ALT-PU-2014-1027-1
Package kernel-image-ovz-el updated to version 2.6.32-alt109 for branch t7 in task 111646.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-2141
The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
- openSUSE-SU-2013:1971
- openSUSE-SU-2013:1971
- RHSA-2013:1801
- RHSA-2013:1801
- 55055
- 55055
- DSA-2766
- DSA-2766
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
- MDVSA-2013:176
- MDVSA-2013:176
- [oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill
- [oss-security] 20130604 Re: CVE Request: kernel info leak in tkill/tgkill
- USN-1899-1
- USN-1899-1
- USN-1900-1
- USN-1900-1
- https://bugzilla.redhat.com/show_bug.cgi?id=970873
- https://bugzilla.redhat.com/show_bug.cgi?id=970873
- https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
- https://github.com/torvalds/linux/commit/b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f
Modified: 2024-11-21
CVE-2013-4470
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e93b7d748be887cd7639b113ba7d7ef792a7efb9
- SUSE-SU-2014:0459
- SUSE-SU-2014:0459
- RHSA-2013:1801
- RHSA-2013:1801
- RHSA-2014:0100
- RHSA-2014:0100
- RHSA-2014:0284
- RHSA-2014:0284
- [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO
- [oss-security] 20131025 Re: CVE request: Linux kernel: net: memory corruption with UDP_CORK and UFO
- 63359
- 63359
- USN-2040-1
- USN-2040-1
- USN-2042-1
- USN-2042-1
- USN-2043-1
- USN-2043-1
- USN-2044-1
- USN-2044-1
- USN-2046-1
- USN-2046-1
- USN-2049-1
- USN-2049-1
- USN-2050-1
- USN-2050-1
- USN-2066-1
- USN-2066-1
- USN-2067-1
- USN-2067-1
- USN-2069-1
- USN-2069-1
- USN-2073-1
- USN-2073-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1023477
- https://bugzilla.redhat.com/show_bug.cgi?id=1023477
- https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- https://github.com/torvalds/linux/commit/c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b
- https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9
- https://github.com/torvalds/linux/commit/e93b7d748be887cd7639b113ba7d7ef792a7efb9
- https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2
- https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2