Details
-
Improvement
-
Resolution: Fixed
-
Minor
-
None
-
None
-
None
-
4197
Description
This update fixes the following security issues:
- An integer overflow flaw was found in the i915_gem_do_execbuffer()
function in the Intel i915 driver in the Linux kernel. A local,
unprivileged user could use this flaw to cause a denial of service. This
issue only affected 32-bit systems. (CVE-2012-2384, Moderate)
- A memory leak flaw was found in the way the Linux kernel's memory
subsystem handled resource clean up in the mmap() failure path when the
MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to
cause a denial of service. (CVE-2012-2390, Moderate)
- A race condition was found in the way access to inet->opt ip_options was
synchronized in the Linux kernel's TCP/IP protocol suite implementation.
Depending on the network facing applications running on the system, a
remote attacker could possibly trigger this flaw to cause a denial of
service. A local, unprivileged user could use this flaw to cause a denial
of service regardless of the applications the system runs. (CVE-2012-3552,
Moderate)
- A flaw was found in the way the Linux kernel's dl2k driver, used by
certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local,
unprivileged user could use this flaw to issue potentially harmful IOCTLs,
which could cause Ethernet adapters using the dl2k driver to malfunction
(for example, losing network connectivity). (CVE-2012-2313, Low)
- A flaw was found in the way the msg_namelen variable in the rds_recvmsg()
function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol
implementation was initialized. A local, unprivileged user could use this
flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)
Bugs fixed (http://bugzilla.redhat.com/):
818820 - CVE-2012-2313 kernel: unfiltered netdev rio_ioctl access by users
820039 - CVE-2012-3430 kernel: recv
() on an rds socket can leak kernel memory
824178 - CVE-2012-2384 kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()
824345 - CVE-2012-2390 kernel: huge pages: memory leak on mmap failure
842982 - Change network with netconsole loaded cause kernel panic [rhel-6.3.z]
847945 - nfs_attr_use_mounted_on_file() returns wrong value [rhel-6.3.z]
849051 - dlm: deadlock between dlm_send and dlm_controld [rhel-6.3.z]
851444 - [qemu-kvm] [hot-plug] qemu-process (RHEL6.3 guest) goes into D state during nic hot unplug (netdev_del hostnet1) [rhel-6.3.z]
853465 - CVE-2012-3552 kernel: net: slab corruption due to improper synchronization around inet->opt
Updated the patch to remove the extra wordiness. The patch is at http://review.whamcloud.com/#change,4131 for master. I also have a patch for 2.1 at http://review.whamcloud.com/#change,3811