kernel security and bug - CVE-2015-1805

Latest response

Hi,

Please provide us detailed information about the bug - CVE-2015-1805, whether this bug is serious threat to servers.
we are running with rhel 5.7 production server. ( kernal Linux ENTMWATCHEMS-VE 2.6.18-274.el5xen ).
Requesting you to share complete steps & Action plans ( pre & post ) to apply and fix for this bug. Also need fall back plan.

FYI
#uname -a
Linux ENTMWATCHEMS-VE 2.6.18-274.el5xen #1 SMP Fri Jul 8 17:45:44 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux
Red Hat Enterprise Linux Server release 5.7 (Tikanga)

Responses

The official Red Hat information about the issue is here: CVE-2015-1805.

The Impact is Important, and the Base score is 6.9. These are fairly high numbers.
I would recommend applying the fix for this bug..

The following article lists a workaround of disabling Transparent Huge Pages.
Resolution for CVE-2015-1805, pipe: iovec overrun leading to memory corruption.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.