linux - several

Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service, information leak or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

• CVE-2013-0160
  vladz reported a timing leak with the /dev/ptmx character device. A local
  user could use this to determine sensitive information such as password
  length.
• CVE-2013-1796
  Andrew Honig of Google reported an issue in the KVM subsystem. A user in
  a guest operating system could corrupt kernel memory, resulting in a
  denial of service.
• CVE-2013-1929
  Oded Horovitz and Brad Spengler reported an issue in the device driver for
  Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
  untrusted devices can create an overflow condition, resulting in a denial
  of service or elevated privileges.
• CVE-2013-1979
  Andy Lutomirski reported an issue in the socket level control message
  processing subsystem. Local users may be able to gain eleveated privileges.
• CVE-2013-2015
  Theodore Ts’o provided a fix for an issue in the ext4 filesystem. Local
  users with the ability to mount a specially crafted filesystem can cause
  a denial of service (infinite loop).
• CVE-2013-2094
  Tommie Rantala discovered an issue in the perf subsystem. An out-of-bounds
  access vulnerability allows local users to gain elevated privileges.
• CVE-2013-3076
  Mathias Krause discovered an issue in the userspace interface for hash
  algorithms. Local users can gain access to sensitive kernel memory.
• CVE-2013-3222
  Mathias Krause discovered an issue in the Asynchronous Transfer Mode (ATM)
  protocol support. Local users can gain access to sensitive kernel memory.
• CVE-2013-3223
  Mathias Krause discovered an issue in the Amateur Radio AX.25 protocol
  support. Local users can gain access to sensitive kernel memory.
• CVE-2013-3224
  Mathias Krause discovered an issue in the Bluetooth subsystem. Local users
  can gain access to sensitive kernel memory.
• CVE-2013-3225
  Mathias Krause discovered an issue in the Bluetooth RFCOMM protocol
  support. Local users can gain access to sensitive kernel memory.
• CVE-2013-3227
  Mathias Krause discovered an issue in the Communication CPU to Application
  CPU Interface (CAIF). Local users can gain access to sensitive kernel
  memory.
• CVE-2013-3228
  Mathias Krause discovered an issue in the IrDA (infrared) subsystem
  support. Local users can gain access to sensitive kernel memory.
• CVE-2013-3229
  Mathias Krause discovered an issue in the IUCV support on s390 systems.
  Local users can gain access to sensitive kernel memory.
• CVE-2013-3231
  Mathias Krause discovered an issue in the ANSI/IEEE 802.2 LLC type 2
  protocol support. Local users can gain access to sensitive kernel memory.
• CVE-2013-3234
  Mathias Krause discovered an issue in the Amateur Radio X.25 PLP (Rose)
  protocol support. Local users can gain access to sensitive kernel memory.
• CVE-2013-3235
  Mathias Krause discovered an issue in the Transparent Inter Process
  Communication (TIPC) protocol support. Local users can gain access to
  sensitive kernel memory.
• CVE-2013-3301
  Namhyung Kim reported an issue in the tracing subsystem. A privileged
  local user could cause a denial of service (system crash). This
  vulnerabililty is not applicable to Debian systems by default.

For the stable distribution (wheezy), this problem has been fixed in version
3.2.41-2+deb7u1.
Note: Updates are currently available for the amd64, i386, ia64, s390, s390x
and sparc architectures. Updates for the remaining architectures will be
released as they become available.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

We recommend that you upgrade your linux and user-mode-linux packages.
Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or “leap-frog” fashion.