Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme im Kernel
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme im Kernel
ID: FEDORA-2013-23445
Distribution: Fedora
Plattformen: Fedora 20
Datum: So, 22. Dezember 2013, 20:14
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6405
Applikationen: Linux

Originalnachricht

Name        : kernel
Product : Fedora 20
Version : 3.12.5
Release : 302.fc20
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

-------------------------------------------------------------------------------
-
Update Information:

The 3.12.5 kernel contains support for new devices, and a number of bug fixes
across the tree.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Dec 17 2013 Josh Boyer <jwboyer@fedoraproject.org> - 3.12.5-302
- Add patch to avoid using queued trim on M500 SSD (rhbz 1024002)
* Mon Dec 16 2013 Josh Boyer <jwboyer@fedoraproject.org>
- Fix host lockup in bridge code when starting from virt guest (rhbz 1025770)
* Fri Dec 13 2013 Josh Boyer <jwboyer@fedoraproject.org> 3.12.5-301
- More keys fixes from upstream to fix keyctl_get_persisent crash (rhbz
1043033)
* Fri Dec 13 2013 Justin M. Forbes <jforbes@fedoraproject.org - 3.12.5-300
- Linux v3.12.5 rebase
* Thu Dec 12 2013 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2013-4587 kvm: out-of-bounds access (rhbz 1030986 1042071)
- CVE-2013-6376 kvm: BUG_ON in apic_cluster_id (rhbz 1033106 1042099)
- CVE-2013-6368 kvm: cross page vapic_addr access (rhbz 1032210 1042090)
- CVE-2013-6367 kvm: division by 0 in apic_get_tmcct (rhbz 1032207 1042081)
* Wed Dec 11 2013 Josh Boyer <jwboyer@fedoraproject.org>
- Add patches to support ETPS/2 Elantech touchpads (rhbz 1030802)
* Tue Dec 10 2013 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2013-XXXX net: memory leak in recvmsg (rhbz 1039845 1039874)
* Fri Dec 6 2013 Peter Robinson <pbrobinson@fedoraproject.org>
- Fix up ARM usb gadget config to make it useful
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1030986 - CVE-2013-4587 kernel: kvm: rtc_status.dest_map
out-of-bounds access
https://bugzilla.redhat.com/show_bug.cgi?id=1030986
[ 2 ] Bug #1033106 - CVE-2013-6376 kernel: kvm: BUG_ON() in apic_cluster_id()
https://bugzilla.redhat.com/show_bug.cgi?id=1033106
[ 3 ] Bug #1032210 - CVE-2013-6368 kvm: cross page vapic_addr access
https://bugzilla.redhat.com/show_bug.cgi?id=1032210
[ 4 ] Bug #1032207 - CVE-2013-6367 kvm: division by zero in apic_get_tmcct()
https://bugzilla.redhat.com/show_bug.cgi?id=1032207
[ 5 ] Bug #1039845 - Kernel: net: information leak in recvmsg handler
msg_name & msg_namelen logic
https://bugzilla.redhat.com/show_bug.cgi?id=1039845
[ 6 ] Bug #1035875 - CVE-2013-6405 Kernel: net: leakage of uninitialized
memory to user-space via recv syscalls
https://bugzilla.redhat.com/show_bug.cgi?id=1035875
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung