[RHSA-2013:0630] kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
A flaw was found in the way the xen_iret() function in the Linux kernel
used the DS (the CPU's Data Segment) register. A local, unprivileged user
in a 32-bit, para-virtualized Xen hypervisor guest could use this flaw to
crash the guest or, potentially, escalate their privileges. (CVE-2013-0228,
Important)A flaw was found in the way file permission checks for the
"/dev/cpu/[x]/msr" files were performed in restricted root environments
(for example, when using a capability-based security model). A local user
with the ability to write to these files could use this flaw to escalate
their privileges to kernel level, for example, by writing to the
SYSENTER_EIP_MSR register. (CVE-2013-0268, Important)
The CVE-2013-0228 issue was discovered by Andrew Jones of Red Hat.
This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.
- ID
- RHSA-2013:0630
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2013:0630
- Published
-
2013-03-12T00:00:00
(11 years ago) - Modified
-
2013-03-12T00:00:00
(11 years ago) - Rights
- Copyright 2013 Red Hat, Inc.
- Other Advisories
-
- ELSA-2013-0621
- ELSA-2013-0630
- ELSA-2013-2507
- ELSA-2013-2511
- ELSA-2013-2512
- FEDORA-2013-10695
- FEDORA-2013-12530
- FEDORA-2013-12990
- FEDORA-2013-13536
- FEDORA-2013-15151
- FEDORA-2013-16336
- FEDORA-2013-17010
- FEDORA-2013-17942
- FEDORA-2013-18364
- FEDORA-2013-18822
- FEDORA-2013-1961
- FEDORA-2013-20748
- FEDORA-2013-21822
- FEDORA-2013-22695
- FEDORA-2013-2597
- FEDORA-2013-2635
- FEDORA-2013-2728
- FEDORA-2013-3086
- FEDORA-2013-3106
- FEDORA-2013-3223
- FEDORA-2013-3630
- FEDORA-2013-3893
- FEDORA-2013-3909
- FEDORA-2013-4012
- FEDORA-2013-4240
- FEDORA-2013-4357
- FEDORA-2013-5368
- FEDORA-2013-6041
- FEDORA-2013-6537
- FEDORA-2013-6999
- FEDORA-2013-9123
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0652-1
- USN-1756-1
- USN-1760-1
- USN-1767-1
- USN-1768-1
- USN-1769-1
- USN-1774-1
- USN-1775-1
- USN-1776-1
- USN-1778-1
- USN-1781-1
- USN-1795-1
- USN-1796-1
- USN-1797-1
- USN-1805-1
- USN-1808-1
- XSA-42
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 906309 | https://bugzilla.redhat.com/906309 | |
Bugzilla | 908693 | https://bugzilla.redhat.com/908693 | |
RHSA | RHSA-2013:0630 | https://access.redhat.com/errata/RHSA-2013:0630 | |
CVE | CVE-2013-0228 | https://access.redhat.com/security/cve/CVE-2013-0228 | |
CVE | CVE-2013-0268 | https://access.redhat.com/security/cve/CVE-2013-0268 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/python-perf?arch=x86_64&distro=redhat-6 | redhat | python-perf | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/python-perf?arch=s390x&distro=redhat-6 | redhat | python-perf | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/python-perf?arch=ppc64&distro=redhat-6 | redhat | python-perf | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/python-perf?arch=i686&distro=redhat-6 | redhat | python-perf | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/perf?arch=x86_64&distro=redhat-6 | redhat | perf | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/perf?arch=s390x&distro=redhat-6 | redhat | perf | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/perf?arch=ppc64&distro=redhat-6 | redhat | perf | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/perf?arch=i686&distro=redhat-6 | redhat | perf | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-6 | redhat | kernel | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-6 | redhat | kernel | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-6 | redhat | kernel | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel?arch=i686&distro=redhat-6 | redhat | kernel | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-6 | redhat | kernel-kdump | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-6 | redhat | kernel-kdump-devel | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-headers?arch=x86_64&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-headers?arch=s390x&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-headers?arch=ppc64&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-headers?arch=i686&distro=redhat-6 | redhat | kernel-headers | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-firmware?distro=redhat-6 | redhat | kernel-firmware | < 2.6.32-358.2.1.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel-doc?distro=redhat-6 | redhat | kernel-doc | < 2.6.32-358.2.1.el6 | redhat-6 | ||
Affected | pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=i686&distro=redhat-6 | redhat | kernel-devel | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=i686&distro=redhat-6 | redhat | kernel-debug | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-358.2.1.el6 | redhat-6 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-358.2.1.el6 | redhat-6 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=i686&distro=redhat-6 | redhat | kernel-debug-devel | < 2.6.32-358.2.1.el6 | redhat-6 | i686 | |
Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-6 | redhat | kernel-bootwrapper | < 2.6.32-358.2.1.el6 | redhat-6 | ppc64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |