Description
A flaw was found in the way socket buffers (skb) requiring TSO (TCP
segment offloading) were handled by the sfc driver. If the skb did not fit
within the minimum-size of the transmission queue, the network card could
repeatedly reset itself. A remote attacker could use this flaw to cause a
denial of service. (CVE-2012-3412, Important)
* A use-after-free flaw was found in the xacct_add_tsk() function in the
Linux kernel's taskstats subsystem. A local, unprivileged user could use
this flaw to cause an information leak or a denial of service.
(CVE-2012-3510, Moderate)
* A buffer overflow flaw was found in the hfs_bnode_read() function in the
HFS Plus (HFS+) file system implementation in the Linux kernel. A local
user able to mount a specially-crafted HFS+ file system image could use
this flaw to cause a denial of service or escalate their privileges.
(CVE-2012-2319, Low)
* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()
function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol
implementation was initialized. A local, unprivileged user could use this
flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)