|Category:||Red Hat Local Security Checks|
|Title:||RedHat Update for kernel RHSA-2013:0168-01|
|Summary:||The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.
The kernel packages contain the Linux kernel, the core of any Linux
This update fixes the following security issues:
* It was found that the Xen hypervisor implementation did not perform
range checking on the guest provided values in multiple hypercalls. A
privileged guest user could use this flaw to trigger long loops, leading
to a denial of service (Xen hypervisor hang). (CVE-2012-5515, Moderate)
* A flaw was found in the way the Linux kernel's IPv6 implementation
handled overlapping, fragmented IPv6 packets. A remote attacker could
potentially use this flaw to bypass protection mechanisms (such as a
firewall or intrusion detection system (IDS)) when sending network packets
to a target system. (CVE-2012-4444, Low)
Red Hat would like to thank the Xen project for reporting CVE-2012-5515,
and Antonios Atlasis working with Beyond Security's SecuriTeam Secure
Disclosure program and Loganaden Velvindron of AFRINIC for reporting
This update also fixes several bugs. Space precludes documenting all of
these changes in this advisory. Documentation for these changes will be
available shortly from the Red Hat Enterprise Linux 5.9 Technical Notes
document linked to in the References section.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
kernel on Red Hat Enterprise Linux (v. 5 server)
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-1568|
Common Vulnerability Exposure (CVE) ID: CVE-2012-4444
RedHat Security Advisories: RHSA-2012:1580
SuSE Security Announcement: SUSE-SU-2013:0856 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-5515
BugTraq ID: 56798
Debian Security Information: DSA-2582 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:1606 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:1615 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0470 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1685 (Google Search)
SuSE Security Announcement: openSUSE-SU-2012:1687 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0133 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0636 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0637 (Google Search)
XForce ISS Database: xen-extentorder-dos(80479)
|Copyright||Copyright (c) 2013 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.