Red Hat Security Advisory 2012-0517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with the ability to mount and unmount ext4 file systems could use this flaw to cause a denial of service.
a3b698c48fcc955e07be7e793693f6df72c469baba14949ac3d75dc5d4a3b26b
Red Hat Security Advisory 2012-0116-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.
71cb08ef2d809cd41a86b8da8e6cf0581e7d7544405546ba07d973f409a56d8f
Red Hat Security Advisory 2012-0107-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access to the entire block device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the References, for further details about this issue.
0f06f08a25a1cc6f395b307753e4762964477f1ec0e20c7adb0a86df4fce7422
Ubuntu Security Notice 1294-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
acab8d51e69e89ac69916bfde79578d48d20a5c740ed8334923ba6a32afe7023
Red Hat Security Advisory 2011-1530-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.
0ea0d8d1bd62a748fefde36e3fb68a6860a5459a3012b4b4223b673f37abf7b8