Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme im Kernel
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme im Kernel
ID: MDVSA-2013:242
Distribution: Mandriva
Plattformen: Mandriva Business Server 1.0
Datum: Fr, 27. September 2013, 06:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4254
Applikationen: Linux

Originalnachricht

This is a multi-part message in MIME format...

------------=_1380197742-3327-2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:242
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : kernel
Date : September 26, 2013
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in the Linux
kernel:

Multiple array index errors in drivers/hid/hid-core.c in the Human
Interface Device (HID) subsystem in the Linux kernel through 3.11
allow physically proximate attackers to execute arbitrary code or
cause a denial of service (heap memory corruption) via a crafted
device that provides an invalid Report ID (CVE-2013-2888).

drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem
in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled,
allows physically proximate attackers to cause a denial of service
(heap-based out-of-bounds write) via a crafted device (CVE-2013-2889).

drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in
the Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled,
allows physically proximate attackers to cause a denial of service
(heap-based out-of-bounds write) via a crafted device (CVE-2013-2892).

The Human Interface Device (HID) subsystem in the Linux kernel
through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or
CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate
attackers to cause a denial of service (heap-based out-of-bounds
write) via a crafted device, related to (1) drivers/hid/hid-lgff.c,
(2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c
(CVE-2013-2893).

drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID)
subsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ
is enabled, allows physically proximate attackers to cause a denial
of service (NULL pointer dereference and OOPS) or obtain sensitive
information from kernel memory via a crafted device (CVE-2013-2895).

drivers/hid/hid-ntrig.c in the Human Interface Device (HID)
subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG
is enabled, allows physically proximate attackers to cause a denial
of service (NULL pointer dereference and OOPS) via a crafted device
(CVE-2013-2896).

Multiple array index errors in drivers/hid/hid-multitouch.c in the
Human Interface Device (HID) subsystem in the Linux kernel through
3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate
attackers to cause a denial of service (heap memory corruption, or NULL
pointer dereference and OOPS) via a crafted device (CVE-2013-2897).

drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID)
subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD
is enabled, allows physically proximate attackers to cause a denial
of service (NULL pointer dereference and OOPS) via a crafted device
(CVE-2013-2899).

The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6
implementation in the Linux kernel through 3.10.3 makes an incorrect
function call for pending data, which allows local users to cause a
denial of service (BUG and system crash) via a crafted application that
uses the UDP_CORK option in a setsockopt system call (CVE-2013-4162).

The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6
implementation in the Linux kernel through 3.10.3 does not properly
maintain information about whether the IPV6_MTU setsockopt option
had been specified, which allows local users to cause a denial of
service (BUG and system crash) via a crafted application that uses
the UDP_CORK option in a setsockopt system call (CVE-2013-4163).

The validate_event function in arch/arm/kernel/perf_event.c in the
Linux kernel before 3.10.8 on the ARM platform allows local users to
gain privileges or cause a denial of service (NULL pointer dereference
and system crash) by adding a hardware event to an event group led
by a software event (CVE-2013-4254

The updated packages provides a solution for these security issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4254
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
8d1134181d478c0a1c6dbf1449991b6b
mbs1/x86_64/cpupower-3.4.62-1.1.mbs1.x86_64.rpm
37937e41c97631fd97ff33d9b9ba5814
mbs1/x86_64/kernel-firmware-3.4.62-1.1.mbs1.noarch.rpm
96e1efeb3d657e3c3e59abadca7a415d
mbs1/x86_64/kernel-headers-3.4.62-1.1.mbs1.x86_64.rpm
47b765b1d8710bfb333a613b03a56161
mbs1/x86_64/kernel-server-3.4.62-1.1.mbs1.x86_64.rpm
9af9dd38b2a551cc63c029384d0a0e72
mbs1/x86_64/kernel-server-devel-3.4.62-1.1.mbs1.x86_64.rpm
14be9b94085e9a01dd9cca95e38a2818
mbs1/x86_64/kernel-source-3.4.62-1.mbs1.noarch.rpm
7e72ba0f7bce7ccbdb1470d3426ed019
mbs1/x86_64/lib64cpupower0-3.4.62-1.1.mbs1.x86_64.rpm
296ebc6c41bfde917caea75bf3c0ba68
mbs1/x86_64/lib64cpupower-devel-3.4.62-1.1.mbs1.x86_64.rpm
5cba7555d3490eee675d47e719cfa37e mbs1/x86_64/perf-3.4.62-1.1.mbs1.x86_64.rpm
f9854e12b7264dfeb6751a92b22ee4ff mbs1/SRPMS/cpupower-3.4.62-1.1.mbs1.src.rpm
d3574b371323d22eca16bf6cb2d73334
mbs1/SRPMS/kernel-firmware-3.4.62-1.1.mbs1.src.rpm
6310fd3a2872494bdbbd0c69960dc8b1
mbs1/SRPMS/kernel-headers-3.4.62-1.1.mbs1.src.rpm
c2b2de6ae43dc8cba2678adc445deabd
mbs1/SRPMS/kernel-server-3.4.62-1.1.mbs1.src.rpm
861c839b28c73378727f35801629489d
mbs1/SRPMS/kernel-source-3.4.62-1.mbs1.src.rpm
6859e841effe9ae2528f9a65dd57dd41 mbs1/SRPMS/perf-3.4.62-1.1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFSQ/oSmqjQ0CJFipgRAhgmAKDb8jFGiWgtokzIyLZDCTjPdqtQpgCg3cNj
ofWbH+ulXdyYbr/wkrRj5uI=
=sNPZ
-----END PGP SIGNATURE-----


------------=_1380197742-3327-2
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1380197742-3327-2--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung