Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Topic

Updated kernel-rt packages that fix one security issue are now available
for Red Hat Enterprise MRG 2.1.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

• It was found that permissions were not checked properly in the Linux
  kernel when handling the /proc/[pid]/mem writing functionality. A local,
  unprivileged user could use this flaw to escalate their privileges. Refer
  to Red Hat Knowledgebase article DOC-69129, linked to in the References,
  for further information. (CVE-2012-0056, Important)
  

Red Hat would like to thank Jüri Aedla for reporting this issue.

Users should upgrade to these updated packages, which correct this issue.
The system must be rebooted for this update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

• MRG Realtime 2 x86_64

Fixes

• BZ - 782642 - CVE-2012-0056 kernel: proc: /proc/<pid>/mem mem_write insufficient permission checking

CVEs

• CVE-2012-0056

References

• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/kb/docs/DOC-69129

MRG Realtime 2

SRPM
kernel-rt-3.0.9-rt26.46.el6rt.src.rpm	SHA-256: c4b23d4ad2a6f066255da6d6f518f3b1fa614ab5ccd4e730c7ac2f1dfc9456b6
x86_64
kernel-rt-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 7822ebb2ca17cd8f29e166b7c0ca4a600f68409fa6f5ca7b4cbfb20c74aad150
kernel-rt-debug-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 24795e769cbf425a35ce7e791c9699dfdac304e09bc6da3f2de502c5a1b87f1a
kernel-rt-debug-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 0d9dcfee56b5dde31472efb296bfb6f9c886ab7dde0f5dd5685c041986780703
kernel-rt-debug-devel-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: e9e8a452bb0f2135403474abc18ed0074b7945bab41034f3d718857dcdfe68ee
kernel-rt-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: bd7ae1b405252f56ed6d7e6745a4ac3fbf06325a7102f910a984c05472e822ea
kernel-rt-debuginfo-common-x86_64-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: c21a91793f56e8014673073ec4d6065e5fcba61361df6403e9282288241bdd8a
kernel-rt-devel-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 93e9c577e8b14fe81877a6b6e6cc7442fe1f1f8fd13ca12e6842e43395f2dfb9
kernel-rt-doc-3.0.9-rt26.46.el6rt.noarch.rpm	SHA-256: 0a7dc860b42e1ca868e210dace944f03c8d3129d475df35033a865f601f7bf11
kernel-rt-firmware-3.0.9-rt26.46.el6rt.noarch.rpm	SHA-256: 9972ecd834d801d59280e28d1bdba79bc73b55ab2d9b250589b01fad63be1232
kernel-rt-trace-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: f1e64951ee9d4b3d45b3fc3df7772e5b3c90dd026b9608d2199200778202fced
kernel-rt-trace-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 87c6fcac7c1d1e0521149100c2fa2f27d4edeecb10d4b68ef87e950e0b6585c2
kernel-rt-trace-devel-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 91a4c319f11eea0ed0f76ab556bcced327d56469df9100d1f5200fb5528a2813
kernel-rt-vanilla-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: bf7e8b2fffee5a6a25c20e4c3e8c2333c88f1243663d8077ec062bfbb8d21cee
kernel-rt-vanilla-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: d9a329ce6cca12fdf499244063450a71d6352d03cc669e537e963915b1f65864
kernel-rt-vanilla-devel-3.0.9-rt26.46.el6rt.x86_64.rpm	SHA-256: 623218dd7adf8914544959fcdfd8f662240442e8a9c534dc4f950b8f0c8aea71