Issued:
2012-06-26
Updated:
2012-06-26

RHSA-2012:1042 - Security Advisory

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel packages that fix various security issues and three bugs are
now available for Red Hat Enterprise Linux 6.1 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

  • A local, unprivileged user could use an integer overflow flaw in

drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their
privileges. (CVE-2012-0044, Important)

  • It was found that the kvm_vm_ioctl_assign_device() function in the KVM

(Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if
the user requesting device assignment was privileged or not. A local,
unprivileged user on the host could assign unused PCI devices, or even
devices that were in use and whose resources were not properly claimed by
the respective drivers, which could result in the host crashing.
(CVE-2011-4347, Moderate)

  • A flaw was found in the way the Linux kernel's XFS file system

implementation handled on-disk Access Control Lists (ACLs). A local,
unprivileged user could use this flaw to cause a denial of service or
escalate their privileges by mounting a specially-crafted disk.
(CVE-2012-0038, Moderate)

  • It was found that the Linux kernel's register set (regset) common

infrastructure implementation did not check if the required get and set
handlers were initialized. A local, unprivileged user could use this flaw
to cause a denial of service by performing a register set operation with a
ptrace() PTRACE_SETREGSET or PTRACE_GETREGSET request. (CVE-2012-1097,
Moderate)

  • A race condition was found in the Linux kernel's memory management

subsystem in the way pmd_none_or_clear_bad(), when called with mmap_sem in
read mode, and Transparent Huge Pages (THP) page faults interacted. A
privileged user in a KVM guest with the ballooning functionality enabled
could potentially use this flaw to crash the host. A local, unprivileged
user could use this flaw to crash the system. (CVE-2012-1179, Moderate)

Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044; Sasha
Levin for reporting CVE-2011-4347; Wang Xi for reporting CVE-2012-0038; and
H. Peter Anvin for reporting CVE-2012-1097.

This update also fixes the following bugs:

  • When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE

communications was taken down suddenly (either by adapter failure or the
intentional shutdown of the interface), the ongoing RoCE communications
could cause the kernel to panic and render the machine unusable. A patch
has been provided to protect the kernel in this situation and to pass an
error up to the application still using the interface after it has been
taken down instead. (BZ#799944)

  • The fix for Red Hat Bugzilla bug 713494, released via RHSA-2011:0928,

introduced a regression. Attempting to change the state of certain
features, such as GRO (Generic Receive Offload) or TSO (TCP segment
offloading), for a 10 Gigabit Ethernet card that is being used in a
virtual LAN (VLAN) resulted in a kernel panic. (BZ#816974)

  • If a new file was created on a Network File System version 4 (NFSv4)

share, the ownership was set to nfsnobody (-2) until it was possible to
upcall to the idmapper. As a consequence, subsequent file system operations
could incorrectly use "-2" for the user and group IDs for the given file,
causing certain operations to fail. In reported cases, this issue also
caused "Viminfo file is not writable" errors for users running Vim with
files on an NFSv4 share. (BZ#820960)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1 i386
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.1 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.1 ppc64
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.1 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.1 i386
  • Red Hat Virtual Storage Appliance (from RHUI) 6.1 x86_64

Fixes

  • BZ - 756084 - CVE-2011-4347 kernel: kvm: device assignment DoS
  • BZ - 772894 - CVE-2012-0044 kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
  • BZ - 773280 - CVE-2012-0038 kernel: xfs heap overflow
  • BZ - 799209 - CVE-2012-1097 kernel: regset: Prevent null pointer reference on readonly regsets
  • BZ - 803793 - CVE-2012-1179 kernel: thp:__split_huge_page() mapcount != page_mapcount BUG_ON()

Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1

SRPM
kernel-2.6.32-131.29.1.el6.src.rpm SHA-256: 8746fe3f6b198dce344c8c1d55ed83c1e2629c0e9a19c0d25d56a2fb68a5a5bc
x86_64
kernel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: ed27d265808aa402e8243763db39e834a63a43e397109a59ef7b5a71698d2e79
kernel-debug-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 485f7a3a3bb3ad74f4fcb8efa4f37b6ec81cb75b91a7878563fc5426f68a962b
kernel-debug-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 0cb75187e76f2eb025805240a8e68c3bee1dc1290c0d55448f3d5fd2e346f57e
kernel-debug-devel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 0a44b0037329cb16c757e4feb77c32e39860df61845677d2f2eeb836bda56c98
kernel-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 90eb5f4f2ffba66eb2e56d730085689f0d884d107673bfc6705179d5e7eccd47
kernel-debuginfo-common-x86_64-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: aafa7a75a3c5c04ea362fc0fe9b23d797a2724fcce33c7076345410c50ac6c85
kernel-devel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: af3e550769bb951f59d5bf0735b9bb653329e48f88ebbb994585ecc7f1961103
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 605cecfbc695e7f64fcb898532348e2a63da9b2147e1680875adc81dbade4df5
perf-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: ad17d12204bfb2649a6350b45cbca2b35e9758d33eb6682450605518b73c2d20
perf-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: d59a39def238e686dd8b4b3203781221fa7ffad5b411ef12a9b8eaff386e283d
i386
kernel-2.6.32-131.29.1.el6.i686.rpm SHA-256: 11f86999bc1af46eb659ae1280e0ac57d29290ff7f5b3385612f5a8521f5bad2
kernel-debug-2.6.32-131.29.1.el6.i686.rpm SHA-256: f17739d9dd1f9393ae8389d1020b84a0aaeb60a7afc458146de3f88da1f1818b
kernel-debug-debuginfo-2.6.32-131.29.1.el6.i686.rpm SHA-256: 681e2d3dff0cb0c3a8b395b9cb64e021d401c13a7e16f656b342fe4e22e6f9e7
kernel-debug-devel-2.6.32-131.29.1.el6.i686.rpm SHA-256: c236af0096371f39e965bdcfe97554c504546c5e5e996e5f60cf15ba6ff9f65e
kernel-debuginfo-2.6.32-131.29.1.el6.i686.rpm SHA-256: 21aa1814c31459206e8834e3166be334a4ea626ad6ce79f65b719a89e2727982
kernel-debuginfo-common-i686-2.6.32-131.29.1.el6.i686.rpm SHA-256: e427b5e0e485255d834651407156584623a1bf215ff8dd2c77480d50d41922dc
kernel-devel-2.6.32-131.29.1.el6.i686.rpm SHA-256: 91abd7ea56f7b5c91cb5f69c6e82ca60ceae8c118997452ba4ba07e1798413bf
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.i686.rpm SHA-256: 6b7a9eeb173223770680fd1639b8b2bac35455dc87e127d5fe4ec7681f190fbc
perf-2.6.32-131.29.1.el6.i686.rpm SHA-256: 7cd589242fac8149f12ae5950c4dbd7ffdf4c32f88cc20d4ef34f251d2b2ab50
perf-debuginfo-2.6.32-131.29.1.el6.i686.rpm SHA-256: f6b769b09ad1b737fcbf1ad0cd6479f964f2bbc96db32901133a6f7ace5540f6

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.1

SRPM
kernel-2.6.32-131.29.1.el6.src.rpm SHA-256: 8746fe3f6b198dce344c8c1d55ed83c1e2629c0e9a19c0d25d56a2fb68a5a5bc
s390x
kernel-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 63b4a1f74befd4137b4e099063f824f8bbd7b16414851b1594403f713d764fbe
kernel-debug-2.6.32-131.29.1.el6.s390x.rpm SHA-256: cb96b569b4d14cb5462221c2a8abdec2cb62de2fc5aa4d35432c06bf56eb8f65
kernel-debug-debuginfo-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 918198d29220e2228caae95a708e2a9f8b3588bc7e79d705a12da02c7e78368c
kernel-debug-devel-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 6f417da00eaa217b75191ef74e9cad5ec199e3524a8ae3b3b10abcf1ddcf7c1e
kernel-debuginfo-2.6.32-131.29.1.el6.s390x.rpm SHA-256: e4734b1a52cef68aa388bdf201e061e2f727a933d84893563fc070d644f5c227
kernel-debuginfo-common-s390x-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 9557bc8bf7a0930fb2a9da7e72d8e60e35a59523523838b6f900f4d23b565b7d
kernel-devel-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 45cce5a65275eaab9ef60c72b4742eebf35b4e5f1c410dd76b6664d994216ffb
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 87475901301abed6220fb8c83cc2c2703e4964e6a5aa829fe79717d325c08161
kernel-kdump-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 19e960d7f87f6f58d9d4e4f9398e3f0dc54c6692c2f69b8519864669dbb4312d
kernel-kdump-debuginfo-2.6.32-131.29.1.el6.s390x.rpm SHA-256: dc05059e975fe78f8615e26fd18cf17a146116f9fe60c9871c09a8cb2b79e090
kernel-kdump-devel-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 1a3dcc1ab2f48e73ee4bb19bab00a77fe272a1a9f42864eea2d5ad922dfc4268
perf-2.6.32-131.29.1.el6.s390x.rpm SHA-256: ae0c3d9784565fa324134afe76de2ee38daa8a29b224b7d24c6ec15ae2c099fe
perf-debuginfo-2.6.32-131.29.1.el6.s390x.rpm SHA-256: 63d1ffe34bb2db3323442115251eb6ec89aaee1b60702cd4ba40ced776faa525

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.1

SRPM
kernel-2.6.32-131.29.1.el6.src.rpm SHA-256: 8746fe3f6b198dce344c8c1d55ed83c1e2629c0e9a19c0d25d56a2fb68a5a5bc
ppc64
kernel-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: fd73ee041b297c203dc8a8d1c22ffead3679127bba5cebf1fbae9a4201c65a96
kernel-bootwrapper-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 2f1485735d21560ab78805f4ecae968cf7ffc357a46786706db92fa0c24663c9
kernel-debug-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 6729703243a301f4c118fcefdcde75bbcd4718db24dd611ac133b1b887a45f28
kernel-debug-debuginfo-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 52c3ec694e60e1d165cd750b17944625d1ed019386278dab55f0ba60025863b5
kernel-debug-devel-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 09429520b2843b175079da8ab535bba89a097be5d86dd7df797628db3886516d
kernel-debuginfo-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 8cba990ec2b7f1c015bac840ac3fb9697b105357880c7a2c1b5750a3574c7cf9
kernel-debuginfo-common-ppc64-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: a7f794c95fe81790604ec25ebda03d4b75ac063e07a1337d116c43144bf29ecc
kernel-devel-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 55a5735deda0ab3e3eb128701cf2766d008dbd26b941b7510fd80b723158b7f0
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 680e86e119a365b8db4524421aefbe4135f2d8f9d421e7ed0e961cadf6709659
perf-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: b359eaab68b66e20109a57b25506ab3641feeb02e115c7555148b5713edd6d07
perf-debuginfo-2.6.32-131.29.1.el6.ppc64.rpm SHA-256: 8ea9591a8f726848e84bfbc53e7f10fdc3ba9a5ba6a447fa7d96ed58b27d9a30

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.1

SRPM
kernel-2.6.32-131.29.1.el6.src.rpm SHA-256: 8746fe3f6b198dce344c8c1d55ed83c1e2629c0e9a19c0d25d56a2fb68a5a5bc
x86_64
kernel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: ed27d265808aa402e8243763db39e834a63a43e397109a59ef7b5a71698d2e79
kernel-debug-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 485f7a3a3bb3ad74f4fcb8efa4f37b6ec81cb75b91a7878563fc5426f68a962b
kernel-debug-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 0cb75187e76f2eb025805240a8e68c3bee1dc1290c0d55448f3d5fd2e346f57e
kernel-debug-devel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 0a44b0037329cb16c757e4feb77c32e39860df61845677d2f2eeb836bda56c98
kernel-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 90eb5f4f2ffba66eb2e56d730085689f0d884d107673bfc6705179d5e7eccd47
kernel-debuginfo-common-x86_64-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: aafa7a75a3c5c04ea362fc0fe9b23d797a2724fcce33c7076345410c50ac6c85
kernel-devel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: af3e550769bb951f59d5bf0735b9bb653329e48f88ebbb994585ecc7f1961103
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 605cecfbc695e7f64fcb898532348e2a63da9b2147e1680875adc81dbade4df5
perf-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: ad17d12204bfb2649a6350b45cbca2b35e9758d33eb6682450605518b73c2d20
perf-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: d59a39def238e686dd8b4b3203781221fa7ffad5b411ef12a9b8eaff386e283d
i386
kernel-2.6.32-131.29.1.el6.i686.rpm SHA-256: 11f86999bc1af46eb659ae1280e0ac57d29290ff7f5b3385612f5a8521f5bad2
kernel-debug-2.6.32-131.29.1.el6.i686.rpm SHA-256: f17739d9dd1f9393ae8389d1020b84a0aaeb60a7afc458146de3f88da1f1818b
kernel-debug-debuginfo-2.6.32-131.29.1.el6.i686.rpm SHA-256: 681e2d3dff0cb0c3a8b395b9cb64e021d401c13a7e16f656b342fe4e22e6f9e7
kernel-debug-devel-2.6.32-131.29.1.el6.i686.rpm SHA-256: c236af0096371f39e965bdcfe97554c504546c5e5e996e5f60cf15ba6ff9f65e
kernel-debuginfo-2.6.32-131.29.1.el6.i686.rpm SHA-256: 21aa1814c31459206e8834e3166be334a4ea626ad6ce79f65b719a89e2727982
kernel-debuginfo-common-i686-2.6.32-131.29.1.el6.i686.rpm SHA-256: e427b5e0e485255d834651407156584623a1bf215ff8dd2c77480d50d41922dc
kernel-devel-2.6.32-131.29.1.el6.i686.rpm SHA-256: 91abd7ea56f7b5c91cb5f69c6e82ca60ceae8c118997452ba4ba07e1798413bf
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.i686.rpm SHA-256: 6b7a9eeb173223770680fd1639b8b2bac35455dc87e127d5fe4ec7681f190fbc
perf-2.6.32-131.29.1.el6.i686.rpm SHA-256: 7cd589242fac8149f12ae5950c4dbd7ffdf4c32f88cc20d4ef34f251d2b2ab50
perf-debuginfo-2.6.32-131.29.1.el6.i686.rpm SHA-256: f6b769b09ad1b737fcbf1ad0cd6479f964f2bbc96db32901133a6f7ace5540f6

Red Hat Virtual Storage Appliance (from RHUI) 6.1

SRPM
kernel-2.6.32-131.29.1.el6.src.rpm SHA-256: 8746fe3f6b198dce344c8c1d55ed83c1e2629c0e9a19c0d25d56a2fb68a5a5bc
x86_64
kernel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: ed27d265808aa402e8243763db39e834a63a43e397109a59ef7b5a71698d2e79
kernel-debug-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 485f7a3a3bb3ad74f4fcb8efa4f37b6ec81cb75b91a7878563fc5426f68a962b
kernel-debug-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 0cb75187e76f2eb025805240a8e68c3bee1dc1290c0d55448f3d5fd2e346f57e
kernel-debug-devel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 0a44b0037329cb16c757e4feb77c32e39860df61845677d2f2eeb836bda56c98
kernel-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 90eb5f4f2ffba66eb2e56d730085689f0d884d107673bfc6705179d5e7eccd47
kernel-debuginfo-common-x86_64-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: aafa7a75a3c5c04ea362fc0fe9b23d797a2724fcce33c7076345410c50ac6c85
kernel-devel-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: af3e550769bb951f59d5bf0735b9bb653329e48f88ebbb994585ecc7f1961103
kernel-doc-2.6.32-131.29.1.el6.noarch.rpm SHA-256: 2ad717164c6814a68744bd7c6293b6f793a17b77d167091c78844bdf0abc0055
kernel-firmware-2.6.32-131.29.1.el6.noarch.rpm SHA-256: e07f271cca29f84e70dffb206506d68d5fe69a7ee9b602de4e6f9a4a1280ade6
kernel-headers-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: 605cecfbc695e7f64fcb898532348e2a63da9b2147e1680875adc81dbade4df5
perf-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: ad17d12204bfb2649a6350b45cbca2b35e9758d33eb6682450605518b73c2d20
perf-debuginfo-2.6.32-131.29.1.el6.x86_64.rpm SHA-256: d59a39def238e686dd8b4b3203781221fa7ffad5b411ef12a9b8eaff386e283d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.