6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.3%
CentOS Errata and Security Advisory CESA-2013:1436
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
A flaw was found in the way the Linux kernel’s TCP/IP protocol suite
implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of
service. (CVE-2013-4162, Moderate)
An information leak flaw was found in the way Linux kernel’s device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible. (CVE-2013-4299,
Moderate)
Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.
This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-October/082138.html
Affected packages:
kernel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
perf
python-perf
Upstream details at:
https://access.redhat.com/errata/RHSA-2013:1436
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | kernel | < 2.6.32-358.23.2.el6 | kernel-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | i686 | kernel-debug | < 2.6.32-358.23.2.el6 | kernel-debug-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | i686 | kernel-debug-devel | < 2.6.32-358.23.2.el6 | kernel-debug-devel-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | i686 | kernel-devel | < 2.6.32-358.23.2.el6 | kernel-devel-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | noarch | kernel-doc | < 2.6.32-358.23.2.el6 | kernel-doc-2.6.32-358.23.2.el6.noarch.rpm |
CentOS | 6 | noarch | kernel-firmware | < 2.6.32-358.23.2.el6 | kernel-firmware-2.6.32-358.23.2.el6.noarch.rpm |
CentOS | 6 | i686 | kernel-headers | < 2.6.32-358.23.2.el6 | kernel-headers-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | i686 | perf | < 2.6.32-358.23.2.el6 | perf-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | i686 | python-perf | < 2.6.32-358.23.2.el6 | python-perf-2.6.32-358.23.2.el6.i686.rpm |
CentOS | 6 | x86_64 | kernel | < 2.6.32-358.23.2.el6 | kernel-2.6.32-358.23.2.el6.x86_64.rpm |