Date:         Wed, 28 Jan 2015 15:41:18 +0000
Reply-To:     scientific-linux-users@listserv.fnal.gov
Sender:       Security Errata for Scientific Linux
              
From:         Pat Riehecky 
Subject:      Security ERRATA Important: kernel on SL6.x i386/srpm/x86_64
MIME-Version: 1.0

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       SLSA-2015:0087-1
Issue Date:        2015-01-27
CVE Numbers:       CVE-2014-7841
                   CVE-2014-4656
--

* A flaw was found in the way the Linux kernel's SCTP implementation
validated INIT chunks when performing Address Configuration Change
(ASCONF). A remote attacker could use this flaw to crash the system by
sending a specially crafted SCTP packet to trigger a NULL pointer
dereference on the system. (CVE-2014-7841, Important)

* An integer overflow flaw was found in the way the Linux kernel's
Advanced Linux Sound Architecture (ALSA) implementation handled user
controls. A local, privileged user could use this flaw to crash the
system. (CVE-2014-4656, Moderate)

The system must be rebooted for this update to take effect.
--

SL6
  x86_64
    kernel-devel-2.6.32-504.8.1.el6.x86_64.rpm
    python-perf-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debug-devel-2.6.32-504.8.1.el6.x86_64.rpm
    perf-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
    kernel-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debug-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
    kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
    kernel-headers-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debug-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debuginfo-common-x86_64-2.6.32-504.8.1.el6.x86_64.rpm
    perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    python-perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
  i386
    kernel-2.6.32-504.8.1.el6.i686.rpm
    kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
    perf-2.6.32-504.8.1.el6.i686.rpm
    kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
    kernel-debug-2.6.32-504.8.1.el6.i686.rpm
    kernel-headers-2.6.32-504.8.1.el6.i686.rpm
    kernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm
    kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
    kernel-devel-2.6.32-504.8.1.el6.i686.rpm
    python-perf-2.6.32-504.8.1.el6.i686.rpm
    kernel-debug-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    kernel-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    kernel-debuginfo-common-i686-2.6.32-504.8.1.el6.i686.rpm
    perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    python-perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
  srpm
    kernel-2.6.32-504.8.1.el6.src.rpm
  noarch
    perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    kernel-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debuginfo-common-i686-2.6.32-504.8.1.el6.i686.rpm
    kernel-debug-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debuginfo-common-x86_64-2.6.32-504.8.1.el6.x86_64.rpm
    python-perf-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    python-perf-debuginfo-2.6.32-504.8.1.el6.i686.rpm
    kernel-debug-debuginfo-2.6.32-504.8.1.el6.x86_64.rpm
    kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
    kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
    kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm

- Scientific Linux Development Team

SciLinux: CVE-2014-7841 Important: kernel SL6.x i386/srpm/x86_64

Important: kernel security and bug fix update

Summary

Important: kernel security and bug fix update



Security Fixes

Severity
Advisory ID: SLSA-2015:0087-1
Issued Date: : 2015-01-27
CVE Numbers: CVE-2014-7841
CVE-2014-4656

Related News