Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2013:1520 - Security Advisory
Issued:
2013-11-14
Updated:
2013-11-14

RHSA-2013:1520 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: kernel security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel packages that fix two security issues, one bug, and add two
enhancements are now available for Red Hat OpenStack 3.0.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Description

Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4
kernel. These custom kernel packages include support for network
namespaces; this support is required to facilitate advanced OpenStack
Networking deployments.

  • A flaw was found in the way the Linux kernel's TCP/IP protocol suite

implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2013-4162, Moderate)

  • An information leak flaw was found in the way the Linux kernel's device

mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible. (CVE-2013-4299,
Moderate)

Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.

This update also fixes the following bug:

  • Prior to this update, while performing Generic Routing Encapsulation

(GRE), the possibility of having a 802.1Q inner header was not considered
during the Generic Segmentation Offloading (GSO). With this update, a check
has been added to detect the use of 802.1Q and handle the packet
accordingly. (BZ#1005804)

In addition, this update adds the following enhancements:

  • This update adds support for Distributed Overlay Virtual Ethernet (DOVE).

(BZ#1009025)

  • This update adds support for Virtual Extensible LAN (VXLAN) as an Open

vSwitch (OVS) tunneling type. (BZ#1009006)

More information on the Red Hat Enterprise Linux 6.4 kernel packages upon
which these custom kernel packages are based is available in
RHSA-2013:1436:

https://rhn.redhat.com/errata/RHSA-2013-1436.html

All Red Hat OpenStack 3.0 users deploying the OpenStack Networking service
are advised to install these updated packages.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

Details on how to use the Red Hat Network to apply this update are
available at https://access.redhat.com/site/articles/11258

This Red Hat OpenStack 3.0 kernel may be installed by running this command
while logged in as the root user on a system that has the required
entitlements and subscriptions attached:

# yum install "kernel-2.6.*.openstack.el6.x86_64"

Documentation for both stable and preview releases of Red Hat OpenStack is
available at:

https://access.redhat.com/site/documentation/Red_Hat_OpenStack/

In particular it is highly recommended that all users read the Release
Notes document for the relevant Red Hat OpenStack release prior to
installation.

Affected Products

  • Red Hat OpenStack grizzly x86_64

Fixes

  • BZ - 987627 - CVE-2013-4162 Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled
  • BZ - 1004233 - CVE-2013-4299 kernel: dm: dm-snapshot data leak
  • BZ - 1005804 - modem-like speed when transmitting TCP to a floating IP

CVEs

  • CVE-2013-4162
  • CVE-2013-4299

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://rhn.redhat.com/errata/RHSA-2013-1436.html
  • https://access.redhat.com/site/documentation/Red_Hat_OpenStack/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack grizzly

SRPM
kernel-2.6.32-358.123.4.openstack.el6.src.rpm SHA-256: 3c53eca060a070b4427a9878830f6a9976b7bf4fc46afd6e33154bc619b30a17
x86_64
kernel-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 14c821b711d4bd4b39aec7b8a3505c3b5f0d16d4149e04136b4c72fd9ce0a782
kernel-debug-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: b04fa8a23b59b060f9b569e939d29ebba03673e91f5f8be0a70994de03196e79
kernel-debug-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 545b69107aceeaf0f20ea88c67ca1954b24380b80c35db1d81b6ccd39f10cc97
kernel-debug-devel-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 47c84d5641ca066493d0266dc258751f22b09986b7df932a76364125f1498051
kernel-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 86b32c1325e0a2f23cd1d3868d1af7d90f9c611a645f088ae06bf7c24820241a
kernel-debuginfo-common-x86_64-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: a360c85194dfe2153946500b8e2843ccda0f0dcb4d182490a143f16daf71218f
kernel-devel-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 3a889c711e8bd448a2b6cf7b2ea95f49d95a9434077909e2edd6594774089dad
kernel-doc-2.6.32-358.123.4.openstack.el6.noarch.rpm SHA-256: 359e9f2e594825303ce53a3de499bec673723386ed054164910c81a0a0e02763
kernel-firmware-2.6.32-358.123.4.openstack.el6.noarch.rpm SHA-256: eb0fe98cb7f8912bf1fe3731e1bda1d1c3f0bbb0aee6671f00bb5248a9ab9c9d
kernel-headers-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: b12559fba5ad5fdfa7b1f92765dcf101025cbf0f956cb2b5865cc468827c762a
perf-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 7c048c07fb76ff42629d4fd55f0a62047fef950e1f418ec52ede7fb7f21017e9
perf-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: b33b5a4b31092b7d75a2a12ee2c277d0d104f682d2064d351494ab8324d8ee6c
python-perf-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 364644ac0dc912bd8851ce551d7c2c70debabfae5bc17529f8571db6d13e2afb
python-perf-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm SHA-256: 8058cd6aecd2a42f0e44f3c73baaff339305494522122f9e982122840e063ae1

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter