Oval Definition:	oval:org.mitre.oval:def:23930
Revision Date: 2014-05-26 Version: 38 Title: ELSA-2013:1173: kernel security and bug fix update (Important) Description: The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-6544 CVE-2013-2146 CVE-2013-2206 CVE-2013-2224 CVE-2013-2232 CVE-2013-2237 ELSA-2013:1173-00 Platform(s): Oracle Linux 6 Product(s): kernel Definition Synopsis Oracle Linux 6.x AND rpm test kernel-debug-devel is earlier than 0:2.6.32-358.18.1.el6 OR kernel-kdump is earlier than 0:2.6.32-358.18.1.el6 OR kernel-devel is earlier than 0:2.6.32-358.18.1.el6 OR python-perf is earlier than 0:2.6.32-358.18.1.el6 OR perf is earlier than 0:2.6.32-358.18.1.el6 OR kernel-doc is earlier than 0:2.6.32-358.18.1.el6 OR kernel-bootwrapper is earlier than 0:2.6.32-358.18.1.el6 OR kernel-kdump-devel is earlier than 0:2.6.32-358.18.1.el6 OR kernel-debug is earlier than 0:2.6.32-358.18.1.el6 OR kernel is earlier than 0:2.6.32-358.18.1.el6 OR kernel-firmware is earlier than 0:2.6.32-358.18.1.el6 OR kernel-headers is earlier than 0:2.6.32-358.18.1.el6
BACK