Issued:: 2016-01-25
Updated:: 2016-01-25

RHSA-2016:0065 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel-rt packages that fix one security issue are now available
for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

A use-after-free flaw was found in the way the Linux kernel's key

management subsystem handled keyring object reference counting in certain
error path of the join_session_keyring() function. A local, unprivileged
user could use this flaw to escalate their privileges on the system.
(CVE-2016-0728, Important)

Red Hat would like to thank the Perception Point research team for
reporting this issue.

All kernel-rt users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. The system must be
rebooted for this update to take effect.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for Real Time 7 x86_64
Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64

Fixes

BZ - 1297475 - CVE-2016-0728 kernel: Possible use-after-free vulnerability in keyring facility

CVEs

CVE-2016-0728

References

http://www.redhat.com/security/updates/classification/#normal

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-327.4.5.rt56.206.el7_2.src.rpm	SHA-256: ac209f45a20bfc04e49f652dd14bb6621193304194f2f1159bd53790e46ca082
x86_64
kernel-rt-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 1ea607340e75151b63c5f29bb308b7fbfdd338ce139781816d8a3e3626dbf998
kernel-rt-debug-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 5dce70ef79200fdad18e6bfad6ad63b1d3a79b80f6754d647ac31e0b39e67d3f
kernel-rt-debug-debuginfo-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 786d287c66542993d4560b93d9a1c93c598567f2bf442e2c0f3ca2f7b6b0724f
kernel-rt-debug-devel-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 1034cbc5d8efb338fbff5dc134767a2c8f041dd08770d624508a9cded76f7535
kernel-rt-debuginfo-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: cf6c53dc930eb6b99317788be0a485b46e15a056a5cd244ace4f410e89099630
kernel-rt-debuginfo-common-x86_64-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: cfb133f0dbec0e4a92a68bd0ccdcdbfc6ce4707796d6e0682de7c6a53827b9ea
kernel-rt-devel-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: ebff6b96a2eaf1b6de7d2381f3e814ddb002cd772101ca104b28a0154b559fe2
kernel-rt-doc-3.10.0-327.4.5.rt56.206.el7_2.noarch.rpm	SHA-256: d4e4de637b8d7b5ec1ed5b18eb9a901ef5355d26dfd495f12f1e2c1e8eb8537f
kernel-rt-trace-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 61e2c15253215431d86e9b5c7ad6cc08b1685e7d0e14ea31026e95765eab6933
kernel-rt-trace-debuginfo-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: aaa9cb73958393596c5b5b2b11a59e6b5bd8b73c2637629fcf026324d8ed23c6
kernel-rt-trace-devel-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 4d3cd668acd87f290126bdadce2b0948f6936569dd1ad8d8cccfd6c2d426daad

Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7

SRPM
kernel-rt-3.10.0-327.4.5.rt56.206.el7_2.src.rpm	SHA-256: ac209f45a20bfc04e49f652dd14bb6621193304194f2f1159bd53790e46ca082
x86_64
kernel-rt-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 1ea607340e75151b63c5f29bb308b7fbfdd338ce139781816d8a3e3626dbf998
kernel-rt-debug-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 5dce70ef79200fdad18e6bfad6ad63b1d3a79b80f6754d647ac31e0b39e67d3f
kernel-rt-debug-debuginfo-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 786d287c66542993d4560b93d9a1c93c598567f2bf442e2c0f3ca2f7b6b0724f
kernel-rt-debug-devel-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 1034cbc5d8efb338fbff5dc134767a2c8f041dd08770d624508a9cded76f7535
kernel-rt-debuginfo-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: cf6c53dc930eb6b99317788be0a485b46e15a056a5cd244ace4f410e89099630
kernel-rt-debuginfo-common-x86_64-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: cfb133f0dbec0e4a92a68bd0ccdcdbfc6ce4707796d6e0682de7c6a53827b9ea
kernel-rt-devel-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: ebff6b96a2eaf1b6de7d2381f3e814ddb002cd772101ca104b28a0154b559fe2
kernel-rt-doc-3.10.0-327.4.5.rt56.206.el7_2.noarch.rpm	SHA-256: d4e4de637b8d7b5ec1ed5b18eb9a901ef5355d26dfd495f12f1e2c1e8eb8537f
kernel-rt-trace-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 61e2c15253215431d86e9b5c7ad6cc08b1685e7d0e14ea31026e95765eab6933
kernel-rt-trace-debuginfo-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: aaa9cb73958393596c5b5b2b11a59e6b5bd8b73c2637629fcf026324d8ed23c6
kernel-rt-trace-devel-3.10.0-327.4.5.rt56.206.el7_2.x86_64.rpm	SHA-256: 4d3cd668acd87f290126bdadce2b0948f6936569dd1ad8d8cccfd6c2d426daad

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation