6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
0.029 Low
EPSS
Percentile
90.9%
Issue Overview:
The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call.
The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call.
net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet.
The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.
Affected Packages:
kernel
Issue Correction:
Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.
New Packages:
i686:
kernel-devel-3.4.66-55.43.amzn1.i686
kernel-debuginfo-common-i686-3.4.66-55.43.amzn1.i686
kernel-debuginfo-3.4.66-55.43.amzn1.i686
kernel-3.4.66-55.43.amzn1.i686
kernel-tools-debuginfo-3.4.66-55.43.amzn1.i686
kernel-headers-3.4.66-55.43.amzn1.i686
kernel-tools-3.4.66-55.43.amzn1.i686
noarch:
kernel-doc-3.4.66-55.43.amzn1.noarch
src:
kernel-3.4.66-55.43.amzn1.src
x86_64:
kernel-3.4.66-55.43.amzn1.x86_64
kernel-debuginfo-common-x86_64-3.4.66-55.43.amzn1.x86_64
kernel-tools-3.4.66-55.43.amzn1.x86_64
kernel-headers-3.4.66-55.43.amzn1.x86_64
kernel-debuginfo-3.4.66-55.43.amzn1.x86_64
kernel-tools-debuginfo-3.4.66-55.43.amzn1.x86_64
kernel-devel-3.4.66-55.43.amzn1.x86_64
Red Hat: CVE-2012-4398, CVE-2013-2141, CVE-2013-4162, CVE-2013-4299, CVE-2013-4387
Mitre: CVE-2012-4398, CVE-2013-2141, CVE-2013-4162, CVE-2013-4299, CVE-2013-4387