Saw this earlier, apparently there is a serious issue that affects all of the kernels up to 3.8
Will do a security thing tomorrow, if I get a chance, but it has been a while since we've had a look at it, my fault. Will update once I've reviewed. On Tue, May 14, 2013 at 01:14:29PM -0600, dann frazier wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ---------------------------------------------------------------------- > Debian Security Advisory DSA-2668-1 secur...@debian.org > http://www.debian.org/security/ Dann Frazier > May 14, 2013 http://www.debian.org/security/faq > - ---------------------------------------------------------------------- > > Package : linux-2.6 > Vulnerability : privilege escalation/denial of service/information leak > Problem type : local/remote > Debian-specific: no > CVE Id(s) : CVE-2012-2121 CVE-2012-3552 CVE-2012-4461 CVE-2012-4508 > CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2012-6542 > CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548 > CVE-2012-6549 CVE-2013-0349 CVE-2013-0914 CVE-2013-1767 > CVE-2013-1773 CVE-2013-1774 CVE-2013-1792 CVE-2013-1796 > CVE-2013-1798 CVE-2013-1826 CVE-2013-1860 CVE-2013-1928 > CVE-2013-1929 CVE-2013-2015 CVE-2013-2634 CVE-2013-3222 > CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3228 > CVE-2013-3229 CVE-2013-3231 CVE-2013-3234 CVE-2013-3235 > > Several vulnerabilities have been discovered in the Linux kernel that may lead > to a denial of service, information leak or privilege escalation. The Common > Vulnerabilities and Exposures project identifies the following problems: > > CVE-2012-2121 > > Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU > mapping of memory slots used in KVM device assignment. Local users with > the ability to assign devices could cause a denial of service due to a > memory page leak. > > CVE-2012-3552 > > Hafid Lin reported an issue in the IP networking subsystem. A remote user > can cause a denial of service (system crash) on servers running > applications that set options on sockets which are actively being > processed. > > CVE-2012-4461 > > Jon Howell reported a denial of service issue in the KVM subsystem. > On systems that do not support the XSAVE feature, local users with > access to the /dev/kvm interface can cause a system crash. > > CVE-2012-4508 > > Dmitry Monakhov and Theodore Ts'o reported a race condition in the ext4 > filesystem. Local users could gain access to sensitive kernel memory. > > CVE-2012-6537 > > Mathias Krause discovered information leak issues in the Transformation > user configuration interface. Local users with the CAP_NET_ADMIN > capability > can gain access to sensitive kernel memory. > > CVE-2012-6539 > > Mathias Krause discovered an issue in the networking subsystem. Local > users on 64-bit systems can gain access to sensitive kernel memory. > > CVE-2012-6540 > > Mathias Krause discovered an issue in the Linux virtual server subsystem. > Local users can gain access to sensitive kernel memory. Note: this issue > does not affect Debian provided kernels, but may affect custom kernels > built from Debian's linux-source-2.6.32 package. > > CVE-2012-6542 > > Mathias Krause discovered an issue in the LLC protocol support code. > Local users can gain access to sensitive kernel memory. > > CVE-2012-6544 > > Mathias Krause discovered issues in the Bluetooth subsystem. > Local users can gain access to sensitive kernel memory. > > CVE-2012-6545 > > Mathias Krause discovered issues in the Bluetooth RFCOMM protocol > support. Local users can gain access to sensitive kernel memory. > > CVE-2012-6546 > > Mathias Krause discovered issues in the ATM networking support. Local > users can gain access to sensitive kernel memory. > > CVE-2012-6548 > > Mathias Krause discovered an issue in the UDF file system support. > Local users can obtain access to sensitive kernel memory. > > CVE-2012-6549 > > Mathias Krause discovered an issue in the isofs file system support. > Local users can obtain access to sensitive kernel memory. > > CVE-2013-0349 > > Anderson Lizardo discovered an issue in the Bluetooth Human Interface > Device Protocol (HIDP) stack. Local users can obtain access to sensitive > kernel memory. > > CVE-2013-0914 > > Emese Revfy discovered an issue in the signal implementation. Local > users maybe able to bypass the address space layout randomization (ASLR) > facility due to a leaking of information to child processes. > > CVE-2013-1767 > > Greg Thelen reported an issue in the tmpfs virtual memory filesystem. > Local users with sufficient privilege to mount filesystems can cause > a denial of service or possibly elevated privileges due to a use-after- > free defect. > > CVE-2013-1773 > > Alan Stern provided a fix for a defect in the UTF8->UTF16 string > conversion > facility used by the VFAT filesystem. A local user could cause a buffer > overflow condition, resulting in a denial of service or potentially > elevated privileges. > > CVE-2013-1774 > > Wolfgang Frisch provided a fix for a NULL-pointer dereference defect > in the driver for some serial USB devices from Inside Out Networks. > Local users with permission to access these devices can create a denial > of service (kernel oops) by causing the device to be removed while it is > in use. > > CVE-2013-1792 > > Mateusz Guzik of Red Hat EMEA GSS SEG Team discovered a race condition > in the access key retention support in the kernel. A local user could > cause a denial of service (NULL pointer dereference). > > CVE-2013-1796 > > Andrew Honig of Google reported an issue in the KVM subsystem. A user in > a guest operating system could corrupt kernel memory, resulting in a > denial of service. > > CVE-2013-1798 > > Andrew Honig of Google reported an issue in the KVM subsystem. A user in > a guest operating system could cause a denial of service due to a use- > after-free defect. > > CVE-2013-1826 > > Mathias Krause discovered an issue in the Transformation (XFRM) user > configuration interface of the networking stack. A user with the > CAP_NET_ADMIN capability maybe able to gain elevated privileges. > > CVE-2013-1860 > > Oliver Neukum discovered an issue in the USB CDC WCM Device Management > driver. Local users with the ability to attach devices can cause a > denial of service (kernel crash) or potentially gain elevated privileges. > > CVE-2013-1928 > > Kees Cook provided a fix for an information leak in the > VIDEO_SET_SPU_PALETTE ioctl for 32-bit applications running on a 64-bit > kernel. Local users can gain access to sensitive kernel memory. > > CVE-2013-1929 > > Oded Horovitz and Brad Spengler reported an issue in the device driver for > Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach > untrusted devices can create an overflow condition, resulting in a denial > of service or elevated privileges. > > CVE-2013-2015 > > Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local > users with the ability to mount a specially crafted filesystem can cause > a denial of service (infinite loop). > > CVE-2013-2634 > > Mathias Krause discovered a few issues in the Data Center Bridging (DCB) > netlink interface. Local users can gain access to sensitive kernel memory. > > CVE-2013-3222 > > Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM) > protocol support. Local users can gain access to sensitive kernel memory. > > CVE-2013-3223 > > Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol > support. Local users can gain access to sensitive kernel memory. > > CVE-2013-3224 > > Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users > can gain access to sensitive kernel memory. > > CVE-2013-3225 > > Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol > support. Local users can gain access to sensitive kernel memory. > > CVE-2013-3228 > > Mathias Krauss discovered an issue in the IrDA (infrared) subsystem > support. Local users can gain access to sensitive kernel memory. > > CVE-2013-3229 > > Mathias Krauss discovered an issue in the IUCV support on s390 systems. > Local users can gain access to sensitive kernel memory. > > CVE-2013-3231 > > Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2 > protocol support. Local users can gain access to sensitive kernel memory. > > CVE-2013-3234 > > Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose) > protocol support. Local users can gain access to sensitive kernel memory. > > CVE-2013-3235 > > Mathias Krauss discovered an issue in the Transparent Inter Process > Communication (TIPC) protocol support. Local users can gain access to > sensitive kernel memory. > > For the oldstable distribution (squeeze), this problem has been fixed in > version 2.6.32-48squeeze3. > > The following matrix lists additional source packages that were rebuilt for > compatibility with or to take advantage of this update: > > Debian 6.0 (squeeze) > user-mode-linux 2.6.32-1um-4+48squeeze3 > > We recommend that you upgrade your linux-2.6 and user-mode-linux packages. > > Note: Debian carefully tracks all known security issues across every > linux kernel package in all releases under active security support. > However, given the high frequency at which low-severity security > issues are discovered in the kernel and the resource requirements of > doing an update, updates for lower priority issues will normally not > be released for all kernels at the same time. Rather, they will be > released in a staggered or "leap-frog" fashion. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.12 (GNU/Linux) > > iQIcBAEBAgAGBQJRkox3AAoJEBv4PF5U/IZA8i8P/0HmqD/hYRYRdiYAs9eAnvKv > 1zhrLJWN0xoRresucZhlm6nR/MLSjDJ4WZCvUPxJV9wnKRRaOq8satYK1dB4kn39 > mEQr1WXMU9ojY4edMjRHsF0qcAVotJKsckmnecBd91KEd73SzeSg6zff7fQmAqWD > xa8pYdJtBt1A0V0w36Wp+nuqrcyrKD/xMT24oQnWf8uwaiPABI5Ujw0QqysO+48z > MhvP6PPpkkiVJ1zfGJMKPC9d2GwVqKHfQpyS0JCtrm9aeuN3oYg2bahEb+Rk905z > TCqi9ubLVlWvz4pNycR8kNE0uLhaP71KXcBkRN1Z9G6XTbYxsFuilGyp98ExcwxX > j4Psn9jwaCHDQLbNt+P4JiV9cH6FFnwGHgi248nkEbBBRTzyCAdOQDg5h8Otn39O > 2UlvFQUNQzU/s0mtmuj5b+gqGS4BelQYmKitJYga0ZpePSJ+GPpK1bSSbKeidUp6 > jjxLIcG66OqTUdE14REOQa+yru9j2SpaAdXE62bW+uw5AGeaN6lZk4/kZTFXiZYc > 4sZPVY3A0H7IUo56i+r6KwRqOUCoPKT2MmUp+Qw+OW1so3LAvFjhjkITvcIUllgf > l4B6kau4NASZUBfXAd7ClWYLJqu8zGunIdJFI1UtVqy2iYxbCEdyQUotmsvf6Pxy > HE5aT4RfgwD6zOmV/Pcq > =q9q5 > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/20130514191429.ga22...@dannf.org > -- Jon Marshall Workshop IT: www.workshopit.co.uk e:j...@workshopit.co.uk t:020 7183 0498 -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130514201548.gp21...@worktop.dh.local