial of service (infinite loop).
    
    CVE-2013-2634
    
        Mathias Krause discovered a few issues in the Data Center Bridging (DCB)
        netlink interface. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3222
    
        Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)
        protocol support. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3223
    
        Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol
        support. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3224
    
        Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users
        can gain access to sensitive kernel memory.
    
    CVE-2013-3225
    
        Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol
        support. Local users can gain access to sensitive kernel memory.
        
    CVE-2013-3228
    
        Mathias Krauss discovered an issue in the IrDA (infrared) subsystem
        support. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3229
    
        Mathias Krauss discovered an issue in the IUCV support on s390 systems.
        Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3231
    
        Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2
        protocol support. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3234
    
        Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)
        protocol support. Local users can gain access to sensitive kernel memory.
    
    CVE-2013-3235
    
        Mathias Krauss discovered an issue in the Transparent Inter Process
        Communication (TIPC) protocol support. Local users can gain access to
        sensitive kernel memory.
    
    For the oldstable distribution (squeeze), this problem has been fixed in
    version 2.6.32-48squeeze3.
    
    The following matrix lists additional source packages that were rebuilt for
    compatibility with or to take advantage of this update:
    
                                                 Debian 6.0 (squeeze)
         user-mode-linux                         2.6.32-1um-4+48squeeze3
    
    We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
    
    Note: Debian carefully tracks all known security issues across every
    linux kernel package in all releases under active security support.
    However, given the high frequency at which low-severity security
    issues are discovered in the kernel and the resource requirements of
    doing an update, updates for lower priority issues will normally not
    be released for all kernels at the same time. Rather, they will be
    released in a staggered or "leap-frog" fashion.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":51.32,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.47,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"26","type":"x","order":"3","pct":34.21,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.