By Release Dates
Red Hat Advisories
Suse Linux Advisories
About & Contact
RHSA-2014:0108: kernel security and bug fix update (Moderate)
The kernel packages contain the Linux kernel, the core of any Linux
* It was found that the Xen hypervisor did not always lock
'page_alloc_lock' and 'grant_table.lock' in the same order. This could
potentially lead to a deadlock. A malicious guest administrator could use
this flaw to cause a denial of service on the host. (CVE-2013-4494,
Red Hat would like to thank the Xen project for reporting this issue.
This update also fixes the following bugs:
* A recent patch to the CIFS code that introduced the NTLMSSP
(NT LAN Manager Security Support Provider) authentication mechanism caused
a regression in CIFS behavior. As a result of the regression, an encryption
key that is returned during the SMB negotiation protocol response was only
used for the first session that was created on the SMB client. Any
subsequent mounts to the same server did not use the encryption key
returned by the initial negotiation with the server. As a consequence, it
was impossible to mount multiple SMB shares with different credentials to
the same server. A patch has been applied to correct this problem so that
an encryption key or a server challenge is now provided for every SMB
session during the SMB negotiation protocol response. (BZ#1029865)
* The igb driver previously used a 16-bit mask when writing values of the
flow control high-water mark to hardware registers on a network device.
Consequently, the values were truncated on some network devices, disrupting
the flow control. A patch has been applied to the igb driver so that it now
uses a 32-bit mask as expected. (BZ#1041694)
* The IPMI driver did not properly handle kernel panic messages.
Consequently, when a kernel panic occurred on a system that was utilizing
IPMI without Kdump being set up, a second kernel panic could be triggered.
A patch has been applied to the IPMI driver to fix this problem, and a
message handler now properly waits for a response to panic event messages.
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
Create Date: 2014-01-29 Last Update Date: 2014-01-29
unix (from OVAL definitions)
- Red Hat Enterprise Linux 5
OVAL Definitions By Referenced Objects
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is
MITRE's CVE web site
CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is
MITRE's CWE web site
OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is
MITRE's OVAL web site
Warning: This site and all data are provided as is.
It is not guaranteed that all information is accurate and complete.
Use any information provided on this site at your own risk.
By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete.
All trademarks appearing on this site are the property of their respective owners in the US or other countries.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.
PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user's risk.
In no event shall the author/distributor/web site owner/maintainer be held liable for
any damages whatsoever arising out of or in connection with the use or spread of this information.