6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
65.5%
Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4
kernel. These custom kernel packages include support for network
namespaces; this support is required to facilitate advanced OpenStack
Networking deployments.
A flaw was found in the way the Linux kernel’s TCP/IP protocol suite
implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2013-4162, Moderate)
An information leak flaw was found in the way the Linux kernel’s device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible. (CVE-2013-4299,
Moderate)
Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.
This update also fixes the following bug:
In addition, this update adds the following enhancements:
This update adds support for Distributed Overlay Virtual Ethernet (DOVE).
(BZ#1009025)
This update adds support for Virtual Extensible LAN (VXLAN) as an Open
vSwitch (OVS) tunneling type. (BZ#1009006)
More information on the Red Hat Enterprise Linux 6.4 kernel packages upon
which these custom kernel packages are based is available in
RHSA-2013:1436:
https://rhn.redhat.com/errata/RHSA-2013-1436.html
All Red Hat OpenStack 3.0 users deploying the OpenStack Networking service
are advised to install these updated packages.