| Errata ID | 54 |
|---|---|
| Date | 2014-02-12 |
| Source package | univention-kernel-image |
| Fixed in version | 7.0.0-9.48.201401271412 |
| Description | The Linux kernel package has been updated to 3.10.26. This provides a wide range of bugfixes and fixes the following security vulnerabilities: * Information leak in cpqarray and cciss drivers (CVE-2013-2147) * Use-after-free in TUN network driver (CVE-2013-4343) * Off-by-one in ansi cprng (CVE-2013-4345) * If SCTP is transferred over Ipv6 in some configurations IPsec doesn't work correctly (CVE-2013-4350) * Denial of service in device mapper (CVE-2013-4299) * Denial of service in IPv6 (CVE-2013-4387) * Denial of service in skb_flow_dissect() (CVE-2013-4348) * Information leak in /proc/net/sys (CVE-2013-4270) * Incorrect memory mapping in uio (CVE-2013-4511) * Array overwrite in UML proc handling (CVE-2013-4512) * Privacy leak in ath9k_htc driver (CVE-2013-4579) * Memory corruption in UFO support (CVE-2013-4470) * Information leak in perf tracing (CVE-2013-2930) * Ipv6 DoS (CVE-2013-4563) * Denial of service in libertas driver (CVE-2013-6378) * Denial of service in aacraid driver (CVE-2013-6380) * Memory corruption in XFS (CVE-2013-6382) * Missing capability check in aacraid ioctl (CVE-2013-6383) * Incorrect checks on dumpability of a process in ptrace() (CVE-2013-2929) * Missing input sanitising in kvm_vm_ioctl_create_vcpu() (CVE-2013-4587) * Denial of service in KVM (CVE-2013-6367, CVE-2013-6368) * NULL pointer dereference in ipv6 (CVE-2013-6431) * Buffer overflow in radiotap wireless driver (CVE-2013-7027) * Race conditions in IPC handling (CVE-2013-7026) * Various memory leaks in socket handling (CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7281) * Various memory leaks in socket handling (CVE-2013-7266, CVE-2013-7267, CVE-2013-7268, CVE-2013-7269, CVE-2013-7270, CVE-2013-7271) * Information leak in farsync network ioctl (CVE-2014-1444) * Information leak in wanxl network ioctl (CVE-2014-1445) This kernel also fixes an ABI breakage: The kernel update to linux-3.10 for UCS 3.2 caused the header files to move from /usr/include/asm/ to the different location /ucr/include/gnu-*-linux/asm/, which broke compiling other software. This change was reverted. |
| Additional notes | This is the second part of the fix, which updates the kernel meta packages to automatically install the new kernel package provided by the previous errata update. |
| CVE ID | CVE-2013-2147 CVE-2013-4343 CVE-2013-4345 CVE-2013-4350 CVE-2013-4299 CVE-2013-4387 CVE-2013-4348 CVE-2013-4270 CVE-2013-4511 CVE-2013-4512 CVE-2013-4579 CVE-2013-4470 CVE-2013-2930 CVE-2013-4563 CVE-2013-6378 CVE-2013-6380 CVE-2013-6382 CVE-2013-6383 CVE-2013-2929 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6431 CVE-2013-7027 CVE-2013-7026 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7281 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2014-1444 CVE-2014-1445 |
| UCS Bug number | #33924 |
