Issued:
2014-06-26
Updated:
2014-06-26

RHSA-2014:0801 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages that fix two security issues are now available for
Red Hat Enterprise Linux 5.6 Long Life.

The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

  • A flaw was found in the way the Linux kernel's floppy driver handled user
    space provided data in certain error code paths while processing FDRAWCMD
    IOCTL commands. A local user with write access to /dev/fdX could use this
    flaw to free (using the kfree() function) arbitrary kernel memory.
    (CVE-2014-1737, Important)
  • It was found that the Linux kernel's floppy driver leaked internal kernel
    memory addresses to user space during the processing of the FDRAWCMD IOCTL
    command. A local user with write access to /dev/fdX could use this flaw to
    obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)

Note: A local user with write access to /dev/fdX could use these two flaws
(CVE-2014-1737 in combination with CVE-2014-1738) to escalate their
privileges on the system.

Red Hat would like to thank Matthew Daley for reporting these issues.

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 5.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 5.6 ia64
  • Red Hat Enterprise Linux Server - AUS 5.6 i386

Fixes

  • BZ - 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command

CVEs

References

Red Hat Enterprise Linux Server - AUS 5.6

SRPM
kernel-2.6.18-238.53.1.el5.src.rpm SHA-256: 87958e20cd1c65f45e3848b48b4cadf32be1546d5541bed812bc993a4bbadf31
x86_64
kernel-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: b44db6b934bbd1f1d9a4c983f7afc44559736b72f5a7337fad7f2f60de53903f
kernel-debug-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: 63258aacd3915b6dc4f07ebf836055c42ea69a3b0551b90facc5a7464e478b63
kernel-debug-debuginfo-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: 3c7df7cb1b16e1e4b5fab75ba070cc2a008860d0565e6e9f8e190c88c610d659
kernel-debug-devel-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: ac2b2a3d793211f1fc585a1894ef1ea90915e958e5ae2f78a190f757578263f1
kernel-debuginfo-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: d53b776f8496853389582fea2c3de2aae6dd33706121de9eb426b49d25840b0f
kernel-debuginfo-common-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: 4fd177aa612649556e1c7db5bea2683178ff527778b4d3f0651597beb4f3028a
kernel-devel-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: d0f19546c336948b71fa3e4b28d8e49118cfd7f2802483d52b0c6407ccd815e6
kernel-doc-2.6.18-238.53.1.el5.noarch.rpm SHA-256: dbeb092505161148f19b0b97300c195b8ef7aa802e5102490e714fbb6286ba7e
kernel-headers-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: 74273ba253fd6723b6aa1b9f66ae0408ff8dc2fd75d91247d41e7e00cd4ba8ed
kernel-xen-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: def1771a0a82cc88db4ed53f14811cbee8fd1603d7919cc97725670f0c7a556e
kernel-xen-debuginfo-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: 35ee36ea5a8f9c112032fa89a0bc867184a1cfcc4def3558b7b437b9b169c27e
kernel-xen-devel-2.6.18-238.53.1.el5.x86_64.rpm SHA-256: d4d8d8b7c2a1bc83476b5e35a10b7bad662c97eda876abccd8ae9c8f8bbcc998
ia64
kernel-2.6.18-238.53.1.el5.ia64.rpm SHA-256: 04ae05307a8eb500f5ba6da4b8711511bc2fe5d3557ea6ec4af11fca69d5987f
kernel-debug-2.6.18-238.53.1.el5.ia64.rpm SHA-256: 93499deb1c9e36ea964238b4382fec13d48db87543302de3d500f9a01b565b09
kernel-debug-debuginfo-2.6.18-238.53.1.el5.ia64.rpm SHA-256: 65da8a4e18257334ff5808607485cd8a737c71b7b8de5af21eb07ef1907d8fcf
kernel-debug-devel-2.6.18-238.53.1.el5.ia64.rpm SHA-256: da33e4d1d66154478a2030da19e9ec04757577f1ad3ee9a4ca5a524bcb8a30f5
kernel-debuginfo-2.6.18-238.53.1.el5.ia64.rpm SHA-256: 4bc94e2f5c59d73147c7ab00d2beaf236734ab4bdd5b37301fc206700a67e0a3
kernel-debuginfo-common-2.6.18-238.53.1.el5.ia64.rpm SHA-256: f53c0201db3401ba1e940d965b7b41b33c5b76e953fa9ddc54c651552e1b1509
kernel-devel-2.6.18-238.53.1.el5.ia64.rpm SHA-256: 83d9416881b3c1c36cb5caf48f35e8acbf8b0b8c98bc6dc0627cd7ff9e8b6a5e
kernel-doc-2.6.18-238.53.1.el5.noarch.rpm SHA-256: dbeb092505161148f19b0b97300c195b8ef7aa802e5102490e714fbb6286ba7e
kernel-headers-2.6.18-238.53.1.el5.ia64.rpm SHA-256: a979436269503789fb4f77611aa313666567158b87c9a7594ec8cf8d92186180
kernel-xen-2.6.18-238.53.1.el5.ia64.rpm SHA-256: 316161fd8657319064689317844b64f7a15873c52e4df8bd553eb209c7df5c53
kernel-xen-debuginfo-2.6.18-238.53.1.el5.ia64.rpm SHA-256: f16dbc32019f76b76857e1d693cdc85e05bad052351f47c610172cfdc806b902
kernel-xen-devel-2.6.18-238.53.1.el5.ia64.rpm SHA-256: b6b49b29b5b690c50315bb4c32fbcfbab847db2dc90ecab6fbaa710f93234c88
i386
kernel-2.6.18-238.53.1.el5.i686.rpm SHA-256: e2bb213398e95b6707769cb88888f4547a590c1359d0dd7482ae7f0aeaebda92
kernel-PAE-2.6.18-238.53.1.el5.i686.rpm SHA-256: a16f24a9ff8eb651580a09d34a17ed69f7ba676f24e6e903d7845b8d59062831
kernel-PAE-debuginfo-2.6.18-238.53.1.el5.i686.rpm SHA-256: cd20ee6013fc98290f400da081260ff022295eb13cbe3a43df4aa7d05ab2a320
kernel-PAE-devel-2.6.18-238.53.1.el5.i686.rpm SHA-256: 47dfba05537f1f7eb3280148562aa3747c93af6433eaf2a1c3d846575f765806
kernel-debug-2.6.18-238.53.1.el5.i686.rpm SHA-256: 7b3f841118e65338eac7ae4d23cee6ca91c331c4826e5d7718de9edaa92ddaab
kernel-debug-debuginfo-2.6.18-238.53.1.el5.i686.rpm SHA-256: 3ad91156a0fb4d9e1efbe7f9ef4569887e920c8a590a55baa0ef57beb374eee1
kernel-debug-devel-2.6.18-238.53.1.el5.i686.rpm SHA-256: 53cbae743edb71a4e4902b2f1e4030a657cacff7289a858c50234bfa97e64a90
kernel-debuginfo-2.6.18-238.53.1.el5.i686.rpm SHA-256: 38d7dac884e80b90998bbdd734e9cce08794c877a55bdb698094d5fce40154c5
kernel-debuginfo-common-2.6.18-238.53.1.el5.i686.rpm SHA-256: 7cc11fef6213decf7d1b16b7857c167943731ce12748ab615b5fc5ee7961206e
kernel-devel-2.6.18-238.53.1.el5.i686.rpm SHA-256: 07ea361425b8a9ca647b3d45dedebbb482ada9b8a700796c8307e000f6e5a200
kernel-doc-2.6.18-238.53.1.el5.noarch.rpm SHA-256: dbeb092505161148f19b0b97300c195b8ef7aa802e5102490e714fbb6286ba7e
kernel-headers-2.6.18-238.53.1.el5.i386.rpm SHA-256: 5ea6fd4981b23685e06c4025d586f496ab1182dfa605cb35e77cf87023025ee2
kernel-xen-2.6.18-238.53.1.el5.i686.rpm SHA-256: 9fb41471a4158dd90abd015cd3e73b529d9fc0a470e57a9d02f1263472ef1089
kernel-xen-debuginfo-2.6.18-238.53.1.el5.i686.rpm SHA-256: 400d9206f3223bfe731d4b0ebeb67aa2feab06c8ab996e8387d0fbd442fb951b
kernel-xen-devel-2.6.18-238.53.1.el5.i686.rpm SHA-256: 8693ba6ce6e3726ddd5bd0dda63ade82f7402faa7e27384b05d045160c015aef

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.