Branch sisyphus update bulletin.

Package kernel-image-un-def updated to version 3.12.6-alt1 for branch sisyphus in task 110852.

Published: 2013-12-14

BDU:2014-00094

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Severity: HIGH (7.2)

References:

CVE-2013-4587

Published: 2013-12-14

BDU:2014-00095

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Severity: MEDIUM (5.7)

References:

CVE-2013-6367

Published: 2013-12-14
Modified: 2024-11-21

CVE-2013-4587

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Severity: HIGH (7.2)

References:

Published: 2013-12-14
Modified: 2024-11-21

CVE-2013-6367

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Severity: MEDIUM (5.7)

References:

Published: 2013-12-14
Modified: 2024-11-21

CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Severity: MEDIUM (6.2)

References:

Published: 2013-12-14
Modified: 2024-11-21

CVE-2013-6376

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Severity: MEDIUM (5.2)

References:

Package gnupg updated to version 1.4.16-alt1 for branch sisyphus in task 110930.

Published: 2014-01-08

BDU:2015-07748

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному злоумышленнику нарушить целостность и доступность защищаемой информации

Severity: MEDIUM (5.8)

References:

Published: 2014-01-08

BDU:2015-07749

Severity: MEDIUM (5.8)

References:

Published: 2014-01-08

BDU:2015-09067

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить целостность и доступность защищаемой информации

Severity: MEDIUM (5.8)

References:

Published: 2014-01-08

BDU:2015-09068

Severity: MEDIUM (5.8)

References:

Published: 2013-12-21
Modified: 2024-11-21

CVE-2013-4576

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE.

Severity: LOW (2.1)

References:

Version: 2.1.1

Branch sisyphus update on 2013-12-24

ALT-BU-2013-1456-1

ALT-PU-2013-1312-1

Closed vulnerabilities

BDU:2014-00094

BDU:2014-00095

CVE-2013-4587

CVE-2013-6367

CVE-2013-6368

CVE-2013-6376

ALT-PU-2013-1314-1

Closed vulnerabilities

BDU:2015-07748

BDU:2015-07749

BDU:2015-09067

BDU:2015-09068

CVE-2013-4576