CVE-2013-1848

Опубликовано: 18 мар. 2013

Источник: redhat

CVSS2: 6

Описание

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.

Отчет

This issue did not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 because it did not backport the commit 4cf46b67eb that introduced this issue. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
OpenStack 3 for RHEL 6	kernel	Fixed	RHSA-2013:1080	16.07.2013
Red Hat Enterprise Linux 6	kernel	Fixed	RHSA-2013:1051	16.07.2013
Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only	kernel	Fixed	RHSA-2013:1026	09.07.2013
Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only	kernel	Fixed	RHSA-2013:0928	11.06.2013
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2013:0829	20.05.2013