Debian: DSA-2745-1: linux security update

    Date29 Aug 2013
    CategoryDebian
    41
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - ----------------------------------------------------------------------
    Debian Security Advisory DSA-2745-1                This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                           Dann Frazier
    August 28, 2013                     http://www.debian.org/security/faq
    - ----------------------------------------------------------------------
    
    Package        : linux
    Vulnerability  : privilege escalation/denial of service/information leak
    Problem type   : local/remote
    Debian-specific: no
    CVE Id(s)      : CVE-2013-1059 CVE-2013-2148 CVE-2013-2164 CVE-2013-2232
                     CVE-2013-2234 CVE-2013-2237 CVE-2013-2851 CVE-2013-2852
                     CVE-2013-4162 CVE-2013-4163
    Debian Bug     : 701744
    
    Several vulnerabilities have been discovered in the Linux kernel that may lead
    to a denial of service, information leak or privilege escalation. The Common
    Vulnerabilities and Exposures project identifies the following problems:
    
    CVE-2013-1059
    
        Chanam Park reported an issue in the Ceph distributed storage system.
        Remote users can cause a denial of service by sending a specially crafted
        auth_reply message.
    
    CVE-2013-2148
    
        Dan Carpenter reported an information leak in the filesystem wide access
        notification subsystem (fanotify). Local users could gain access to
        sensitive kernel memory.
    
    CVE-2013-2164
    
        Jonathan Salwan reported an information leak in the CD-ROM driver. A
        local user on a system with a malfunctioning CD-ROM drive could gain
        access to sensitive memory.
    
    CVE-2013-2232
    
        Dave Jones and Hannes Frederic Sowa resolved an issue in the IPv6
        subsystem. Local users could cause a denial of service by using an
        AF_INET6 socket to connect to an IPv4 destination.
    
    CVE-2013-2234
    
        Mathias Krause reported a memory leak in the implementation of PF_KEYv2
        sockets. Local users could gain access to sensitive kernel memory.
    
    CVE-2013-2237
    
        Nicolas Dichtel reported a memory leak in the implementation of PF_KEYv2
        sockets. Local users could gain access to sensitive kernel memory.
    
    CVE-2013-2851
    
        Kees Cook reported an issue in the block subsystem. Local users with
        uid 0 could gain elevated ring 0 privileges. This is only a security
        issue for certain specially configured systems.
    
    CVE-2013-2852
    
        Kees Cook reported an issue in the b43 network driver for certain Broadcom
        wireless devices. Local users with uid 0 could gain elevated ring 0 
        privileges. This is only a security issue for certain specially configured
        systems.
    
    CVE-2013-4162
    
        Hannes Frederic Sowa reported an issue in the IPv6 networking subsystem.
        Local users can cause a denial of service (system crash).
    
    CVE-2013-4163
    
        Dave Jones reported an issue in the IPv6 networking subsystem. Local
        users can cause a denial of service (system crash).
    
    This update also includes a fix for a regression in the Xen subsystem.
    
    For the stable distribution (wheezy), these problems has been fixed in version
    3.2.46-1+deb7u1.
    
    The following matrix lists additional source packages that were rebuilt for
    compatibility with or to take advantage of this update:
    
                                                 Debian 7.0 (wheezy)
         user-mode-linux                         3.2-2um-1+deb7u2
    
    We recommend that you upgrade your linux and user-mode-linux packages.
    
    Note: Debian carefully tracks all known security issues across every
    linux kernel package in all releases under active security support.
    However, given the high frequency at which low-severity security
    issues are discovered in the kernel and the resource requirements of
    doing an update, updates for lower priority issues will normally not
    be released for all kernels at the same time. Rather, they will be
    released in a staggered or "leap-frog" fashion.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"67","type":"x","order":"1","pct":57.76,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":12.93,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.31,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.