4.6 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:H/Au:N/C:N/I:N/A:C
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Linux kernelβs Event Poll (epoll) subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-1083, Moderate) * A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client. (CVE-2011-4131, Moderate) Red Hat would like to thank Nelson Elhage for reporting CVE-2011-1083, and Andy Adamson for reporting CVE-2011-4131. This update also fixes several hundred bugs and adds enhancements. Refer to the Red Hat Enterprise Linux 6.3 Release Notes for information on the most significant of these changes, and the Technical Notes for further information, both linked to in the References. All Red Hat Enterprise Linux 6 users are advised to install these updated packages, which correct these issues, and fix the bugs and add the enhancements noted in the Red Hat Enterprise Linux 6.3 Release Notes and Technical Notes. The system must be rebooted for this update to take effect.
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bf118a342f10dafe44b14451a1392c3254629a1f
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bf118a342f10dafe44b14451a1392c3254629a1f
lists.fedoraproject.org/pipermail/package-announce/2012-May/081280.html
lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
rhn.redhat.com/errata/RHSA-2012-0862.html
rhn.redhat.com/errata/RHSA-2012-1541.html
secunia.com/advisories/48898
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2
www.openwall.com/lists/oss-security/2011/11/12/1
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=542378
bugzilla.redhat.com/show_bug.cgi?id=596419
bugzilla.redhat.com/show_bug.cgi?id=623913
bugzilla.redhat.com/show_bug.cgi?id=624189
bugzilla.redhat.com/show_bug.cgi?id=624756
bugzilla.redhat.com/show_bug.cgi?id=645365
bugzilla.redhat.com/show_bug.cgi?id=694801
bugzilla.redhat.com/show_bug.cgi?id=726369
bugzilla.redhat.com/show_bug.cgi?id=727700
bugzilla.redhat.com/show_bug.cgi?id=729586
bugzilla.redhat.com/show_bug.cgi?id=735105
bugzilla.redhat.com/show_bug.cgi?id=738151
bugzilla.redhat.com/show_bug.cgi?id=745713
bugzilla.redhat.com/show_bug.cgi?id=745775
bugzilla.redhat.com/show_bug.cgi?id=745952
bugzilla.redhat.com/show_bug.cgi?id=746929
bugzilla.redhat.com/show_bug.cgi?id=747034
bugzilla.redhat.com/show_bug.cgi?id=747106
bugzilla.redhat.com/show_bug.cgi?id=749117
bugzilla.redhat.com/show_bug.cgi?id=752137
bugzilla.redhat.com/show_bug.cgi?id=755046
bugzilla.redhat.com/show_bug.cgi?id=756307
bugzilla.redhat.com/show_bug.cgi?id=757040
bugzilla.redhat.com/show_bug.cgi?id=758707
bugzilla.redhat.com/show_bug.cgi?id=766554
bugzilla.redhat.com/show_bug.cgi?id=767992
bugzilla.redhat.com/show_bug.cgi?id=769652
bugzilla.redhat.com/show_bug.cgi?id=770250
bugzilla.redhat.com/show_bug.cgi?id=772317
bugzilla.redhat.com/show_bug.cgi?id=772874
bugzilla.redhat.com/show_bug.cgi?id=773219
bugzilla.redhat.com/show_bug.cgi?id=773705
bugzilla.redhat.com/show_bug.cgi?id=781524
bugzilla.redhat.com/show_bug.cgi?id=784351
bugzilla.redhat.com/show_bug.cgi?id=784856
bugzilla.redhat.com/show_bug.cgi?id=786149
bugzilla.redhat.com/show_bug.cgi?id=786610
bugzilla.redhat.com/show_bug.cgi?id=786693
bugzilla.redhat.com/show_bug.cgi?id=788562
bugzilla.redhat.com/show_bug.cgi?id=790418
bugzilla.redhat.com/show_bug.cgi?id=790961
bugzilla.redhat.com/show_bug.cgi?id=796099
bugzilla.redhat.com/show_bug.cgi?id=799075
bugzilla.redhat.com/show_bug.cgi?id=800041
bugzilla.redhat.com/show_bug.cgi?id=801111
bugzilla.redhat.com/show_bug.cgi?id=803132
bugzilla.redhat.com/show_bug.cgi?id=803187
bugzilla.redhat.com/show_bug.cgi?id=803239
bugzilla.redhat.com/show_bug.cgi?id=803620
bugzilla.redhat.com/show_bug.cgi?id=807215
bugzilla.redhat.com/show_bug.cgi?id=807354
bugzilla.redhat.com/show_bug.cgi?id=808571
bugzilla.redhat.com/show_bug.cgi?id=809231
bugzilla.redhat.com/show_bug.cgi?id=810222
bugzilla.redhat.com/show_bug.cgi?id=811669
bugzilla.redhat.com/show_bug.cgi?id=812259
bugzilla.redhat.com/show_bug.cgi?id=813550
bugzilla.redhat.com/show_bug.cgi?id=813678
bugzilla.redhat.com/show_bug.cgi?id=813948
bugzilla.redhat.com/show_bug.cgi?id=814302
bugzilla.redhat.com/show_bug.cgi?id=815751
bugzilla.redhat.com/show_bug.cgi?id=815785
bugzilla.redhat.com/show_bug.cgi?id=816099
bugzilla.redhat.com/show_bug.cgi?id=816569
bugzilla.redhat.com/show_bug.cgi?id=817236
bugzilla.redhat.com/show_bug.cgi?id=818371
bugzilla.redhat.com/show_bug.cgi?id=820507
bugzilla.redhat.com/show_bug.cgi?id=822189
bugzilla.redhat.com/show_bug.cgi?id=824287
docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/6.3_Release_Notes/index.html
docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Technical_Notes/kernel.html#RHSA-2012-0862
github.com/torvalds/linux/commit/bf118a342f10dafe44b14451a1392c3254629a1f
rhn.redhat.com/errata/RHSA-2012-0862.html