Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

SciLinux SL6.x Important: Kernel Security Update SLSA-2013:0911-1

Scientific Large Esm H446
Important: kernel security, bug fix, and enhancement update
Date: Tue, 4 Jun 2013 09:16:06 -0500
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: FASTBUGS for SL 6x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
createrepo-0.9.9-18.el6.noarch.rpm
nmap-5.51-3.el6.i686.rpm
nmap-frontend-5.51-3.el6.noarch.rpm
perl-Makefile-Parser-0.211-2.el6.noarch.rpm
setuptool-1.19.9-4.el6.i686.rpm

x86_64:
createrepo-0.9.9-18.el6.noarch.rpm
nmap-5.51-3.el6.x86_64.rpm
nmap-frontend-5.51-3.el6.noarch.rpm
perl-Makefile-Parser-0.211-2.el6.noarch.rpm
setuptool-1.19.9-4.el6.x86_64.rpm
Date: Wed, 12 Jun 2013 16:33:26 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Bonnie King 
Subject: Security ERRATA Important: kernel on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: SLSA-2013:0911-1
Issue Date: 2013-06-10
CVE Numbers: CVE-2013-1935
 CVE-2013-1943
 CVE-2013-2017
--

This update fixes the following security issues:

* A flaw was found in the way KVM (Kernel-based Virtual Machine)
initialized a guest's registered pv_eoi (paravirtualized end-of-interrupt)
indication flag when entering the guest. An unprivileged guest user could
potentially use this flaw to crash the host. (CVE-2013-1935, Important)

* A missing sanity check was found in the kvm_set_memory_region() function
in KVM, allowing a user-space process to register memory regions pointing
to the kernel address space. A local, unprivileged user could use this
flaw to escalate their privileges. (CVE-2013-1943, Important)

* A double free flaw was found in the Linux kernel's Virtual Ethernet
Tunnel driver (veth). A remote attacker could possibly use this flaw to
crash a target system. (CVE-2013-2017, Moderate)

The system must be rebooted for this update to take effect.
--

SL6
 x86_64
 kernel-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-debug-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-debug-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-debug-devel-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-debuginfo-common-x86_64-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-devel-2.6.32-358.11.1.el6.x86_64.rpm
 kernel-headers-2.6.32-358.11.1.el6.x86_64.rpm
 perf-2.6.32-358.11.1.el6.x86_64.rpm
 perf-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm
 python-perf-debuginfo-2.6.32-358.11.1.el6.x86_64.rpm
 python-perf-2.6.32-358.11.1.el6.x86_64.rpm
 i386
 kernel-2.6.32-358.11.1.el6.i686.rpm
 kernel-debug-2.6.32-358.11.1.el6.i686.rpm
 kernel-debug-debuginfo-2.6.32-358.11.1.el6.i686.rpm
 kernel-debug-devel-2.6.32-358.11.1.el6.i686.rpm
 kernel-debuginfo-2.6.32-358.11.1.el6.i686.rpm
 kernel-debuginfo-common-i686-2.6.32-358.11.1.el6.i686.rpm
 kernel-devel-2.6.32-358.11.1.el6.i686.rpm
 kernel-headers-2.6.32-358.11.1.el6.i686.rpm
 perf-2.6.32-358.11.1.el6.i686.rpm
 perf-debuginfo-2.6.32-358.11.1.el6.i686.rpm
 python-perf-debuginfo-2.6.32-358.11.1.el6.i686.rpm
 python-perf-2.6.32-358.11.1.el6.i686.rpm
 noarch
 kernel-doc-2.6.32-358.11.1.el6.noarch.rpm
 kernel-firmware-2.6.32-358.11.1.el6.noarch.rpm

- Scientific Linux Development Team