Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated redirect issue along with various embedded component vulnerabilities.
ce4edb828cb719a743e51aeccc8b869350ac720be7a173f3e3978c205c139f5f
Red Hat Security Advisory 2013-1080-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service.
1f6ec7f2b1348b3f77f691853c0661c2b6d8c71c0c15a9154155add5bdc0cc30
Red Hat Security Advisory 2013-1051-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service.
a8237bc5b0d4bf99427f678d7db474dc77cb9ba7060a71275ad8e94debf18eb2
Red Hat Security Advisory 2013-1026-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the "utf8=1" option could use this flaw to crash the system or, potentially, to escalate their privileges.
b2762b397b08d9221223dfd977b06176c19c33b3c398947bbd9f500e79632400
Mandriva Linux Security Advisory 2013-176 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The updated packages provides a solution for these security issues.
ae2f3459ec3bdf76b4bab9b9b1aed7e5bb62fecbaa5d70cf041846a180464d66
Red Hat Security Advisory 2013-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM guest could use this flaw to crash the host or, potentially, escalate their privileges on the host.
1ad26616fc364b191167c6388801cd7215206c00055b03e985d94de46d251e6a
Red Hat Security Advisory 2013-0829-01 - Security fixes: It was found that the kernel-rt update RHBA-2012:0044 introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. A public exploit for CVE-2013-2094 that affects Red Hat Enterprise MRG 2 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update.
00fadee46a5e7a81db412e709a930a32fe89a5061478a9d3640649e6c28b0cc4
Ubuntu Security Notice 1814-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.
f190a7e65629b41a85f0c9413fd7ff9f3b06f8eff81bc396954d9283c0bdaee7
Ubuntu Security Notice 1813-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.
7368544c5098614eb7828d10406f265200161e116ca06333c37dd23d862edf27
Ubuntu Security Notice 1812-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.
b05d49f9e850cdf45a6d8aa43a7396eeaec1289b982f62c2facf06658ae4d42b
Ubuntu Security Notice 1811-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.
bc5a300fb0fcdeac446d0595095403f6f8fa6d91a12d9b4f8eb17fb7e6a96e40
Ubuntu Security Notice 1809-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.
d4cebc9b5680648746ccf37333cc5ee1da4f674852175df54056f76316a751b4