Red Hat Product Errata RHSA-2014:2028 - Security Advisory

Issued:: 2014-12-22
Updated:: 2014-12-22

RHSA-2014:2028 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.2 Advanced Update Support.

Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

A flaw was found in the way the Linux kernel handled GS segment register
base switching when recovering from a #SS (stack segment) fault on an
erroneous return to user space. A local, unprivileged user could use this
flaw to escalate their privileges on the system. (CVE-2014-9322, Important)

Red Hat would like to thank Andy Lutomirski for reporting this issue.

All kernel users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. The system must be
rebooted for this update to take effect.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not use
"rpm -Uvh" as that will remove the running kernel binaries from your
system. You may use "rpm -e" to remove old kernels after determining that
the new kernel functions properly on your system.

Affected Products

Red Hat Enterprise Linux Server - AUS 6.2 x86_64

Fixes

BZ - 1172806 - CVE-2014-9322 kernel: x86: local privesc due to bad_iret and paranoid entry incompatibility

CVEs

CVE-2014-9322

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.2

SRPM
kernel-2.6.32-220.57.1.el6.src.rpm	SHA-256: c30f0450c7f8686fea1644601e8521f646a39a4e189704b8cbc68a4d03608b93
x86_64
kernel-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: e52f542731265f52fd993135778de08ea74a2628a10774b9653389d1010ce96d
kernel-debug-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 495d3b5f323b4d24b9e4784ffd2554eda43366f7c552ade84f798b706278faa0
kernel-debug-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: aa8046cc5cd8dae04965331b8d9681cd5473e3e1ca59a9c02963ea00ba17e94b
kernel-debug-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: aa8046cc5cd8dae04965331b8d9681cd5473e3e1ca59a9c02963ea00ba17e94b
kernel-debug-devel-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 854c1371f8bcb84758c320a07f65aa8f426fe4dd38549dd84c42158b42cb75ab
kernel-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 7c980259b44b1be0fd69a0d5807007bb5a277ad7faec558719b47039e13ceccb
kernel-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 7c980259b44b1be0fd69a0d5807007bb5a277ad7faec558719b47039e13ceccb
kernel-debuginfo-common-x86_64-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 23c27bce6e0d1d5319a4e2e68ba3928c3bdf928fce0b032c121d49e4d7408067
kernel-debuginfo-common-x86_64-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 23c27bce6e0d1d5319a4e2e68ba3928c3bdf928fce0b032c121d49e4d7408067
kernel-devel-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 49903e58363d48c4ca34ad464cf0610311e8b361dc88eb82eb8b4fc86d6c93ef
kernel-doc-2.6.32-220.57.1.el6.noarch.rpm	SHA-256: 79d8cedd105c17f1467a0fb6fec972d2df4873673f185d30a5809536215f87ac
kernel-firmware-2.6.32-220.57.1.el6.noarch.rpm	SHA-256: 49b92e82ae0b7b36db99ce4ad393b7d5ab118c928ddd83702a4535ae11c7652a
kernel-headers-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 068da59c30b6bdd6e620e4bd9ad1520faf1c2493aba25568673de03decab6900
perf-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 5c370742a249f26465d07cfd16d454ded9a3cd73acb1997c4a2397761c2dd6e2
perf-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: de77d8871249caf4275b0732435031e49f8870908ce9bb9a032f8b2050125361
perf-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: de77d8871249caf4275b0732435031e49f8870908ce9bb9a032f8b2050125361
python-perf-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: 0d515d2021b388e35a0c804a06355b57319a8da01c051524a42f68d336b5bde0
python-perf-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: cfd35d492b34d189d5e7979a066e2e769d8197716ec4c87f19541151382b0e07
python-perf-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm	SHA-256: cfd35d492b34d189d5e7979a066e2e769d8197716ec4c87f19541151382b0e07

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories