[Rdo-list] [package announce] Moderate: kernel security and enhancement update

Pádraig Brady pbrady at redhat.com
Wed Oct 23 20:21:21 UTC 2013


RDO includes a custom Enterprise Linux 6.4 kernel.
These custom kernel packages include extra networking functionality
required to facilitate advanced OpenStack Networking deployments.

This update fixes 2 moderate security issues:

* A flaw was found in the way the Linux kernel's TCP/IP protocol suite
implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of service.
https://www.redhat.com/security/data/cve/CVE-2013-4162.html

* An information leak flaw was found in the way Linux kernel's device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible.
https://www.redhat.com/security/data/cve/CVE-2013-4299.html

Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.


This update also adds the following enhancements:

* Support for Distributed Overlay Virtual Ethernet (DOVE).
https://bugzilla.redhat.com/1009025

* Support for Virtual Extensible LAN (VXLAN) as an OpenvSwitch (OVS) tunneling type.
https://bugzilla.redhat.com/1009006


All RDO Enterprise Linux users deploying the OpenStack Networking
service are advised to install these updated packages.

The packages containing the fixes are:

  kernel-2.6.32-358.123.2.openstack.el6.src.rpm
  python-perf-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  python-perf-debuginfo-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  kernel-headers-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  perf-debuginfo-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  kernel-devel-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  kernel-debuginfo-common-x86_64-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  perf-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  kernel-debuginfo-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  kernel-2.6.32-358.123.2.openstack.el6.x86_64.rpm
  kernel-firmware-2.6.32-358.123.2.openstack.el6.noarch.rpm
  kernel-doc-2.6.32-358.123.2.openstack.el6.noarch.rpm

thanks,
Pádraig.




More information about the dev mailing list