[kernel-sec-discuss] r2950 - dsa-texts
Dann Frazier
dannf at alioth.debian.org
Tue May 14 15:17:30 UTC 2013
Author: dannf
Date: 2013-05-14 15:17:08 +0000 (Tue, 14 May 2013)
New Revision: 2950
Added:
dsa-texts/2.6.32-48squeeze3
Removed:
dsa-texts/2.6.32-48squeeze2
Log:
rename to reflect updated version
Deleted: dsa-texts/2.6.32-48squeeze2
===================================================================
--- dsa-texts/2.6.32-48squeeze2 2013-05-14 15:16:24 UTC (rev 2949)
+++ dsa-texts/2.6.32-48squeeze2 2013-05-14 15:17:08 UTC (rev 2950)
@@ -1,245 +0,0 @@
-----------------------------------------------------------------------
-Debian Security Advisory DSA-XXXX-1 security at debian.org
-http://www.debian.org/security/ Dann Frazier
-May 14, 2013 http://www.debian.org/security/faq
-----------------------------------------------------------------------
-
-Package : linux-2.6
-Vulnerability : privilege escalation/denial of service
-Problem type : local
-Debian-specific: no
-CVE Id(s) : CVE-2012-2121 CVE-2012-3552 CVE-2012-4461 CVE-2012-4508
- CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2012-6542
- CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548
- CVE-2012-6549 CVE-2013-0349 CVE-2013-0914 CVE-2013-1767
- CVE-2013-1773 CVE-2013-1774 CVE-2013-1792 CVE-2013-1796
- CVE-2013-1798 CVE-2013-1826 CVE-2013-1860 CVE-2013-1928
- CVE-2013-1929 CVE-2013-2015 CVE-2013-2634 CVE-2013-3222
- CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3228
- CVE-2013-3229 CVE-2013-3231 CVE-2013-3234 CVE-2013-3235
-
-Several vulnerabilities have been discovered in the Linux kernel that may lead
-to a denial of service or privilege escalation. The Common Vulnerabilities and
-Exposures project identifies the following problems:
-
-CVE-2012-2121
-
- Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU
- mapping of memory slots used in KVM device assignment. Local users with
- the ability to assign devices could cause a denial of service due to a
- memory page leak.
-
-CVE-2012-3552
-
- Hafid Lin reported an issue in the IP network subsystem. A remote user
- can cause a denial of service (system crash) on servers running
- applications that set options on sockets which are actively being
- processed.
-
-CVE-2012-4461
-
- Jon Howell reported a denial of service issue in the KVM subsystem.
- On systems that do not support the XSAVE feature, local users with
- access to the /dev/kvm interface can cause a system crash.
-
-CVE-2012-4508
-CVE-2012-6537
-
- Mathias Krause discovered information leak issues in the Transformation
- user configuration interface. Local users with the CAP_NET_ADMIN capability
- can gain access to sensitive kernel memory.
-
-CVE-2012-6539
-
- Mathias Krause discovered an issue in the networking subsystem. Local
- users on 64-bit systems can gain access to sensitive kernel memory.
-
-CVE-2012-6540
-
- Mathias Krause discovered an issue in the Linux virtual server subsystem.
- Local users can gain access to sensitive kernel memory. Note: this issue
- does not affect Debian provided kernels, but may affect custom kernels
- built from Debian's linux-source-2.6.32 package.
-
-CVE-2012-6542
-
- Mathias Krause discovered an issue in the LLC protocol support code.
- Local users can gain access to sensitive kernel memory.
-
-CVE-2012-6544
-
- Mathias Krause discovered issues in the Bluetooth subsystem.
- Local users can gain access to sensitive kernel memory.
-
-CVE-2012-6545
-
- Mathias Krause discovered issues in the Bluetooth RFCOMM protocol
- support. Local users can gain access to sensitive kernel memory.
-
-CVE-2012-6546
-
- Mathias Krause discovered issues in the ATM networking support. Local
- users can gain access to sensitive kernel memory.
-
-CVE-2012-6548
-
- Mathias Krause discovered an issue in the UDF file system support.
- Local users can obtain access to sensitive kernel memory.
-
-CVE-2012-6549
-
- Mathias Krause discovered an issue in the isofs file system support.
- Local users can obtain access to sensitive kernel memory.
-
-CVE-2013-0349
-
- Anderson Lizardo discovered an issue in the Bluetooth Human Interface
- Device Protocol (HIDP) stack. Local users can obtain access to sensitive
- kernel memory.
-
-CVE-2013-0914
-
- Emese Revfy discovered an issue in the signal implementation. Local
- users maybe able to bypass the address space layout randomization (ASLR)
- facility due to a leaking of information to child processes.
-
-CVE-2013-1767
-
- Greg Thelen reported an issue in the tmpfs virtual memory filesystem.
- Local users with sufficient privilege to mount filesystems can cause
- a denial of service or possibly elevated privileges due to a use-after-
- free defect.
-
-CVE-2013-1773
-
- Alan Stern provided a fix for a defect in the UTF8->UTF16 string conversion
- facility used by the VFAT filesystem. A local user could cause a buffer
- overflow condition, resulting in a denial of service or potentially
- elevated privileges.
-
-CVE-2013-1774
-
- Wolfgang Frisch provided a fix for a NULL-pointer dereference defect
- in the driver for some serial USB devices from Inside Out Networks.
- Local users with permission to access these devices can create a denial
- of service (kernel oops) by causing the device to be removed while it is
- in use.
-
-CVE-2013-1792
-
- Mateusz Guzik of Red Hat EMEA GSS SEG Team discovered a race condition
- in the access key retention support in the kernel. A local user could
- cause a denial of service (NULL pointer dereference).
-
-CVE-2013-1796
-
- Andrew Honig of Google reported an issue in the KVM subsystem. A user in
- a guest operating system could corrupt kernel memory, resulting in a
- denial of service.
-
-CVE-2013-1798
-
- Andrew Honig of Google reported an issue in the KVM subsystem. A user in
- a guest operating system could cause a denial of service due to a use-
- after-free defect.
-
-CVE-2013-1826
-
- Mathias Krause discovered an issue in the Transformation (XFRM) user
- configuration interface of the networking stack. A user with the
- CAP_NET_ADMIN capability maybe able to gain elevated privileges.
-
-CVE-2013-1860
-
- Oliver Neukum discovered an issue in the USB CDC WCM Device Management
- driver. Local users with the ability to attach devices can cause a
- denial of service (kernel crash) or potentially gain elevated privileges.
-
-CVE-2013-1928
-
- Kees Cook provided a fix for an information leak in the
- VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit
- kernel. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-1929
-
- Oded Horovitz and Brad Spengler reported an issue in the device driver for
- Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
- untrusted devices can create an overflow condition, resulting in a denial
- of service or elevated privileges.
-
-CVE-2013-2015
-
- Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local
- users with the ability to mount a specially crafted filesystem can cause
- a denial of service (infinite loop).
-
-CVE-2013-2634
-
- Mathias Krause discovered a few issues in the Data Center Bridging (DCB)
- netlink interface. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3222
-
- Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)
- protocol support. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3223
-
- Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol
- support. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3224
-
- Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users
- can gain access to sensitive kernel memory.
-
-CVE-2013-3225
-
- Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol
- support. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3228
-
- Mathias Krauss discovered an issue in the IrDA (infrared) subsystem
- support. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3229
-
- Mathias Krauss discovered an issue in the IUCV support on s390 systems.
- Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3231
-
- Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2
- protocol support. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3234
-
- Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)
- protocol support. Local users can gain access to sensitive kernel memory.
-
-CVE-2013-3235
-
- Mathias Krauss discovered an issue in the Transparent Inter Process
- Communication (TIPC) protocol support. Local users can gain access to
- sensitive kernel memory.
-
-For the stable distribution (squeeze), this problem has been fixed in version
-2.6.32-48squeeze3.
-
-The following matrix lists additional source packages that were rebuilt for
-compatibility with or to take advantage of this update:
-
- Debian 6.0 (squeeze)
- user-mode-linux 2.6.32-1um-4+48squeeze3
-
-We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
-
-Thanks to Micah Anderson for proof reading this text.
-
-Further information about Debian Security Advisories, how to apply
-these updates to your system and frequently asked questions can be
-found at: http://www.debian.org/security/
-
-Mailing list: debian-security-announce at lists.debian.org
Copied: dsa-texts/2.6.32-48squeeze3 (from rev 2949, dsa-texts/2.6.32-48squeeze2)
===================================================================
--- dsa-texts/2.6.32-48squeeze3 (rev 0)
+++ dsa-texts/2.6.32-48squeeze3 2013-05-14 15:17:08 UTC (rev 2950)
@@ -0,0 +1,245 @@
+----------------------------------------------------------------------
+Debian Security Advisory DSA-XXXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+May 14, 2013 http://www.debian.org/security/faq
+----------------------------------------------------------------------
+
+Package : linux-2.6
+Vulnerability : privilege escalation/denial of service
+Problem type : local
+Debian-specific: no
+CVE Id(s) : CVE-2012-2121 CVE-2012-3552 CVE-2012-4461 CVE-2012-4508
+ CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2012-6542
+ CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548
+ CVE-2012-6549 CVE-2013-0349 CVE-2013-0914 CVE-2013-1767
+ CVE-2013-1773 CVE-2013-1774 CVE-2013-1792 CVE-2013-1796
+ CVE-2013-1798 CVE-2013-1826 CVE-2013-1860 CVE-2013-1928
+ CVE-2013-1929 CVE-2013-2015 CVE-2013-2634 CVE-2013-3222
+ CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3228
+ CVE-2013-3229 CVE-2013-3231 CVE-2013-3234 CVE-2013-3235
+
+Several vulnerabilities have been discovered in the Linux kernel that may lead
+to a denial of service or privilege escalation. The Common Vulnerabilities and
+Exposures project identifies the following problems:
+
+CVE-2012-2121
+
+ Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU
+ mapping of memory slots used in KVM device assignment. Local users with
+ the ability to assign devices could cause a denial of service due to a
+ memory page leak.
+
+CVE-2012-3552
+
+ Hafid Lin reported an issue in the IP network subsystem. A remote user
+ can cause a denial of service (system crash) on servers running
+ applications that set options on sockets which are actively being
+ processed.
+
+CVE-2012-4461
+
+ Jon Howell reported a denial of service issue in the KVM subsystem.
+ On systems that do not support the XSAVE feature, local users with
+ access to the /dev/kvm interface can cause a system crash.
+
+CVE-2012-4508
+CVE-2012-6537
+
+ Mathias Krause discovered information leak issues in the Transformation
+ user configuration interface. Local users with the CAP_NET_ADMIN capability
+ can gain access to sensitive kernel memory.
+
+CVE-2012-6539
+
+ Mathias Krause discovered an issue in the networking subsystem. Local
+ users on 64-bit systems can gain access to sensitive kernel memory.
+
+CVE-2012-6540
+
+ Mathias Krause discovered an issue in the Linux virtual server subsystem.
+ Local users can gain access to sensitive kernel memory. Note: this issue
+ does not affect Debian provided kernels, but may affect custom kernels
+ built from Debian's linux-source-2.6.32 package.
+
+CVE-2012-6542
+
+ Mathias Krause discovered an issue in the LLC protocol support code.
+ Local users can gain access to sensitive kernel memory.
+
+CVE-2012-6544
+
+ Mathias Krause discovered issues in the Bluetooth subsystem.
+ Local users can gain access to sensitive kernel memory.
+
+CVE-2012-6545
+
+ Mathias Krause discovered issues in the Bluetooth RFCOMM protocol
+ support. Local users can gain access to sensitive kernel memory.
+
+CVE-2012-6546
+
+ Mathias Krause discovered issues in the ATM networking support. Local
+ users can gain access to sensitive kernel memory.
+
+CVE-2012-6548
+
+ Mathias Krause discovered an issue in the UDF file system support.
+ Local users can obtain access to sensitive kernel memory.
+
+CVE-2012-6549
+
+ Mathias Krause discovered an issue in the isofs file system support.
+ Local users can obtain access to sensitive kernel memory.
+
+CVE-2013-0349
+
+ Anderson Lizardo discovered an issue in the Bluetooth Human Interface
+ Device Protocol (HIDP) stack. Local users can obtain access to sensitive
+ kernel memory.
+
+CVE-2013-0914
+
+ Emese Revfy discovered an issue in the signal implementation. Local
+ users maybe able to bypass the address space layout randomization (ASLR)
+ facility due to a leaking of information to child processes.
+
+CVE-2013-1767
+
+ Greg Thelen reported an issue in the tmpfs virtual memory filesystem.
+ Local users with sufficient privilege to mount filesystems can cause
+ a denial of service or possibly elevated privileges due to a use-after-
+ free defect.
+
+CVE-2013-1773
+
+ Alan Stern provided a fix for a defect in the UTF8->UTF16 string conversion
+ facility used by the VFAT filesystem. A local user could cause a buffer
+ overflow condition, resulting in a denial of service or potentially
+ elevated privileges.
+
+CVE-2013-1774
+
+ Wolfgang Frisch provided a fix for a NULL-pointer dereference defect
+ in the driver for some serial USB devices from Inside Out Networks.
+ Local users with permission to access these devices can create a denial
+ of service (kernel oops) by causing the device to be removed while it is
+ in use.
+
+CVE-2013-1792
+
+ Mateusz Guzik of Red Hat EMEA GSS SEG Team discovered a race condition
+ in the access key retention support in the kernel. A local user could
+ cause a denial of service (NULL pointer dereference).
+
+CVE-2013-1796
+
+ Andrew Honig of Google reported an issue in the KVM subsystem. A user in
+ a guest operating system could corrupt kernel memory, resulting in a
+ denial of service.
+
+CVE-2013-1798
+
+ Andrew Honig of Google reported an issue in the KVM subsystem. A user in
+ a guest operating system could cause a denial of service due to a use-
+ after-free defect.
+
+CVE-2013-1826
+
+ Mathias Krause discovered an issue in the Transformation (XFRM) user
+ configuration interface of the networking stack. A user with the
+ CAP_NET_ADMIN capability maybe able to gain elevated privileges.
+
+CVE-2013-1860
+
+ Oliver Neukum discovered an issue in the USB CDC WCM Device Management
+ driver. Local users with the ability to attach devices can cause a
+ denial of service (kernel crash) or potentially gain elevated privileges.
+
+CVE-2013-1928
+
+ Kees Cook provided a fix for an information leak in the
+ VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit
+ kernel. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-1929
+
+ Oded Horovitz and Brad Spengler reported an issue in the device driver for
+ Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach
+ untrusted devices can create an overflow condition, resulting in a denial
+ of service or elevated privileges.
+
+CVE-2013-2015
+
+ Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local
+ users with the ability to mount a specially crafted filesystem can cause
+ a denial of service (infinite loop).
+
+CVE-2013-2634
+
+ Mathias Krause discovered a few issues in the Data Center Bridging (DCB)
+ netlink interface. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3222
+
+ Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)
+ protocol support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3223
+
+ Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol
+ support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3224
+
+ Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users
+ can gain access to sensitive kernel memory.
+
+CVE-2013-3225
+
+ Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol
+ support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3228
+
+ Mathias Krauss discovered an issue in the IrDA (infrared) subsystem
+ support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3229
+
+ Mathias Krauss discovered an issue in the IUCV support on s390 systems.
+ Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3231
+
+ Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2
+ protocol support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3234
+
+ Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)
+ protocol support. Local users can gain access to sensitive kernel memory.
+
+CVE-2013-3235
+
+ Mathias Krauss discovered an issue in the Transparent Inter Process
+ Communication (TIPC) protocol support. Local users can gain access to
+ sensitive kernel memory.
+
+For the stable distribution (squeeze), this problem has been fixed in version
+2.6.32-48squeeze3.
+
+The following matrix lists additional source packages that were rebuilt for
+compatibility with or to take advantage of this update:
+
+ Debian 6.0 (squeeze)
+ user-mode-linux 2.6.32-1um-4+48squeeze3
+
+We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
+
+Thanks to Micah Anderson for proof reading this text.
+
+Further information about Debian Security Advisories, how to apply
+these updates to your system and frequently asked questions can be
+found at: http://www.debian.org/security/
+
+Mailing list: debian-security-announce at lists.debian.org
More information about the kernel-sec-discuss
mailing list