kernel-2.6.18-308.6.AXS3

エラータID: AXSA:2012-1007:07

リリース日: 
2012/12/12 Wednesday - 12:20
題名: 
kernel-2.6.18-308.6.AXS3
影響のあるチャネル: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Security issues fixed with this release:

• CVE-2012-2319
Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.

• CVE-2012-3412
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.

• CVE-2012-3430
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

• CVE-2012-3510
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.

解決策: 

Update packages.

CVE: 
CVE-2012-2319
Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.
CVE-2012-3412
The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.
CVE-2012-3430
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
CVE-2012-3510
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.


追加情報: 

N/A

ダウンロード: 

SRPMS
  1. kernel-2.6.18-308.6.AXS3.src.rpm
    MD5: bbbe85ae2586aa604e23197d3645d798
    SHA-256: 2cd3181d86656f84f88ea15413c14ac7508b19f01b440724f1888718e1d569ec
    Size: 64.65 MB

Asianux Server 3 for x86
  1. kernel-2.6.18-308.6.AXS3.i686.rpm
    MD5: c659a78283a880304d85a5e13568e0c9
    SHA-256: 35f2f027dc27d4e2a199ed835fed6bd9ed0c433180650a1b98a2b023096a55d8
    Size: 19.67 MB
  2. kernel-devel-2.6.18-308.6.AXS3.i686.rpm
    MD5: 22d76368a5b878c0ba503e3516e583e5
    SHA-256: c18be7f3b6427f05bbbd90d6e38fd43b1b741feaaf141d000100772ebe23eb59
    Size: 5.92 MB
  3. kernel-doc-2.6.18-308.6.AXS3.noarch.rpm
    MD5: 000a3b70c6b01596da91d8f54f8d7218
    SHA-256: b358d1c0eddd2838521411230213b20a934b3b48b7e7c9d039a86f8dd4720632
    Size: 3.39 MB
  4. kernel-headers-2.6.18-308.6.AXS3.i386.rpm
    MD5: 408bc441048216bc624494a9205ce2dd
    SHA-256: 7c366802657049832162b325384845af7e0a7a483378dbcd08a559d0370fd03f
    Size: 1.36 MB
  5. kernel-PAE-2.6.18-308.6.AXS3.i686.rpm
    MD5: 74477ed6fb635644350dff5347c4cd3b
    SHA-256: 6570ad816c1cf647f54cee5b85282fe5ce32442f5172586a997438388961cd51
    Size: 19.69 MB
  6. kernel-PAE-devel-2.6.18-308.6.AXS3.i686.rpm
    MD5: 004bc9920cf0179c7ab4fcd8ec8b9397
    SHA-256: af25c5e6f564eb023b612ed3badb1cde272a81d5e3b89ad521571ae232ac56fa
    Size: 5.93 MB
  7. kernel-xen-2.6.18-308.6.AXS3.i686.rpm
    MD5: 8e729bfe13ce3850305843686ace7747
    SHA-256: 8dd0887659935c364ef590db02d180bd3d562ad10e5b75c4bcc74c909f3a9607
    Size: 20.85 MB
  8. kernel-xen-devel-2.6.18-308.6.AXS3.i686.rpm
    MD5: d290c0d9ecac96ca34c9b3e2d177151a
    SHA-256: 509b8cea89f79ea497d057d7ef4cbf69f02d3c5c4c104b1e0120ada17b7adcaf
    Size: 5.93 MB

Asianux Server 3 for x86_64
  1. kernel-2.6.18-308.6.AXS3.x86_64.rpm
    MD5: 61a41a267e490006a48d09e9a667e50b
    SHA-256: d14900ae84e4c10aeac780c4302d3cb8c0c28031f00c8773f20127bb4f7ef5c8
    Size: 21.77 MB
  2. kernel-devel-2.6.18-308.6.AXS3.x86_64.rpm
    MD5: 9da90ad4b7f7e52c63faa75b11e63c55
    SHA-256: 6a0f2674001221568f3b393a65f802cf7415d7c59e3a7b48467add0b30adb72c
    Size: 5.92 MB
  3. kernel-doc-2.6.18-308.6.AXS3.noarch.rpm
    MD5: 2ae740c897ff16260944fc8807793ffa
    SHA-256: 3d3d5e486ec4f83b4f97f1d3095ad9d4c9a5830ccef6b584c8d981d7b9887b4e
    Size: 3.39 MB
  4. kernel-headers-2.6.18-308.6.AXS3.x86_64.rpm
    MD5: a6b88217ba939a10140ff1c9a1ce7be3
    SHA-256: 365714c527a750297325b09d9508818d30f962e69ccb8147778ef6212109d804
    Size: 1.39 MB
  5. kernel-xen-2.6.18-308.6.AXS3.x86_64.rpm
    MD5: ead287e10b98908e9f1bc3b5566fffc5
    SHA-256: 9b77964f7a7436553109d9c46a3b257906a014d59bbbee0cb47eb870fd197760
    Size: 22.70 MB
  6. kernel-xen-devel-2.6.18-308.6.AXS3.x86_64.rpm
    MD5: 3a298406bd14f8b956660b907a6945d6
    SHA-256: ae7948368f5d8baf35efa62abe074ca6ec896f41013f851b203e2e2300ffc4ea
    Size: 5.93 MB