Lucene search

K
centosCentOS ProjectCESA-2012:1445
HistoryNov 13, 2012 - 8:46 p.m.

kernel security update

2012-11-1320:46:28
CentOS Project
lists.centos.org
59

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.029

Percentile

90.8%

CentOS Errata and Security Advisory CESA-2012:1445

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

  • It was found that the RHSA-2010:0178 update did not correctly fix the
    CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system code. A
    local, unprivileged user with the ability to mount an ext4 file system
    could use this flaw to cause a denial of service. (CVE-2012-2100, Low)

This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct this issue, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2012-November/081156.html

Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2012:1445

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.029

Percentile

90.8%