Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Moderate: kernel on SL6.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Wednesday 6th February 2013 15:14:56 UTC (over 3 years ago)
Synopsis:          Moderate: kernel security and bug fix update
Issue Date:        2013-02-05
CVE Numbers:       CVE-2012-4398
                    CVE-2012-4461
                    CVE-2012-4530
--

This update fixes the following security issues:

* It was found that a deadlock could occur in the Out of Memory (OOM) 
killer. A
process could trigger this deadlock by consuming a large amount of 
memory, and
then causing request_module() to be called. A local, unprivileged user
could
use this flaw to cause a denial of service (excessive memory consumption).
(CVE-2012-4398, Moderate)

* A flaw was found in the way the KVM (Kernel-based Virtual Machine) 
subsystem
handled guests attempting to run with the X86_CR4_OSXSAVE CPU feature 
flag set.
On hosts without the XSAVE CPU feature, a local, unprivileged user could
use
this flaw to crash the host system. (The "grep --color xsave /proc/cpuinfo"
command can be used to verify if your system has the XSAVE CPU feature.)
(CVE-2012-4461, Moderate)

* A memory disclosure flaw was found in the way the load_script() 
function in
the binfmt_script binary format handler handled excessive recursions. A 
local,
unprivileged user could use this flaw to leak kernel stack memory to 
user-space
by executing specially-crafted scripts. (CVE-2012-4530, Low)

The system must be rebooted for this update to take effect.
--

SL6
   x86_64
     kernel-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-debug-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-debug-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-debug-devel-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-debuginfo-common-x86_64-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-devel-2.6.32-279.22.1.el6.x86_64.rpm
     kernel-headers-2.6.32-279.22.1.el6.x86_64.rpm
     perf-2.6.32-279.22.1.el6.x86_64.rpm
     perf-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm
     python-perf-debuginfo-2.6.32-279.22.1.el6.x86_64.rpm
     python-perf-2.6.32-279.22.1.el6.x86_64.rpm
   i386
     kernel-2.6.32-279.22.1.el6.i686.rpm
     kernel-debug-2.6.32-279.22.1.el6.i686.rpm
     kernel-debug-debuginfo-2.6.32-279.22.1.el6.i686.rpm
     kernel-debug-devel-2.6.32-279.22.1.el6.i686.rpm
     kernel-debuginfo-2.6.32-279.22.1.el6.i686.rpm
     kernel-debuginfo-common-i686-2.6.32-279.22.1.el6.i686.rpm
     kernel-devel-2.6.32-279.22.1.el6.i686.rpm
     kernel-headers-2.6.32-279.22.1.el6.i686.rpm
     perf-2.6.32-279.22.1.el6.i686.rpm
     perf-debuginfo-2.6.32-279.22.1.el6.i686.rpm
     python-perf-debuginfo-2.6.32-279.22.1.el6.i686.rpm
     python-perf-2.6.32-279.22.1.el6.i686.rpm
   noarch
     kernel-doc-2.6.32-279.22.1.el6.noarch.rpm
     kernel-firmware-2.6.32-279.22.1.el6.noarch.rpm

- Scientific Linux Development Team
 
CD: 3ms