kernel-2.6.18-348.4.AXS3

エラータID: AXSA:2013-452:04

Release date: 
Tuesday, May 21, 2013 - 11:33
Subject: 
kernel-2.6.18-348.4.AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Security issues fixd with this release:

• CVE-2012-6537
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.

• CVE-2012-6542
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.

• CVE-2012-6546
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

• CVE-2012-6547
The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

• CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.

• CVE-2013-0231
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.

• CVE-2013-1826
The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

Fixed bugs:

• Previously, the IPv4 code did not update the MTU of an interface when receiving ICMP Fragmentation Needed packets which prevented remote hosts from responding the the ping command. This has been fixed.

• Previously, be2net expected the last word of an MCC completion message to be transferred by DMA in one go. As this is not always the case, it could sometimes trigger the BUG_ON() macro in the be_mcc_compl_is_new() function and cause a kernel panic. The BUG_ON() macro has been removed, which fixes the bug.

• Previously, the NFSv3 server incorrectly converted 64-bit cookies to 32-bit, leading to many problems (empty exported directories, endless loop of READDIRPLUS, etc). This has been fixed.

Solution: 

Update packages.

CVEs: 
CVE-2012-6537
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.
CVE-2012-6542
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.
CVE-2012-6546
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2012-6547
The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2013-0216
The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.
CVE-2013-0231
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.
CVE-2013-1826
The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.


Additional Info: 

N/A

Download: 

SRPMS
  1. kernel-2.6.18-348.4.AXS3.src.rpm
    MD5: 181f11253096e32c8c319490b383c6dc
    SHA-256: 34e4cccaec40185ec4e3f732144b18cfb0d9078dcad2e60f7ac593467cb03110
    Size: 65.85 MB

Asianux Server 3 for x86
  1. kernel-2.6.18-348.4.AXS3.i686.rpm
    MD5: d2fe9688e66c119639e6cf86093380e0
    SHA-256: ff3e977da39debb4d3cfb6a6b312eb443d224a76ad162e9ec93e057204a64f81
    Size: 19.80 MB
  2. kernel-devel-2.6.18-348.4.AXS3.i686.rpm
    MD5: 27e7276fbe35fef78d4e9251ea5ce6fa
    SHA-256: 58d3a27f44d5c203d5a3f599823d303af02eecee78c11bf78a59eac68960c34c
    Size: 6.05 MB
  3. kernel-doc-2.6.18-348.4.AXS3.noarch.rpm
    MD5: 86ba4f13a0f374b568f86b0d97fc3e13
    SHA-256: 806ad1054bf5c5b7f0a201a02059dd479a7bd8ca1b1ff4d622a19febacf85026
    Size: 3.48 MB
  4. kernel-headers-2.6.18-348.4.AXS3.i386.rpm
    MD5: 5ea5e00b6523b13cb397a59dc111c5b2
    SHA-256: 68d981bbae7d18170c490934c7058385fc0f63bb1696ad2f67cbc131fa993da4
    Size: 1.45 MB
  5. kernel-PAE-2.6.18-348.4.AXS3.i686.rpm
    MD5: 044984a6d9e3d206fa1eb03c29cc3898
    SHA-256: c8d514d9b75fac4a88bcea9cf4030b518367143ebc40ad0bc45f42a5ff16b237
    Size: 19.82 MB
  6. kernel-PAE-devel-2.6.18-348.4.AXS3.i686.rpm
    MD5: 68b7f2e3ab6da10b7f25d3c563950af4
    SHA-256: 8f1239bbe8f8d78aabfcc6f8786238ad8fe3118e521ab0076ba5b5919d3bd66b
    Size: 6.05 MB
  7. kernel-xen-2.6.18-348.4.AXS3.i686.rpm
    MD5: 4b9e98658fae955379b9b517c22b11d2
    SHA-256: cdfb1529da193e1121be4a6cd27d35dbae8949b20df04933b41c7f7c3f3098d3
    Size: 20.91 MB
  8. kernel-xen-devel-2.6.18-348.4.AXS3.i686.rpm
    MD5: 87335ce1cefa28751c586ae69fd252fe
    SHA-256: c7c4e87a0dad9ec037af476440b9048be0ed6f567e051db7dd2f111d1549742f
    Size: 6.05 MB

Asianux Server 3 for x86_64
  1. kernel-2.6.18-348.4.AXS3.x86_64.rpm
    MD5: af2ff04b6886baf4a00841988f83c997
    SHA-256: 4e9580dbc6d4728218b6c26921a6faa09d7a420fccc0c7b63bb21bcbae7b1d65
    Size: 22.11 MB
  2. kernel-devel-2.6.18-348.4.AXS3.x86_64.rpm
    MD5: 29f29e99e2280b86c89632408500e2ae
    SHA-256: 334c756192b9a23c7ab50d259b2032cfeaea7f971fc2f4c6c17f163f02a1e1fa
    Size: 6.05 MB
  3. kernel-doc-2.6.18-348.4.AXS3.noarch.rpm
    MD5: a0f0f8b4dc5e78cabb6fecbfe8e8f2db
    SHA-256: 6df134126198d1836f2de21cbefb0e1f8a826004c1eb77f1bd22049d72a72b98
    Size: 3.48 MB
  4. kernel-headers-2.6.18-348.4.AXS3.x86_64.rpm
    MD5: c142b514cbbc5193f806cc04dc27704a
    SHA-256: 14eaa95f63c3a4646888ac73d53035ff9f689e8fdc20195260c8d3b91e7d289e
    Size: 1.48 MB
  5. kernel-xen-2.6.18-348.4.AXS3.x86_64.rpm
    MD5: 2e10e97211b6bddeee7277cc301419a2
    SHA-256: bc89030befe9e042df4b9888983a409c7d4a122e6ef54bc374b14aac6d76cd1a
    Size: 22.97 MB
  6. kernel-xen-devel-2.6.18-348.4.AXS3.x86_64.rpm
    MD5: 47effef57b6f8cba1e609a13ef131a52
    SHA-256: 85266894eac53313a0088a86be9cede5d88d3fd107cccbbdeae513d3b3ddb83f
    Size: 6.05 MB