CWE
119 190 476
Advisory Published

RHSA-2011:0007: Important: kernel security and bug fix update

First published: Tue Jan 11 2011(Updated: )

<li> Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable</li> permissions (which it does not, by default, on Red Hat Enterprise Linux 6),<br>a local, unprivileged user could use this flaw to cause a denial of service<br>or possibly escalate their privileges. (CVE-2010-2492, Important)<br><li> Integer overflow in the RDS protocol implementation could allow a local,</li> unprivileged user to cause a denial of service or escalate their<br>privileges. (CVE-2010-3865, Important)<br><li> Missing boundary checks in the PPP over L2TP sockets implementation could</li> allow a local, unprivileged user to cause a denial of service or escalate<br>their privileges. (CVE-2010-4160, Important)<br><li> NULL pointer dereference in the igb driver. If both Single Root I/O</li> Virtualization (SR-IOV) and promiscuous mode were enabled on an interface<br>using igb, it could result in a denial of service when a tagged VLAN packet<br>is received on that interface. (CVE-2010-4263, Important)<br><li> Missing initialization flaw in the XFS file system implementation, and in</li> the network traffic policing implementation, could allow a local,<br>unprivileged user to cause an information leak. (CVE-2010-3078,<br>CVE-2010-3477, Moderate)<br><li> NULL pointer dereference in the Open Sound System compatible sequencer</li> driver could allow a local, unprivileged user with access to /dev/sequencer<br>to cause a denial of service. /dev/sequencer is only accessible to root and<br>users in the audio group by default. (CVE-2010-3080, Moderate)<br><li> Flaw in the ethtool IOCTL handler could allow a local user to cause an</li> information leak. (CVE-2010-3861, Moderate)<br><li> Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast</li> Manager. On 64-bit systems, writing the socket address may overflow the<br>procname character array. (CVE-2010-3874, Moderate)<br><li> Flaw in the module for monitoring the sockets of INET transport</li> protocols could allow a local, unprivileged user to cause a denial of<br>service. (CVE-2010-3880, Moderate)<br><li> Missing boundary checks in the block layer implementation could allow a</li> local, unprivileged user to cause a denial of service. (CVE-2010-4162,<br>CVE-2010-4163, CVE-2010-4668, Moderate)<br><li> NULL pointer dereference in the Bluetooth HCI UART driver could allow a</li> local, unprivileged user to cause a denial of service. (CVE-2010-4242,<br>Moderate)<br><li> Flaw in the Linux kernel CPU time clocks implementation for the POSIX</li> clock interface could allow a local, unprivileged user to cause a denial of<br>service. (CVE-2010-4248, Moderate)<br><li> Flaw in the garbage collector for AF_UNIX sockets could allow a local,</li> unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)<br><li> Missing upper bound integer check in the AIO implementation could allow a</li> local, unprivileged user to cause an information leak. (CVE-2010-3067, Low)<br><li> Missing initialization flaws could lead to information leaks.</li> (CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,<br>CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,<br>CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)<br><li> Missing initialization flaw in KVM could allow a privileged host user</li> with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)<br>Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;<br>Thomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting<br>CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,<br>CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,<br>CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,<br>and CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis<br>Ormandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for<br>reporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting<br>CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for<br>reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and<br>Stephan Mueller of atsec information security for reporting CVE-2010-4525.<br>

Affected SoftwareAffected VersionHow to fix
redhat/kernel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debug<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debug-debuginfo<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debug-devel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debuginfo<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-devel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-doc<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-firmware<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-headers<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/perf<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debug<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debug-debuginfo<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debug-devel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debuginfo<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debuginfo-common-i686<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-devel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-headers<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debuginfo-common-s390x<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-kdump<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-kdump-debuginfo<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-kdump-devel<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-bootwrapper<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6
redhat/kernel-debuginfo-common-ppc64<2.6.32-71.14.1.el6
2.6.32-71.14.1.el6

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203