| Description: | The kernel packages contain the Linux kernel, the core of any Linuxoperating system.* A flaw was found in the way the Linux kernel's futex subsystem handledreference counting when requeuing futexes during futex_wait(). A local,unprivileged user could use this flaw to zero out the reference counter ofan inode or an mm struct that backs up the memory area of the futex, whichcould lead to a use-after-free flaw, resulting in a system crash or,potentially, privilege escalation. (CVE-2014-0205, Important)* A NULL pointer dereference flaw was found in the way the Linux kernel'snetworking implementation handled logging while processing certain invalidpackets coming in via a VxLAN interface. A remote attacker could use thisflaw to crash the system by sending a specially crafted packet to such aninterface. (CVE-2014-3535, Important)* An out-of-bounds memory access flaw was found in the Linux kernel'ssystem call auditing implementation. On a system with existing audit rulesdefined, a local, unprivileged user could use this flaw to leak kernelmemory to user space or, potentially, crash the system. (CVE-2014-3917,Moderate)* An integer underflow flaw was found in the way the Linux kernel's StreamControl Transmission Protocol (SCTP) implementation processed certainCOOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remoteattacker could use this flaw to prevent legitimate connections to aparticular SCTP server socket to be made. (CVE-2014-4667, Moderate)Red Hat would like to thank Gopal Reddy Kodudula of Nokia Siemens Networksfor reporting CVE-2014-4667. The security impact of the CVE-2014-0205 issuewas discovered by Mateusz Guzik of Red Hat.This update also fixes several bugs. Documentation for these changes willbe available shortly from the Technical Notes document linked to in theReferences section.All kernel users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. The system must berebooted for this update to take effect. |