Security Advisory Moderate: kernel security, bug fix, and enhancement update

Advisory: RHSA-2013:1520-1
Type: Security Advisory
Severity: Moderate
Issued on: 2013-11-14
Last updated on: 2013-11-14
Affected Products: Red Hat OpenStack 3.0
CVEs ( CVE-2013-4162


Updated kernel packages that fix two security issues, one bug, and add two
enhancements are now available for Red Hat OpenStack 3.0.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4
kernel. These custom kernel packages include support for network
namespaces; this support is required to facilitate advanced OpenStack
Networking deployments.

* A flaw was found in the way the Linux kernel's TCP/IP protocol suite
implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2013-4162, Moderate)

* An information leak flaw was found in the way the Linux kernel's device
mapper subsystem, under certain conditions, interpreted data written to
snapshot block devices. An attacker could use this flaw to read data from
disk blocks in free space, which are normally inaccessible. (CVE-2013-4299,

Red Hat would like to thank Hannes Frederic Sowa for reporting
CVE-2013-4162; and Fujitsu for reporting CVE-2013-4299.

This update also fixes the following bug:

* Prior to this update, while performing Generic Routing Encapsulation
(GRE), the possibility of having a 802.1Q inner header was not considered
during the Generic Segmentation Offloading (GSO). With this update, a check
has been added to detect the use of 802.1Q and handle the packet
accordingly. (BZ#1005804)

In addition, this update adds the following enhancements:

* This update adds support for Distributed Overlay Virtual Ethernet (DOVE).

* This update adds support for Virtual Extensible LAN (VXLAN) as an Open
vSwitch (OVS) tunneling type. (BZ#1009006)

More information on the Red Hat Enterprise Linux 6.4 kernel packages upon
which these custom kernel packages are based is available in

All Red Hat OpenStack 3.0 users deploying the OpenStack Networking service
are advised to install these updated packages.


Before applying this update, make sure all previously released errata
relevant to your system have been applied.

Details on how to use the Red Hat Network to apply this update are
available at

This Red Hat OpenStack 3.0 kernel may be installed by running this command
while logged in as the root user on a system that has the required
entitlements and subscriptions attached:

# yum install "kernel-2.6.*.openstack.el6.x86_64"

Documentation for both stable and preview releases of Red Hat OpenStack is
available at:

In particular it is highly recommended that all users read the Release
Notes document for the relevant Red Hat OpenStack release prior to

Updated packages

Red Hat OpenStack 3.0

kernel-2.6.32-358.123.4.openstack.el6.src.rpm     MD5: 132ade06d14e640b5ceb2ab7a96b21dd
SHA-256: 3c53eca060a070b4427a9878830f6a9976b7bf4fc46afd6e33154bc619b30a17
kernel-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 11e61b010b3979fe75a21c50a9609790
SHA-256: 14c821b711d4bd4b39aec7b8a3505c3b5f0d16d4149e04136b4c72fd9ce0a782
kernel-debug-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 06adf6fd81f71cf6e0ef14befd72fc86
SHA-256: b04fa8a23b59b060f9b569e939d29ebba03673e91f5f8be0a70994de03196e79
kernel-debug-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 5ab3018737062b3bf7b8026b55cff34f
SHA-256: 545b69107aceeaf0f20ea88c67ca1954b24380b80c35db1d81b6ccd39f10cc97
kernel-debug-devel-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 2f2c0a113c7343752bdd9920f64201b4
SHA-256: 47c84d5641ca066493d0266dc258751f22b09986b7df932a76364125f1498051
kernel-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 8d502a1c2c7e0e09a4b2edea95325d14
SHA-256: 86b32c1325e0a2f23cd1d3868d1af7d90f9c611a645f088ae06bf7c24820241a
kernel-debuginfo-common-x86_64-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 6097cc261dfa2d6d4cb9b36bcacd71dc
SHA-256: a360c85194dfe2153946500b8e2843ccda0f0dcb4d182490a143f16daf71218f
kernel-devel-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: b55d2bfe3304cb08e747314093aadf10
SHA-256: 3a889c711e8bd448a2b6cf7b2ea95f49d95a9434077909e2edd6594774089dad
kernel-doc-2.6.32-358.123.4.openstack.el6.noarch.rpm     MD5: e842d6fa6c7c9dca1aea142239382860
SHA-256: 359e9f2e594825303ce53a3de499bec673723386ed054164910c81a0a0e02763
kernel-firmware-2.6.32-358.123.4.openstack.el6.noarch.rpm     MD5: 9160f7fd6e2c853c122343d4f85cedd5
SHA-256: eb0fe98cb7f8912bf1fe3731e1bda1d1c3f0bbb0aee6671f00bb5248a9ab9c9d
kernel-headers-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: c6923fe16ac4e5c98dd55ed1746854b2
SHA-256: b12559fba5ad5fdfa7b1f92765dcf101025cbf0f956cb2b5865cc468827c762a
perf-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 0597c6999ba0294a869345f79ceb2414
SHA-256: 7c048c07fb76ff42629d4fd55f0a62047fef950e1f418ec52ede7fb7f21017e9
perf-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 1b63fb882fa0e642866d76e0ba2e57ce
SHA-256: b33b5a4b31092b7d75a2a12ee2c277d0d104f682d2064d351494ab8324d8ee6c
python-perf-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: e0f1a7d14cce914660f3fa7cd0fd024f
SHA-256: 364644ac0dc912bd8851ce551d7c2c70debabfae5bc17529f8571db6d13e2afb
python-perf-debuginfo-2.6.32-358.123.4.openstack.el6.x86_64.rpm     MD5: 3bba77863185b1fb0e77b8d7932046b0
SHA-256: 8058cd6aecd2a42f0e44f3c73baaff339305494522122f9e982122840e063ae1
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1004233 - CVE-2013-4299 kernel: dm: dm-snapshot data leak
1005804 - modem-like speed when transmitting TCP to a floating IP
987627 - CVE-2013-4162 Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

The Red Hat security contact is More contact details at