kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2013:0496 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth...

USN-1700-2 : linux-ti-omap4 regression

USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Linux kernel's handling of script...

RHEL 6 : xorg-x11-drv-qxl (RHSA-2013:0218)

An updated xorg-x11-drv-qxl package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: xorg-x11-drv-qxl security update

An updated xorg-x11-drv-qxl package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7123 / 7127)

The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.51 which fixes various bugs and security issues. It contains the following feature enhancements : - The cachefiles framework is now supported FATE312793, bnc782369. The userland utilities were published seperately to support this...

FreeBSD Security Advisory FreeBSD-SA-12:08.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:08.linux Security Advisory The FreeBSD Project Topic: Linux compatibility layer input validation error Category: core Module: kernel Announced: 2012-11-22...

FreeBSD-SA-12:08.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:08.linux Security Advisory The FreeBSD Project Topic: Linux compatibility layer input validation error Category: core Module: kernel Announced: 2012-11-22...

Fedora 18 : kernel-3.6.5-2.fc18 (2012-17413)

Linux v3.6.5, latest upstream stable release with fixes across the tree. Fixes CVE-2012-4565 and CVE-2012-4508. Updates kernel module signing to match the upstream kernel, and updates the UEFI secure boot patch set. Note that Tenable Network Security has extracted the preceding description block...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20120905)

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain characte...

UBUNTU-CVE-2012-4398

The requestmodule function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service memory consumption via a crafted application...

Code injection

Tunnelblick 3.3beta20 and earlier relies on argv0 to determine the name of an appropriate 1 kernel module pathname or 2 executable file pathname, which allows local users to gain privileges via an execl system call...

CVE-2012-3485

Tunnelblick 3.3beta20 and earlier relies on argv0 to determine the name of an appropriate 1 kernel module pathname or 2 executable file pathname, which allows local users to gain privileges via an execl system call...

CVE-2012-3485

CVE-2012-3485 affects Tunnelblick 3.3beta20 and earlier. The root cause is that the launcher relies on argv[0] to determine the name of an appropriate kernel module or executable pathname, enabling a local attacker to gain privileges via an execl system call. Public references and connected docum...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20120529)

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : - It was found that the datalen parameter of the sockallocsendpskb function in the Linux kernel's networking implementation was not validated before use. A local...

Scientific Linux Security Update : systemtap on SL5.x i386/x86_64

It was discovered that staprun did not properly sanitize the environment before executing the modprobe command to load an additional kernel module. A local, unprivileged user could use this flaw to escalate their privileges. CVE-2010-4170 It was discovered that staprun did not check if the module...

Scientific Linux Security Update : openafs on SL4.x, SL5.x i386/x86_64

Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors. CVE-2011-0430 The afslinuxlock function in afs/LINUX/osivnodeops.c in the kernel...

Scientific Linux Security Update : yum on SL5.x i386/x86_64

This updated yum package fixes the following bugs : - The nightly yum.cron will spew out alot of information during the add-ons section. The logging level for these information messages was turned up so that it doesn't happen during yum.cron - The kernel-module plugin now detects when yum has...

Scientific Linux Security Update : kvm on SL5.x x86_64

It was found that some structure padding and reserved fields in certain data structures in QEMU-KVM were not initialized properly before being copied to user-space. A privileged host user with access to '/dev/kvm' could use this flaw to leak kernel stack memory to user-space. CVE-2010-3881 This...

Scientific Linux Security Update : conga on SL5.x i386/x86_64

A flaw was found in ricci during a code audit. A remote attacker who is able to connect to ricci could cause ricci to temporarily refuse additional connections, a denial of service CVE-2007-4136. Fixes in this updated package include : - The nodename is now set for manual fencing. - The node log ...

Scientific Linux Security Update : yum on SL5.x i386/x86_64

This updated yum package fixes the following bugs : - The kernel module plugin has been updated to deal with the situation where both a package that has a kernel module such as openafs is being updated at the same time that a kernel is being updated, while an old kernel is being removed. - string...