New Search

ELSA-2013-1292-1 -- kernel security and bug fix update (moderate)

oval:org.mitre.oval:def:27491

This update fixes the following security issues: * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local unprivileged user could use this flaw to cause a denial of service or potentially escalate their privileges. (CVE-2012-3511 Moderate) * A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local unprivileged user could use this flaw to cause a denial of service. (CVE-2013-4162 Moderate) * An information leak flaw in the Linux kernel could allow a local unprivileged user to leak kernel memory to user-space.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
Class:
patch
Reference(s):
  • ELSA-2013-1292-1
  • CVE-2012-3511
  • CVE-2013-2141
  • CVE-2013-4162
Product(s):
  • ocfs2
  • kernel-devel
  • kernel-PAE
  • kernel-xen-devel
  • kernel-debug-devel
  • kernel-debug
  • kernel-doc
  • kernel-PAE-devel
  • oracleasm
  • kernel-xen
  • kernel-headers
  • kernel