unbreakable enterprise kernel security update

kernel-uek 2.6.32-400.33.4uek - kernel/signal.c: stop info leak via the tkill and the tgkill syscalls Emese Revfy Orabug: 17951083 CVE-2013-2141 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic...

kernel security, bug fix, and enhancement update

2.6.32-431.1.2 - x86 kvm: fix cross page vapicaddr access Paolo Bonzini 1032214 1032215 CVE-2013-6368 - x86 kvm: fix division by zero in apicgettmcct Paolo Bonzini 1032212 1032213 CVE-2013-6367 2.6.32-431.1.1 - netdrv mlx4en: Check device state when setting coalescing Amir Vadai 1032395 975908 -...

Unbreakable Enterprise Kernel security update

2.6.39-400.211.2 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook Orabug: 17842208 CVE-2013-1928 - Bluetooth: RFCOMM - Fix info leak via getsockname Mathias Krause Orabug: 17842129 CVE-2012-6545 - Bluetooth: RFCOMM - Fix info leak in ioctlRFCOMMGETDEVLIST Mathias Krause Orabug...

Unbreakable Enterprise Kernel security update

3.8.13-16.2.2.el6uek - HID: pantherlord: validate output report details Kees Cook Orabug: 17841973 CVE-2013-2892 - HID: zeroplus: validate output report details Kees Cook Orabug: 17841968 CVE-2013-2889 - HID: provide a helper for validating hid reports Kees Cook Orabug: 17841968 CVE-2013-2889 -...

MGASA-2013-0343 Updated kernel-linus package fixes security vulnerabilites.

This kernel-linus update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attacker...

MGASA-2013-0342 Updated kernel package fixes security vulnerabilites.

This kernel update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix two security issues, one bug, and add two enhancements are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

CVE-2013-5174

Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service system crash via a crafted tty read operation...

Design/Logic Flaw

The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the 1 msgctl API or 2 segctl API...

FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FreeBSD-SA-13:09.ipmulticast Security Advisory The FreeBSD Project Topic: integer overflow in IPMSFILTER Category: core Module: kernel Announced: 2013-08-22 Credits: Clement Lecigne Google Security Team Affects: All supported versions of FreeBSD...

USN-1930-1: Linux kernel (OMAP4) vulnerabilities

An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2148 Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local...

unbreakable enterprise kernel security update

kernel-uek 2.6.32-400.29.2uek - Bluetooth: RFCOMM - Fix missing msgnamelen update in rfcommsockrecvmsg Mathias Krause Orabug: 17173824 CVE-2013-3225 - Bluetooth: fix possible info leak in btsockrecvmsg Mathias Krause Orabug: 17173824 CVE-2013-3224 - atm: update msgnamelen in vccrecvmsg Mathias...

Oracle Linux 5 : kernel (ELSA-2013-0621-1)

From Red Hat Security Advisory 2013:0621 : Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score,...

Oracle Linux 5 : Important: / kernel (ELSA-2007-0347)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0347 advisory. 2.6.18-8.1.4.0.1.el5 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 -Add entropy module option to e1000 John...

kernel security and bug fix update

kernel 2.6.18-348.12.1 - Revert: fs afs: export a couple of core functions for AFS write support Lukas Czerner 960014 692071 - Revert: fs ext4: drop ectype from the ext4extcache structure Lukas Czerner 960014 692071 - Revert: fs ext4: handle NULL pext in ext4extnextallocatedblock Lukas Czerner...

Unbreakable Enterprise kernel Security update

2.6.39-400.109.1 - while removing a non-empty directory, the kernel dumps a message: rmdir,21743,1:ocfs2unlink:953 ERROR: status = -39 Xiaowei.Hu Orabug: 16790405 - stop mig handler when lockres in progress ,and return -EAGAIN Xiaowei.Hu Orabug: 16876446 2.6.39-400.108.1 - Revert 'dlmglue race...

CVE-2013-2850

CVE-2013-2850: Heap-based buffer overflow in the Linux kernel’s iSCSI target subsystem (iscsi_add_notunderstood_response in drivers/target/iscsi/iscsi_target_parameters.c) affects kernel versions up to 3.9.4. The flaw can allow remote attackers to trigger memory corruption and OOPS, with potentia...

kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set

The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service kernel OOPS by using the KVMSETSREGS ioctl to set the X86CR4OSXSAVE bit in the guest cr4 register, then calling the KVMRUN ioctl...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...