Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2013:1436
HistoryOct 17, 2013 - 4:14 p.m.

kernel, perf, python security update

2013-10-1716:14:23
CentOS Project
lists.centos.org
59

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.3%

JSON

CentOS Errata and Security Advisory CESA-2013:1436

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

  • A flaw was found in the way the Linux kernel’s TCP/IP protocol suite
    implementation handled IPv6 sockets that used the UDP_CORK option. A local,
    unprivileged user could use this flaw to cause a denial of
    service. (CVE-2013-4162, Moderate)

  • An information leak flaw was found in the way Linux kernel’s device
    mapper subsystem, under certain conditions, interpreted data written to
    snapshot block devices. An attacker could use this flaw to read data from
    disk blocks in free space, which are normally inaccessible. (CVE-2013-4299,
    Moderate)

Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.

This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-October/082138.html

Affected packages:
kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
perf
python-perf

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:1436

OSVersionArchitecturePackageVersionFilename
CentOS6i686kernel< 2.6.32-358.23.2.el6kernel-2.6.32-358.23.2.el6.i686.rpm
CentOS6i686kernel-debug< 2.6.32-358.23.2.el6kernel-debug-2.6.32-358.23.2.el6.i686.rpm
CentOS6i686kernel-debug-devel< 2.6.32-358.23.2.el6kernel-debug-devel-2.6.32-358.23.2.el6.i686.rpm
CentOS6i686kernel-devel< 2.6.32-358.23.2.el6kernel-devel-2.6.32-358.23.2.el6.i686.rpm
CentOS6noarchkernel-doc< 2.6.32-358.23.2.el6kernel-doc-2.6.32-358.23.2.el6.noarch.rpm
CentOS6noarchkernel-firmware< 2.6.32-358.23.2.el6kernel-firmware-2.6.32-358.23.2.el6.noarch.rpm
CentOS6i686kernel-headers< 2.6.32-358.23.2.el6kernel-headers-2.6.32-358.23.2.el6.i686.rpm
CentOS6i686perf< 2.6.32-358.23.2.el6perf-2.6.32-358.23.2.el6.i686.rpm
CentOS6i686python-perf< 2.6.32-358.23.2.el6python-perf-2.6.32-358.23.2.el6.i686.rpm
CentOS6x86_64kernel< 2.6.32-358.23.2.el6kernel-2.6.32-358.23.2.el6.x86_64.rpm
Rows per page:
1-10 of 181

Related

openvas 76
nessus 49
redhat 10
oraclelinux 9
altlinux 1
amazon 1
ubuntucve 2
prion 2
cve 2
debiancve 2
ubuntu 22
centos 2
securityvulns 5
debian 2
osv 2
veracode 11
suse 1
openvas
openvas
Oracle: Security Advisory (ELSA-2013-2575)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2013-1436)
2015-10-06 00:00:00
RedHat Update for kernel RHSA-2013:1436-01
2013-10-18 00:00:00
nessus
nessus
CentOS 6 : kernel (CESA-2013:1436)
2013-10-18 00:00:00
Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2575)
2013-10-20 00:00:00
RHEL 6 : kernel (RHSA-2013:1436)
2013-10-17 00:00:00
redhat
redhat
(RHSA-2013:1436) Moderate: kernel security and bug fix update
2013-10-16 00:00:00
(RHSA-2013:1520) Moderate: kernel security, bug fix, and enhancement update
2013-11-14 00:00:00
(RHSA-2013:1860) Moderate: kernel security and bug fix update
2013-12-19 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2013-10-16 00:00:00
unbreakable enterprise kernel security update
2013-10-18 00:00:00
unbreakable enterprise kernel security update
2013-10-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt12
2013-10-25 00:00:00
amazon
amazon
Medium: kernel
2013-10-16 20:53:00
ubuntucve
ubuntucve
CVE-2013-4299
2013-10-24 00:00:00
CVE-2013-4162
2013-07-29 00:00:00
prion
prion
Input validation
2013-10-24 10:53:00
Information disclosure
2013-07-29 13:59:00
cve
cve
CVE-2013-4299
2013-10-24 10:53:00
CVE-2013-4162
2013-07-29 13:59:00
debiancve
debiancve
CVE-2013-4299
2013-10-24 10:53:00
CVE-2013-4162
2013-07-29 13:59:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-12-03 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-12-03 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-12-03 00:00:00
centos
centos
kernel security update
2013-09-27 13:27:33
kernel security update
2013-10-23 00:10:49
securityvulns
securityvulns
[USN-1939-1] Linux kernel vulnerabilities
2013-09-09 00:00:00
[USN-2015-1] Linux kernel vulnerabilities
2013-11-13 00:00:00
[USN-2049-1] Linux kernel vulnerabilities
2013-12-09 00:00:00
debian
debian
[SECURITY] [DSA 2745-1] linux security update
2013-08-29 05:07:31
[SECURITY] [DSA 2906-1] linux-2.6 security update
2014-04-25 00:12:10
osv
osv
linux - several
2013-08-28 00:00:00
linux-2.6 - several
2014-04-24 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:56:55
Weak Cryptographic Protection
2019-05-02 04:56:55
Denial Of Service (DoS)
2019-05-02 04:56:55
suse
suse
Security update for Linux kernel (important)
2013-09-21 01:04:16

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.3%

JSON
Related for CESA-2013:1436
openvas76nessus49redhat10oraclelinux9altlinux1amazon1ubuntucve2prion2cve2debiancve2ubuntu22centos2securityvulns5debian2osv2veracode11suse1