Linux kernel built with the Broadcom tg3 ethernet driver is vulnerable to a buffer overflow. This could occur when the tg3 driver reads and copies firmware string from hardware's product data(VPD), if it exceeds 32 characters. A user with physical access to a machine could use this flaw to crash the system or, potentially, escalate their privileges on the system. Upstream fix: ------------- -> https://git.kernel.org/linus/715230a44310a8cf66fbfb5a46f9a62a9b2de424 Reference: ---------- -> http://openwall.com/lists/oss-security/2013/04/05/2
Statement: This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. The Red Hat Security Response Team has rated this issue as having low security impact because physical access is needed to exploit this issue. Future kernel updates for Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2 may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Created kernel tracking bugs for this issue Affects: fedora-all [bug 949946]
kernel-3.8.6-203.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2013:0829 https://rhn.redhat.com/errata/RHSA-2013-0829.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:1034 https://rhn.redhat.com/errata/RHSA-2013-1034.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1645 https://rhn.redhat.com/errata/RHSA-2013-1645.html