6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
56.6%
CentOS Errata and Security Advisory CESA-2013:0621
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
A flaw was found in the way file permission checks for the
“/dev/cpu/[x]/msr” files were performed in restricted root environments
(for example, when using a capability-based security model). A local user
with the ability to write to these files could use this flaw to escalate
their privileges to kernel level, for example, by writing to the
SYSENTER_EIP_MSR register. (CVE-2013-0268, Important)
A race condition was found in the way the Linux kernel’s ptrace
implementation handled PTRACE_SETREGS requests when the debuggee was woken
due to a SIGKILL signal instead of being stopped. A local, unprivileged
user could use this flaw to escalate their privileges. (CVE-2013-0871,
Important)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-March/081806.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0621
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i686 | kernel | < 2.6.18-348.3.1.el5 | kernel-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-debug | < 2.6.18-348.3.1.el5 | kernel-debug-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-debug-devel | < 2.6.18-348.3.1.el5 | kernel-debug-devel-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-devel | < 2.6.18-348.3.1.el5 | kernel-devel-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | noarch | kernel-doc | < 2.6.18-348.3.1.el5 | kernel-doc-2.6.18-348.3.1.el5.noarch.rpm |
CentOS | 5 | i386 | kernel-headers | < 2.6.18-348.3.1.el5 | kernel-headers-2.6.18-348.3.1.el5.i386.rpm |
CentOS | 5 | i686 | kernel-pae | < 2.6.18-348.3.1.el5 | kernel-PAE-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-pae-devel | < 2.6.18-348.3.1.el5 | kernel-PAE-devel-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen | < 2.6.18-348.3.1.el5 | kernel-xen-2.6.18-348.3.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen-devel | < 2.6.18-348.3.1.el5 | kernel-xen-devel-2.6.18-348.3.1.el5.i686.rpm |