Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SciLinux: 2014:1392-1 Important Kernel Security Fix - SL6.x

Calendar Nov 03, 2014 User Avatar LinuxSecurity Advisories
3 - 5 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory update bug fix important kernel SL6
Important: kernel security, bug fix, and enhancement update 
Date: Mon, 3 Nov 2014 17:55:11 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: kernel on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: SLSA-2014:1392-1
Issue Date: 2014-10-14
CVE Numbers: CVE-2013-4483
 CVE-2014-3122
 CVE-2014-0181
 CVE-2014-4653
 CVE-2014-4654
 CVE-2014-4655
 CVE-2014-5077
 CVE-2013-2596
 CVE-2014-4608
 CVE-2014-5045
 CVE-2014-3601
--

* A NULL pointer dereference flaw was found in the way the Linux kernel's
Stream Control Transmission Protocol (SCTP) implementation handled
simultaneous connections between the same hosts. A remote attacker could
use this flaw to crash the system. (CVE-2014-5077, Important)

* An integer overflow flaw was found in the way the Linux kernel's Frame
Buffer device implementation mapped kernel memory to user space via the
mmap syscall. A local user able to access a frame buffer device file
(/dev/fb*) could possibly use this flaw to escalate their privileges on
the system. (CVE-2013-2596, Important)

* A flaw was found in the way the ipc_rcu_putref() function in the Linux
kernel's IPC implementation handled reference counter decrementing. A
local, unprivileged user could use this flaw to trigger an Out of Memory
(OOM) condition and, potentially, crash the system. (CVE-2013-4483,
Moderate)

* It was found that the permission checks performed by the Linux kernel
when a netlink message was received were not sufficient. A local,
unprivileged user could potentially bypass these restrictions by passing a
netlink socket as stdout or stderr to a more privileged process and
altering the output of this process. (CVE-2014-0181, Moderate)

* It was found that the try_to_unmap_cluster() function in the Linux
kernel's Memory Managment subsystem did not properly handle page locking
in certain cases, which could potentially trigger the BUG_ON() macro in
the mlock_vma_page() function. A local, unprivileged user could use this
flaw to crash the system. (CVE-2014-3122, Moderate)

* A flaw was found in the way the Linux kernel's kvm_iommu_map_pages()
function handled IOMMU mapping failures. A privileged user in a guest with
an assigned host device could use this flaw to crash the host.
(CVE-2014-3601, Moderate)

* Multiple use-after-free flaws were found in the way the Linux kernel's
Advanced Linux Sound Architecture (ALSA) implementation handled user
controls. A local, privileged user could use either of these flaws to
crash the system. (CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, Moderate)

* A flaw was found in the way the Linux kernel's VFS subsystem handled
reference counting when performing unmount operations on symbolic links. A
local, unprivileged user could use this flaw to exhaust all available
memory on the system or, potentially, trigger a use-after-free error,
resulting in a system crash or privilege escalation. (CVE-2014-5045,
Moderate)

* An integer overflow flaw was found in the way the
lzo1x_decompress_safe() function of the Linux kernel's LZO implementation
processed Literal Runs. A local attacker could, in extremely rare cases,
use this flaw to crash the system or, potentially, escalate their
privileges on the system. (CVE-2014-4608, Low)

The system must be rebooted for this update to take effect.
--

SL6
 x86_64
 kernel-2.6.32-504.el6.x86_64.rpm
 kernel-debug-2.6.32-504.el6.x86_64.rpm
 kernel-debug-debuginfo-2.6.32-504.el6.x86_64.rpm
 kernel-debug-devel-2.6.32-504.el6.x86_64.rpm
 kernel-debuginfo-2.6.32-504.el6.x86_64.rpm
 kernel-debuginfo-common-x86_64-2.6.32-504.el6.x86_64.rpm
 kernel-devel-2.6.32-504.el6.x86_64.rpm
 kernel-headers-2.6.32-504.el6.x86_64.rpm
 perf-2.6.32-504.el6.x86_64.rpm
 perf-debuginfo-2.6.32-504.el6.x86_64.rpm
 python-perf-debuginfo-2.6.32-504.el6.x86_64.rpm
 python-perf-2.6.32-504.el6.x86_64.rpm
 i386
 kernel-2.6.32-504.el6.i686.rpm
 kernel-debug-2.6.32-504.el6.i686.rpm
 kernel-debug-debuginfo-2.6.32-504.el6.i686.rpm
 kernel-debug-devel-2.6.32-504.el6.i686.rpm
 kernel-debuginfo-2.6.32-504.el6.i686.rpm
 kernel-debuginfo-common-i686-2.6.32-504.el6.i686.rpm
 kernel-devel-2.6.32-504.el6.i686.rpm
 kernel-headers-2.6.32-504.el6.i686.rpm
 perf-2.6.32-504.el6.i686.rpm
 perf-debuginfo-2.6.32-504.el6.i686.rpm
 python-perf-debuginfo-2.6.32-504.el6.i686.rpm
 python-perf-2.6.32-504.el6.i686.rpm
 noarch
 kernel-abi-whitelists-2.6.32-504.el6.noarch.rpm
 kernel-doc-2.6.32-504.el6.noarch.rpm
 kernel-firmware-2.6.32-504.el6.noarch.rpm

- Scientific Linux Development Team

Related News

Your message here