ALT-BU-2013-1456-2

Branch sisyphus update bulletin.

Package kernel-image-un-def updated to version 3.12.6-alt1 for branch sisyphus in task 110852.

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

References:

CVE-2013-4587

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

Severity: MEDIUM (5.7)Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

References:

CVE-2013-6367

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

References:

The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value.

Severity: MEDIUM (5.7)Vector: AV:A/AC:M/Au:N/C:N/I:N/A:C

References:

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.

Severity: MEDIUM (6.2)Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

References:

The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR write operation in x2apic mode.

Severity: MEDIUM (5.2)Vector: AV:A/AC:M/Au:S/C:N/I:N/A:C

References:

Package gnupg updated to version 1.4.16-alt1 for branch sisyphus in task 110930.

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая удаленному злоумышленнику нарушить целостность и доступность защищаемой информации

Severity: MEDIUM (5.8)Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

References:

Severity: MEDIUM (5.8)Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

References:

Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить целостность и доступность защищаемой информации

Severity: MEDIUM (5.8)Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

References:

Severity: MEDIUM (5.8)Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

References:

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE.

Severity: LOW (2.1)Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

References:

Package kernel-image-std-def updated to version 3.10.25-alt1 for branch sisyphus in task 110919.

Уязвимость операционной системы Linux, позволяющая злоумышленнику повысить свои привилегии

Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

References:

CVE-2013-4587

Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.

Severity: HIGH (7.2)Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

References:

Version: 2.1.2

Branch sisyphus update on 2013-12-24

ALT-BU-2013-1456-2

ALT-PU-2013-1312-1

Closed vulnerabilities

BDU:2014-00094

BDU:2014-00095

CVE-2013-4587

CVE-2013-6367

CVE-2013-6368

CVE-2013-6376

ALT-PU-2013-1314-1

Closed vulnerabilities

BDU:2015-07748

BDU:2015-07749

BDU:2015-09067

BDU:2015-09068

CVE-2013-4576

ALT-PU-2013-1482-1

Closed vulnerabilities

BDU:2014-00094

CVE-2013-4587