kernel-2.6.32-358.11.1.el6

エラータID: AXSA:2013-571:06

リリース日: 
2013/07/24 Wednesday - 13:48
題名: 
kernel-2.6.32-358.11.1.el6
影響のあるチャネル: 
Asianux Server 4 for ppc
Severity: 
High
Description: 

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Security issues fixed with this release:

• CVE-2013-1935
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service (host OS crash) by leveraging a time window during which interrupts are disabled but copy_to_user function calls are possible.

• CVE-2013-1943
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c.

• CVE-2013-2017
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.

解決策: 

Update packages.

CVE: 
CVE-2013-1935
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service (host OS crash) by leveraging a time window during which interrupts are disabled but copy_to_user function calls are possible.
CVE-2013-1943
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c.
CVE-2013-2017
The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service (system crash) by leveraging lack of skb consumption in conjunction with a double-free error.




追加情報: 

N/A

ダウンロード: 

SRPMS
  1. kernel-2.6.32-358.11.1.el6.src.rpm
    MD5: 6f8b8239d34cd3f80f2c6a3738af3794
    SHA-256: e6dd8195b460c7a5f2d930439fad9e3986cdaf2dc5535ae45a952efa4c162f14
    Size: 85.09 MB

Asianux Server 4 for x86
  1. kernel-2.6.32-358.11.1.el6.i686.rpm
    MD5: 81e6e34efa20588fd15f6c61d1159b4c
    SHA-256: bdaf178d0b8b43aa0d0e89b40784cc9e9b755c9853232ac8da61d64a4907e422
    Size: 24.08 MB
  2. kernel-debug-2.6.32-358.11.1.el6.i686.rpm
    MD5: a8ab754a7d5a8bbde70a05913b29c080
    SHA-256: fa3e225ffd2f0cea8fa922127fe8789d5d97ba071246a5cd10ba2dd677255135
    Size: 24.61 MB
  3. kernel-debug-devel-2.6.32-358.11.1.el6.i686.rpm
    MD5: ce9234d22888e9e7cd8baeb989e14338
    SHA-256: e55390a383ee5a7a39bfc649cfd7d22302b586aaef5a410adad32c7bf67d090e
    Size: 8.18 MB
  4. kernel-devel-2.6.32-358.11.1.el6.i686.rpm
    MD5: 28225cb26e780cb8fa10b9a288665812
    SHA-256: 7b024fef5ac5b7fcaf60772a2de906d1708922718bfd88a2c69aa602885ce31a
    Size: 8.14 MB
  5. kernel-headers-2.6.32-358.11.1.el6.i686.rpm
    MD5: 3194ad56f423fae1a69e1e833a56b938
    SHA-256: 4062237cb8f45252b864e2927cfef4bd30a032700c1e5691bf32db15a201883e
    Size: 2.33 MB
  6. perf-2.6.32-358.11.1.el6.i686.rpm
    MD5: 613329d71fe1dc40894a950d170a6512
    SHA-256: e25e06fe6dfa0376dc61ff77ca27212d1b065ad6f9ea71f5b0b47102bfb6c556
    Size: 2.03 MB
  7. kernel-doc-2.6.32-358.11.1.el6.noarch.rpm
    MD5: c31e9d0b87bbefa814140fe090fdc1e5
    SHA-256: b939c804415bee2c4ada8b01ff32f644a4969b386cc5f0ceefbe692434123402
    Size: 9.95 MB
  8. kernel-firmware-2.6.32-358.11.1.el6.noarch.rpm
    MD5: cef46b341aee90ab03f1b997077a0b83
    SHA-256: 5280d2e8d94c713077bc7a2921ac844367d7b23a9ce7956aa925ee630c3d2095
    Size: 10.93 MB

Asianux Server 4 for x86_64
  1. kernel-2.6.32-358.11.1.el6.x86_64.rpm
    MD5: 8115be3455da7418aa865517eb4e3544
    SHA-256: ad8eff0ecacf0dfa935042d110621bf1cbf10563c5f223a83f667fcf6eb6dc38
    Size: 26.12 MB
  2. kernel-debug-2.6.32-358.11.1.el6.x86_64.rpm
    MD5: dcdfcc3b7a89c3ae5f60d15de600572e
    SHA-256: 1f77af259ab8fcf48e1f6775c1b3e1de99cf36e04e30d409c6b4c5e76d49bd9e
    Size: 26.73 MB
  3. kernel-debug-devel-2.6.32-358.11.1.el6.x86_64.rpm
    MD5: e8ecae043c885ee6df7485efe5bb9d3f
    SHA-256: ae331b202571d292f4ba4a2d1d1b6acd1d7fb223fa569bd297121a0ce1265c01
    Size: 8.23 MB
  4. kernel-devel-2.6.32-358.11.1.el6.x86_64.rpm
    MD5: b03501ec898113ffb6973458d98502d7
    SHA-256: 77080809351d84f86b3312d90de0afb92d25616df8035e7a635d7a43dd8407fd
    Size: 8.19 MB
  5. kernel-headers-2.6.32-358.11.1.el6.x86_64.rpm
    MD5: c59ba1e1312f9f4e91f8559c1e0ea7ca
    SHA-256: 2e1cbdc446453b4eaf136c925932bfbec0fdb73c632bf3de3d4d899995ce4602
    Size: 2.33 MB
  6. perf-2.6.32-358.11.1.el6.x86_64.rpm
    MD5: 6e8679c14ea1ae9e42e5015c474bacde
    SHA-256: 7cbb2755b1eb39a634d8b727d876c58e6b901447fbe8d01d5130d4a95b447bfb
    Size: 2.05 MB
  7. kernel-doc-2.6.32-358.11.1.el6.noarch.rpm
    MD5: fecf246e6a5db5717a9fc40536573402
    SHA-256: f5af0d34312129441ff4256aa3666e226e8d0f3e725d2669e7b8197db191d7a3
    Size: 9.94 MB
  8. kernel-firmware-2.6.32-358.11.1.el6.noarch.rpm
    MD5: 33c792f6efa7cd8250295813cad4a130
    SHA-256: a2c3deec6a83dd86498856f40e25eab25497f571c5f1cb1fb27cd4689668e988
    Size: 10.93 MB