Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2013:0621
HistoryMar 12, 2013 - 5:51 a.m.

kernel security update

2013-03-1205:51:58
CentOS Project
lists.centos.org
60

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.6%

JSON

CentOS Errata and Security Advisory CESA-2013:0621

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

  • A flaw was found in the way file permission checks for the
    “/dev/cpu/[x]/msr” files were performed in restricted root environments
    (for example, when using a capability-based security model). A local user
    with the ability to write to these files could use this flaw to escalate
    their privileges to kernel level, for example, by writing to the
    SYSENTER_EIP_MSR register. (CVE-2013-0268, Important)

  • A race condition was found in the way the Linux kernel’s ptrace
    implementation handled PTRACE_SETREGS requests when the debuggee was woken
    due to a SIGKILL signal instead of being stopped. A local, unprivileged
    user could use this flaw to escalate their privileges. (CVE-2013-0871,
    Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081806.html

Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0621

OSVersionArchitecturePackageVersionFilename
CentOS5i686kernel< 2.6.18-348.3.1.el5kernel-2.6.18-348.3.1.el5.i686.rpm
CentOS5i686kernel-debug< 2.6.18-348.3.1.el5kernel-debug-2.6.18-348.3.1.el5.i686.rpm
CentOS5i686kernel-debug-devel< 2.6.18-348.3.1.el5kernel-debug-devel-2.6.18-348.3.1.el5.i686.rpm
CentOS5i686kernel-devel< 2.6.18-348.3.1.el5kernel-devel-2.6.18-348.3.1.el5.i686.rpm
CentOS5noarchkernel-doc< 2.6.18-348.3.1.el5kernel-doc-2.6.18-348.3.1.el5.noarch.rpm
CentOS5i386kernel-headers< 2.6.18-348.3.1.el5kernel-headers-2.6.18-348.3.1.el5.i386.rpm
CentOS5i686kernel-pae< 2.6.18-348.3.1.el5kernel-PAE-2.6.18-348.3.1.el5.i686.rpm
CentOS5i686kernel-pae-devel< 2.6.18-348.3.1.el5kernel-PAE-devel-2.6.18-348.3.1.el5.i686.rpm
CentOS5i686kernel-xen< 2.6.18-348.3.1.el5kernel-xen-2.6.18-348.3.1.el5.i686.rpm
CentOS5i686kernel-xen-devel< 2.6.18-348.3.1.el5kernel-xen-devel-2.6.18-348.3.1.el5.i686.rpm
Rows per page:
1-10 of 181

Related

nessus 53
openvas 73
redhat 9
oraclelinux 10
zdt 2
veracode 2
debiancve 2
packetstorm 1
prion 2
ubuntucve 2
cve 2
ubuntu 20
suse 5
canvas 2
securityvulns 5
centos 2
vmware 2
fedora 1
osv 1
debian 1
amazon 1
altlinux 1
nessus
nessus
Oracle Linux 5 : ELSA-2013-0621-1: / kernel (ELSA-2013-06211)
2023-09-07 00:00:00
CentOS 5 : kernel (CESA-2013:0621)
2013-03-13 00:00:00
Oracle Linux 5 : kernel (ELSA-2013-0621)
2013-07-12 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2013:0621 centos5
2013-03-15 00:00:00
RedHat Update for kernel RHSA-2013:0621-01
2013-03-12 00:00:00
CentOS Update for kernel CESA-2013:0621 centos5
2013-03-15 00:00:00
redhat
redhat
(RHSA-2013:0621) Important: kernel security update
2013-03-11 00:00:00
(RHSA-2013:0622) Important: kernel-rt security and bug fix update
2013-03-11 00:00:00
(RHSA-2013:0695) Important: kernel security update
2013-04-02 00:00:00
oraclelinux
oraclelinux
kernel security update
2013-03-11 00:00:00
1
2013-03-11 00:00:00
kernel security and bug fix update
2013-03-12 00:00:00
zdt
zdt
Linux Kernel MSR Driver Privilege Escalation Vulnerability
2013-08-05 00:00:00
Linux Kernel 'MSR' Driver Local Privilege Escalation
2013-08-03 00:00:00
veracode
veracode
Authorization Bypass
2019-05-02 04:54:03
Privilege Escalation
2019-05-02 04:54:03
debiancve
debiancve
CVE-2013-0268
2013-02-18 04:41:00
CVE-2013-0871
2013-02-18 04:41:00
packetstorm
packetstorm
Linux Kernel MSR Driver Privilege Escalation
2013-08-04 00:00:00
prion
prion
Security feature bypass
2013-02-18 04:41:00
Race condition
2013-02-18 04:41:00
ubuntucve
ubuntucve
CVE-2013-0268
2013-02-17 00:00:00
CVE-2013-0871
2013-02-17 00:00:00
cve
cve
CVE-2013-0268
2013-02-18 04:41:00
CVE-2013-0871
2013-02-18 04:41:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerability
2013-02-22 00:00:00
Linux kernel (OMAP4) vulnerability
2013-02-22 00:00:00
Linux kernel vulnerability
2013-02-22 00:00:00
suse
suse
Security update for Linux kernel (important)
2013-02-25 16:04:22
Security update for Linux kernel (important)
2013-04-13 01:04:40
kernel: security and bugfix update (important)
2013-03-05 18:04:24
canvas
canvas
Immunity Canvas: LINUX_PTRACE_SETREGS
2013-02-18 04:41:00
Immunity Canvas: FS_PIPE_RACE_TO_NULL
2013-02-18 04:41:00
securityvulns
securityvulns
[USN-1739-1] Linux kernel vulnerability
2013-02-24 00:00:00
Linux kernel security vulnerabilities
2013-03-02 00:00:00
[USN-1756-1] Linux kernel vulnerabilities
2013-03-11 00:00:00
centos
centos
kernel, perf, python security update
2013-02-27 20:10:11
kernel, perf, python security update
2013-03-13 11:49:36
vmware
vmware
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: kernel-3.7.6-201.fc18
2013-02-08 16:56:42
osv
osv
linux-2.6 - several vulnerabilities
2013-02-25 00:00:00
debian
debian
[SECURITY] [DSA 2632-1] linux-2.6 security update
2013-02-26 03:58:48
amazon
amazon
Medium: kernel
2013-03-02 16:54:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt13
2013-11-24 00:00:00

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.6%

JSON
Related for CESA-2013:0621
nessus53openvas73redhat9oraclelinux10zdt2veracode2debiancve2packetstorm1prion2ubuntucve2cve2ubuntu20suse5canvas2securityvulns5centos2vmware2fedora1osv1debian1amazon1altlinux1