[RHSA-2011:0007] kernel security and bug fix update
Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable
permissions (which it does not, by default, on Red Hat Enterprise Linux 6),
a local, unprivileged user could use this flaw to cause a denial of service
or possibly escalate their privileges. (CVE-2010-2492, Important)Integer overflow in the RDS protocol implementation could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2010-3865, Important)Missing boundary checks in the PPP over L2TP sockets implementation could
allow a local, unprivileged user to cause a denial of service or escalate
their privileges. (CVE-2010-4160, Important)NULL pointer dereference in the igb driver. If both Single Root I/O
Virtualization (SR-IOV) and promiscuous mode were enabled on an interface
using igb, it could result in a denial of service when a tagged VLAN packet
is received on that interface. (CVE-2010-4263, Important)Missing initialization flaw in the XFS file system implementation, and in
the network traffic policing implementation, could allow a local,
unprivileged user to cause an information leak. (CVE-2010-3078,
CVE-2010-3477, Moderate)NULL pointer dereference in the Open Sound System compatible sequencer
driver could allow a local, unprivileged user with access to /dev/sequencer
to cause a denial of service. /dev/sequencer is only accessible to root and
users in the audio group by default. (CVE-2010-3080, Moderate)Flaw in the ethtool IOCTL handler could allow a local user to cause an
information leak. (CVE-2010-3861, Moderate)Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast
Manager. On 64-bit systems, writing the socket address may overflow the
procname character array. (CVE-2010-3874, Moderate)Flaw in the module for monitoring the sockets of INET transport
protocols could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-3880, Moderate)Missing boundary checks in the block layer implementation could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4162,
CVE-2010-4163, CVE-2010-4668, Moderate)NULL pointer dereference in the Bluetooth HCI UART driver could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4242,
Moderate)Flaw in the Linux kernel CPU time clocks implementation for the POSIX
clock interface could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-4248, Moderate)Flaw in the garbage collector for AF_UNIX sockets could allow a local,
unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)Missing upper bound integer check in the AIO implementation could allow a
local, unprivileged user to cause an information leak. (CVE-2010-3067, Low)Missing initialization flaws could lead to information leaks.
(CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,
CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,
CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)Missing initialization flaw in KVM could allow a privileged host user
with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)
Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;
Thomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting
CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,
CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,
CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,
and CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis
Ormandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for
reporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting
CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for
reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and
Stephan Mueller of atsec information security for reporting CVE-2010-4525.
- ID
- RHSA-2011:0007
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2011:0007
- Published
-
2011-01-11T00:00:00
(13 years ago) - Modified
-
2011-01-11T00:00:00
(13 years ago) - Rights
- Copyright 2011 Red Hat, Inc.
- Other Advisories
-
- ELSA-2010-0723
- ELSA-2010-0839
- ELSA-2010-2009
- ELSA-2011-0004
- ELSA-2011-0007
- ELSA-2011-0017
- ELSA-2011-0028
- ELSA-2011-0303
- ELSA-2011-2010
- FEDORA-2010-14832
- FEDORA-2010-14878
- FEDORA-2010-14890
- FEDORA-2010-18432
- FEDORA-2010-18493
- FEDORA-2010-18506
- FEDORA-2010-18983
- FEDORA-2011-11103
- FEDORA-2011-1138
- FEDORA-2011-12874
- FEDORA-2011-14747
- FEDORA-2011-15241
- FEDORA-2011-16346
- FEDORA-2011-2134
- FEDORA-2011-6447
- FEDORA-2011-6541
- FEDORA-2011-7551
- MS:CVE-2010-3865
- SUSE-SU-2015:0652-1
- USN-1000-1
- USN-1023-1
- USN-1041-1
- USN-1054-1
- USN-1057-1
- USN-1071-1
- USN-1072-1
- USN-1073-1
- USN-1074-1
- USN-1074-2
- USN-1080-1
- USN-1080-2
- USN-1081-1
- USN-1083-1
- USN-1086-1
- USN-1089-1
- USN-1090-1
- USN-1092-1
- USN-1093-1
- USN-1105-1
- USN-1111-1
- USN-1119-1
- USN-1141-1
- USN-1159-1
- USN-1162-1
- USN-1164-1
- USN-1170-1
- USN-1183-1
- USN-1186-1
- USN-1187-1
- USN-1202-1
- USN-1203-1
- USN-1204-1
- USN-1208-1
- USN-1216-1
- USN-1218-1
- USN-966-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/perf?distro=redhat-6 | redhat | perf | < 2.6.32-71.14.1.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-6 | redhat | kernel | < 2.6.32-71.14.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-6 | redhat | kernel | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-6 | redhat | kernel | < 2.6.32-71.14.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel?arch=i686&distro=redhat-6 | redhat | kernel | < 2.6.32-71.14.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-6 | redhat | kernel-kdump | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-6 | redhat | kernel-kdump-devel | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-headers?arch=x86_64&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-71.14.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-headers?arch=s390x&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-headers?arch=ppc64&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-71.14.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-headers?arch=i686&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-71.14.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-firmware?distro=redhat-6 | redhat | kernel-firmware | < 2.6.32-71.14.1.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel-doc?distro=redhat-6 | redhat | kernel-doc | < 2.6.32-71.14.1.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-71.14.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-71.14.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=i686&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-71.14.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-71.14.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-71.14.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=i686&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-71.14.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-71.14.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-71.14.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-71.14.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=i686&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-71.14.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-6 | redhat | kernel-bootwrapper | < 2.6.32-71.14.1.el6 | redhat-6 | ppc64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |