6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
88.5%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
A flaw was found in the way the Linux kernel handled the creation of
temporary IPv6 addresses. If the IPv6 privacy extension was enabled
(/proc/sys/net/ipv6/conf/eth0/use_tempaddr is set to ‘2’), an attacker on
the local network could disable IPv6 temporary address generation, leading
to a potential information disclosure. (CVE-2013-0343, Moderate)
An information leak flaw was found in the way Linux kernel’s device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible. (CVE-2013-4299,
Moderate)
An off-by-one flaw was found in the way the ANSI CPRNG implementation in
the Linux kernel processed non-block size aligned requests. This could lead
to random numbers being generated with less bits of entropy than expected
when ANSI CPRNG was used. (CVE-2013-4345, Moderate)
An information leak flaw was found in the way Xen hypervisor emulated the
OUTS instruction for 64-bit paravirtualized guests. A privileged guest user
could use this flaw to leak hypervisor stack memory to the guest.
(CVE-2013-4368, Moderate)
Red Hat would like to thank Fujitsu for reporting CVE-2013-4299, Stephan
Mueller for reporting CVE-2013-4345, and the Xen project for reporting
CVE-2013-4368.
This update also fixes the following bug:
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | ppc64 | kernel-headers | < 2.6.18-371.1.2.el5 | kernel-headers-2.6.18-371.1.2.el5.ppc64.rpm |
RedHat | 5 | ppc | kernel-headers | < 2.6.18-371.1.2.el5 | kernel-headers-2.6.18-371.1.2.el5.ppc.rpm |
RedHat | 5 | ia64 | kernel-debug-devel | < 2.6.18-371.1.2.el5 | kernel-debug-devel-2.6.18-371.1.2.el5.ia64.rpm |
RedHat | 5 | x86_64 | kernel-debuginfo-common | < 2.6.18-371.1.2.el5 | kernel-debuginfo-common-2.6.18-371.1.2.el5.x86_64.rpm |
RedHat | 5 | s390x | kernel-debuginfo | < 2.6.18-371.1.2.el5 | kernel-debuginfo-2.6.18-371.1.2.el5.s390x.rpm |
RedHat | 5 | i686 | kernel-debuginfo | < 2.6.18-371.1.2.el5 | kernel-debuginfo-2.6.18-371.1.2.el5.i686.rpm |
RedHat | 5 | s390x | kernel-debuginfo-common | < 2.6.18-371.1.2.el5 | kernel-debuginfo-common-2.6.18-371.1.2.el5.s390x.rpm |
RedHat | 5 | ia64 | kernel-debug-debuginfo | < 2.6.18-371.1.2.el5 | kernel-debug-debuginfo-2.6.18-371.1.2.el5.ia64.rpm |
RedHat | 5 | s390x | kernel-debug | < 2.6.18-371.1.2.el5 | kernel-debug-2.6.18-371.1.2.el5.s390x.rpm |
RedHat | 5 | s390x | kernel-kdump-devel | < 2.6.18-371.1.2.el5 | kernel-kdump-devel-2.6.18-371.1.2.el5.s390x.rpm |