Description
This update fixes the following security issues:
* A use-after-free flaw was found in the madvise() system call
implementation in the Linux kernel. A local, unprivileged user could use
this flaw to cause a denial of service or, potentially, escalate their
privileges. (CVE-2012-3511, Moderate)
* A flaw was found in the way the Linux kernel's TCP/IP protocol suite
implementation handled IPv6 sockets that used the UDP_CORK option. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2013-4162, Moderate)
* An information leak flaw in the Linux kernel could allow a local,
unprivileged user to leak kernel memory to user-space.