SciLinux: CVE-2013-6378 Important: kernel SL6.x i386/x86_64
Summary
Important: kernel security and bug fix update
Date: Thu, 19 Jun 2014 21:04:15 +0000 Reply-To: scientific-linux-users@listserv.fnal.gov Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Important: kernel on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2014:0771-1 Issue Date: 2014-06-19 CVE Numbers: CVE-2013-6378 CVE-2014-1874 CVE-2014-1737 CVE-2014-1738 CVE-2014-2039 CVE-2014-0203 CVE-2014-3153 -- * A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * It was discovered that the proc_ns_follow_link() function did not properly return the LAST_BIND value in the last pathname component as is expected for procfs symbolic links, which could lead to excessive freeing of memory and consequent slab corruption. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-0203, Moderate) * A flaw was found in the way the Linux kernel handled exceptions when user-space applications attempted to use the linkage stack. On IBM S/390 systems, a local, unprivileged user could use this flaw to crash the system. (CVE-2014-2039, Moderate) * An invalid pointer dereference flaw was found in the Marvell 8xxx Libertas WLAN (libertas) driver in the Linux kernel. A local user able to write to a file that is provided by the libertas driver and located on the debug file system (debugfs) could use this flaw to crash the system. Note: The debugfs file system must be mounted locally to exploit this issue. It is not mounted by default. (CVE-2013-6378, Low) * A denial of service flaw was discovered in the way the Linux kernel's SELinux implementation handled files with an empty SELinux security context. A local user who has the CAP_MAC_ADMIN capability could use this flaw to crash the system. (CVE-2014-1874, Low) The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.20.3.el6.x86_64.rpm kernel-devel-2.6.32-431.20.3.el6.x86_64.rpm kernel-headers-2.6.32-431.20.3.el6.x86_64.rpm perf-2.6.32-431.20.3.el6.x86_64.rpm perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.x86_64.rpm python-perf-2.6.32-431.20.3.el6.x86_64.rpm i386 kernel-2.6.32-431.20.3.el6.i686.rpm kernel-debug-2.6.32-431.20.3.el6.i686.rpm kernel-debug-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debug-devel-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-2.6.32-431.20.3.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-431.20.3.el6.i686.rpm kernel-devel-2.6.32-431.20.3.el6.i686.rpm kernel-headers-2.6.32-431.20.3.el6.i686.rpm perf-2.6.32-431.20.3.el6.i686.rpm perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-debuginfo-2.6.32-431.20.3.el6.i686.rpm python-perf-2.6.32-431.20.3.el6.i686.rpm noarch kernel-abi-whitelists-2.6.32-431.20.3.el6.noarch.rpm kernel-doc-2.6.32-431.20.3.el6.noarch.rpm kernel-firmware-2.6.32-431.20.3.el6.noarch.rpm - Scientific Linux Development Team
Important: kernel security and bug fix update