Important CentOS kernel Update

Metadata

high
7.2
kernel-2.6.32-358.6.1.el6.i686.rpm, kernel-2.6.32-358.6.1.el6.src.rpm, kernel-2.6.32-358.6.1.el6.x86_64.rpm, kernel-debug-2.6.32-358.6.1.el6.i686.rpm, kernel-debug-2.6.32-358.6.1.el6.x86_64.rpm, kernel-debug-devel-2.6.32-358.6.1.el6.i686.rpm, kernel-debug-devel-2.6.32-358.6.1.el6.x86_64.rpm, kernel-devel-2.6.32-358.6.1.el6.i686.rpm, kernel-devel-2.6.32-358.6.1.el6.x86_64.rpm, kernel-doc-2.6.32-358.6.1.el6.noarch.rpm, kernel-firmware-2.6.32-358.6.1.el6.noarch.rpm, kernel-headers-2.6.32-358.6.1.el6.i686.rpm, kernel-headers-2.6.32-358.6.1.el6.x86_64.rpm, perf-2.6.32-358.6.1.el6.i686.rpm, perf-2.6.32-358.6.1.el6.x86_64.rpm, python-perf-2.6.32-358.6.1.el6.i686.rpm, python-perf-2.6.32-358.6.1.el6.x86_64.rpm
CVE-2012-6537, CVE-2012-6538, CVE-2012-6546, CVE-2012-6547, CVE-2013-0349, CVE-2013-0913, CVE-2013-1767, CVE-2013-1773, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1826, CVE-2013-1827
rhn.redhat.com, lists.centos.org
2013-04-24
2017-07-27 19:05
ALAS-2013-200
Moderate CentOS kernel Update
Important CentOS kvm Update
CVE-2013-0349 linux
CVE-2013-1796 linux
CVE-2012-6547 linux
CVE-2013-1767 linux
CVE-2012-6537 linux
CVE-2013-1798 linux
CVE-2013-1797 linux
CVE-2013-1826 linux
CVE-2013-1792 linux
CVE-2013-1773 linux
CVE-2013-1774 linux
CVE-2013-1827 linux
CVE-2012-6538 linux
CVE-2012-6546 linux
CVE-2013-0913 linux
CVE-2013-1773
CVE-2013-1774
CVE-2013-1796
CVE-2013-1798
CVE-2013-1826
CVE-2013-1827
CVE-2013-1797
CVE-2013-1792
CVE-2012-6538
CVE-2012-6546
CVE-2012-6547
CVE-2013-0349
CVE-2012-6537
CVE-2013-0913
CVE-2013-1767
2017-04-01 19:07
2017-01-05 20:11

Description


Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Security:

* An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the Intel i915 driver in the Linux kernel handled the
allocation of the buffer used for relocation copies. A local user with
console access could use this flaw to cause a denial of service or escalate
their privileges. (CVE-2013-0913, Important)

* A buffer overflow flaw was found in the way UTF-8 characters were
converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's
FAT file system implementation. A local user able to mount a FAT file
system with the "utf8=1" option could use this flaw to crash the system or,
potentially, to escalate their privileges. (CVE-2013-1773, Important)

* A flaw was found in the way KVM handled guest time updates when the
buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine
state register (MSR) crossed a page boundary. A privileged guest user could
use this flaw to crash the host or, potentially, escalate their privileges,
allowing them to execute arbitrary code at the host kernel level.
(CVE-2013-1796, Important)

* A potential use-after-free flaw was found in the way KVM handled guest
time updates when the GPA (guest physical address) the guest registered by
writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a
movable or removable memory region of the hosting user-space process (by
default, QEMU-KVM) on the host. If that memory region is deregistered from
KVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory
reused, a privileged guest user could potentially use this flaw to
escalate their privileges on the host. (CVE-2013-1797, Important)

* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced
Programmable Interrupt Controller). A missing validation check in the
ioapic_read_indirect() function could allow a privileged guest user to
crash the host, or read a substantial portion of host kernel memory.
(CVE-2013-1798, Important)

* A race condition in install_user_keyrings(), leading to a NULL pointer
dereference, was found in the key management facility. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2013-1792, Moderate)

* A NULL pointer dereference in the XFRM implementation could allow a local
user who has the CAP_NET_ADMIN capability to cause a denial of service.
(CVE-2013-1826, Moderate)

* A NULL pointer dereference in the Datagram Congestion Control Protocol
(DCCP) implementation could allow a local user to cause a denial of
service. (CVE-2013-1827, Moderate)

* Information leak flaws in the XFRM implementation could allow a local
user who has the CAP_NET_ADMIN capability to leak kernel stack memory to
user-space. (CVE-2012-6537, Low)

* Two information leak flaws in the Asynchronous Transfer Mode (ATM)
subsystem could allow a local, unprivileged user to leak kernel stack
memory to user-space. (CVE-2012-6546, Low)

* An information leak was found in the TUN/TAP device driver in the
networking implementation. A local user with access to a TUN/TAP virtual
interface could use this flaw to leak kernel stack memory to user-space.
(CVE-2012-6547, Low)

* An information leak in the Bluetooth implementation could allow a local
user who has the CAP_NET_ADMIN capability to leak kernel stack memory to
user-space. (CVE-2013-0349, Low)

* A use-after-free flaw was found in the tmpfs implementation. A local user
able to mount and unmount a tmpfs file system could use this flaw to cause
a denial of service or, potentially, escalate their privileges.
(CVE-2013-1767, Low)

* A NULL pointer dereference was found in the Linux kernel's USB Inside Out
Edgeport Serial Driver implementation. An attacker with physical access to
a system could use this flaw to cause a denial of service. (CVE-2013-1774,
Low)

Red Hat would like to thank Andrew Honig of Google for reporting
CVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was
discovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.
Please see https://www.redhat.com/footer/terms-of-use.html

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
6 kernel kernel-2.6.32-358.6.1.el6.x86_64.rpm
kernel kernel-2.6.32-358.6.1.el6.i686.rpm
kernel kernel-2.6.32-358.6.1.el6.src.rpm
kernel-debug kernel-debug-2.6.32-358.6.1.el6.i686.rpm
kernel-debug kernel-debug-2.6.32-358.6.1.el6.x86_64.rpm
kernel-debug-devel kernel-debug-devel-2.6.32-358.6.1.el6.x86_64.rpm
kernel-debug-devel kernel-debug-devel-2.6.32-358.6.1.el6.i686.rpm
kernel-devel kernel-devel-2.6.32-358.6.1.el6.i686.rpm
kernel-devel kernel-devel-2.6.32-358.6.1.el6.x86_64.rpm
kernel-doc kernel-doc-2.6.32-358.6.1.el6.noarch.rpm
kernel-firmware kernel-firmware-2.6.32-358.6.1.el6.noarch.rpm
kernel-headers kernel-headers-2.6.32-358.6.1.el6.i686.rpm
kernel-headers kernel-headers-2.6.32-358.6.1.el6.x86_64.rpm
perf perf-2.6.32-358.6.1.el6.i686.rpm
perf perf-2.6.32-358.6.1.el6.x86_64.rpm
python-perf python-perf-2.6.32-358.6.1.el6.i686.rpm
python-perf python-perf-2.6.32-358.6.1.el6.x86_64.rpm