Details
-
Improvement
-
Resolution: Fixed
-
Minor
-
None
-
None
-
4484
Description
This update fixes the following security issues:
- An integer overflow flaw was found in the i915_gem_execbuffer2() function
in the Intel i915 driver in the Linux kernel. A local, unprivileged user
could use this flaw to cause a denial of service. This issue only affected
32-bit systems. (CVE-2012-2383, Moderate)
- A missing initialization flaw was found in the sco_sock_getsockopt_old()
function in the Linux kernel's Bluetooth implementation. A local,
unprivileged user could use this flaw to cause an information leak.
(CVE-2011-1078, Low)
Red Hat would like to thank Vasiliy Kulikov of Openwall for reporting the
CVE-2011-1078 issue.
Bugs fixed (http://bugzilla.redhat.com/):
681259 - CVE-2011-1078 kernel: bt sco_conninfo infoleak
824176 - CVE-2012-2383 kernel: drm/i915: integer overflow in i915_gem_execbuffer2()
842429 - VLAN configured on top of a bonded interface (active-backup) does not failover [rhel-6.3.z]