| Description: | Summary:
The remote host is missing an update for the 'kernel-vserver' package(s) announced via the MGASA-2013-0375 advisory.
Vulnerability Insight:
This kernel-vserver update provides an update to the 3.10 longterm branch,
currently 3.10.24 and fixes the following security issues:
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux
kernel through 3.10 does not properly handle problems with the generation
of IPv6 temporary addresses, which allows remote attackers to cause a
denial of service (excessive retries and address-generation outage), and
consequently obtain sensitive information, via ICMPv6 Router Advertisement
(RA) messages. (CVE-2013-0343)
net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact via an auth_reply
message that triggers an attempted build_request operation.
(CVE-2013-1059)
The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in
the Xen blkback implementation in the Linux kernel before 3.10.5 allows
guest OS users to cause a denial of service (data loss) via filesystem
write operations on a read-only disk that supports the (1)
BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.
(CVE-2013-2140)
The HP Smart Array controller disk-array driver and Compaq SMART2
controller disk-array driver in the Linux kernel through 3.9.4 do not
initialize certain data structures, which allows local users to obtain
sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO
command for a /dev/ida device, related to the ida_locked_ioctl function in
drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a
/dev/cciss device, related to the cciss_ioctl32_passthru function in
drivers/block/cciss.c. (CVE-2013-2147)
Format string vulnerability in the register_disk function in block/genhd.c
in the Linux kernel through 3.9.4 allows local users to gain privileges by
leveraging root access and writing format string specifiers to
/sys/module/md_mod/parameters/new_array in order to create a crafted
/dev/md device name. (CVE-2013-2851)
Multiple array index errors in drivers/hid/hid-core.c in the Human
Interface Device (HID) subsystem in the Linux kernel through 3.11
allow physically proximate attackers to execute arbitrary code or
cause a denial of service (heap memory corruption) via a crafted
device that provides an invalid Report ID (CVE-2013-2888).
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem
in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled,
allows physically proximate attackers to cause a denial of service
(heap-based out-of-bounds write) via a crafted device (CVE-2013-2889).
drivers/hid/hid-steelseries.c in the Human Interface Device (HID)
subsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is
enabled, allows physically proximate attackers to cause a denial of
service (heap-based out-of-bounds write) via a crafted ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'kernel-vserver' package(s) on Mageia 3.
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
