Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 4 Jun 2013 09:16:06 -0500 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: createrepo-0.9.9-18.el6.noarch.rpm nmap-5.51-3.el6.i686.rpm nmap-frontend-5.51-3.el6.noarch.rpm perl-Makefile-Parser-0.211-2.el6.noarch.rpm setuptool-1.19.9-4.el6.i686.rpm x86_64: createrepo-0.9.9-18.el6.noarch.rpm nmap-5.51-3.el6.x86_64.rpm nmap-frontend-5.51-3.el6.noarch.rpm perl-Makefile-Parser-0.211-2.el6.noarch.rpm setuptool-1.19.9-4.el6.x86_64.rpm Date: Wed, 12 Jun 2013 16:33:26 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Bonnie King Subject: Security ERRATA Important: kernel on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2013:0911-1 Issue Date: 2013-06-10 CVE Numbers: CVE-2013-1935 CVE-2013-1943 CVE-2013-2017 -- This update fixes the following security issues: * A flaw was found in the way KVM (Kernel-based Virtual Machine) initialized a guest's registered pv_eoi (paravirtualized end-of-interrupt) indication flag when entering the guest. An unprivileged guest user could potentially use this flaw to crash the host. (CVE-2013-1935, Important) * A missing sanity check was found in the kvm_set_memory_region() function in KVM, allowing a user-space process to register memory regions pointing to the kernel address space. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-1943, Important) * A double free flaw was found in the Linux kernel's Virtual Ethernet Tunnel driver (veth). A remote attacker could possibly use this flaw to crash a target system. (CVE-2013-2017, Moderate) The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-358.11.1.el6.x86_64.rpm kernel-debug-2.6.32-358.11.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.11.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.11.1.el6.x86_64.rpm kernel-devel-2.6.32-358.11.1.el6.x86_64.rpm kernel-headers-2.6.32-358.11.1.el6.x86_64.rpm perf-2.6.32-358.11.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm python-perf-2.6.32-358.11.1.el6.x86_64.rpm i386 kernel-2.6.32-358.11.1.el6.i686.rpm kernel-debug-2.6.32-358.11.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.11.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.11.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.11.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.11.1.el6.i686.rpm kernel-devel-2.6.32-358.11.1.el6.i686.rpm kernel-headers-2.6.32-358.11.1.el6.i686.rpm perf-2.6.32-358.11.1.el6.i686.rpm perf-debuginfo-2.6.32-358.11.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.11.1.el6.i686.rpm python-perf-2.6.32-358.11.1.el6.i686.rpm noarch kernel-doc-2.6.32-358.11.1.el6.noarch.rpm kernel-firmware-2.6.32-358.11.1.el6.noarch.rpm - Scientific Linux Development Team