Oval Definition:	oval:org.mitre.oval:def:23435
Revision Date: 2014-05-26 Version: 40 Title: ELSA-2013:0747: kernel security and bug fix update (Moderate) Description: The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-6537 CVE-2012-6542 CVE-2012-6546 CVE-2012-6547 CVE-2013-0216 CVE-2013-0231 CVE-2013-1826 ELSA-2013:0747-00 Platform(s): Oracle Linux 5 Product(s): kernel Definition Synopsis Oracle Linux 5.x AND rpm test kernel-xen is earlier than 0:2.6.18-348.4.1.el5 OR kernel-debug is earlier than 0:2.6.18-348.4.1.el5 OR kernel is earlier than 0:2.6.18-348.4.1.el5 OR kernel-devel is earlier than 0:2.6.18-348.4.1.el5 OR kernel-PAE-devel is earlier than 0:2.6.18-348.4.1.el5 OR kernel-PAE is earlier than 0:2.6.18-348.4.1.el5 OR kernel-kdump-devel is earlier than 0:2.6.18-348.4.1.el5 OR kernel-xen-devel is earlier than 0:2.6.18-348.4.1.el5 OR kernel-headers is earlier than 0:2.6.18-348.4.1.el5 OR kernel-doc is earlier than 0:2.6.18-348.4.1.el5 OR kernel-kdump is earlier than 0:2.6.18-348.4.1.el5 OR kernel-debug-devel is earlier than 0:2.6.18-348.4.1.el5
BACK