Red Hat Product Errata RHSA-2016:1055 - Security Advisory

Issued:: 2016-05-12
Updated:: 2016-05-12

RHSA-2016:1055 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.5.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system.

The following packages have been upgraded to a newer upstream version: kernel-rt (3.10.0-327.18.2). This version provides a number of bug fixes and enhancements, including:

[scsi] bnx2fc: Fix FCP RSP residual parsing and remove explicit logouts
[scsi] mpt3sas: Fix for Asynchronous completion of timedout IO and task abort of timedout IO
[scsi] scsi_error: should not get sense for timeout IO in scsi error handler
[scsi] Revert libiscsi: Reduce locking contention in fast path
[mm] madvise: fix MADV_WILLNEED on shmem swapouts
[cpufreq] intel_pstate: decrease number of "HWP enabled" messages and enable HWP per CPU
[kernel] sched: Robustify topology setup
[kernel] sched/fair: Disable tg load_avg/runnable_avg update for root_task_group
[kernel] sched/fair: Move hot load_avg/runnable_avg into separate cacheline
[ib] mlx5: Fix RC transport send queue overhead computation
[fs] nfsd: fix clp->cl_revoked list deletion causing softlock in nfsd
[fs] ceph: multiple updates

(BZ#1320168)

Security Fix(es):

A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system. (CVE-2016-0758, Important)

Red Hat would like to thank Philip Pettersson of Samsung for reporting this issue.

Bug Fix(es):

The hotplug lock and the console semaphore could be acquired in an incorrect order, which could previously lead to a deadlock causing the system console to freeze. The underlying code has been adjusted to acquire the locks in the correct order, resolving the bug with the console. (BZ#1267425)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

MRG Realtime 2 x86_64

Fixes

BZ - 1300257 - CVE-2016-0758 kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
BZ - 1320168 - update the MRG 2.5.x 3.10 kernel-rt sources

CVEs

CVE-2016-0758

References

http://www.redhat.com/security/updates/classification/#normal

Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Realtime 2

SRPM
kernel-rt-3.10.0-327.rt56.183.el6rt.src.rpm	SHA-256: 4194463381867b0991459c83ac055293bf3da16d3f85375c2f4940aa35ff0004
x86_64
kernel-rt-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: c9968422972c2d736db1c0f96837b8d70c37990131e17edaab76a93aac78e623
kernel-rt-debug-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 7eb06739c947ee10e06839a56b22c57fa36a67731bdecdd019da09abcb800964
kernel-rt-debug-debuginfo-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: a968d33461d503e893cca6e78b5d99dd3ef6483aa10131e491818847aad51808
kernel-rt-debug-devel-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 0d5b4cdc64a2ed2c1c895ef6a75f3f052869ca6b251fb39717d97872d7db050b
kernel-rt-debuginfo-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 7d68d443666aa7d8322e72de741514ff10499204b8f62733aa31041cf0a3bb2d
kernel-rt-debuginfo-common-x86_64-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: ada4c25308b687f7cf952026e1825c1171e889a40e4dd843d03908e9237ddebb
kernel-rt-devel-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 2e6fd80137f9ea78d8fae3ebec0729bc1444c27c16a11eb0682f9f3c445e0633
kernel-rt-doc-3.10.0-327.rt56.183.el6rt.noarch.rpm	SHA-256: a9a8ea6a6c0432c7f8d7ccf5a9a9b42fa5a175c73146f5b5e300d616aaef105e
kernel-rt-firmware-3.10.0-327.rt56.183.el6rt.noarch.rpm	SHA-256: a7c35306629fe6872fd952fed78128cb90d13d8d65a33257e5e79709c3011482
kernel-rt-trace-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: d52911524b1b7c83b7f067a60cdd10530ad010c811f5106d46a25cf5e8974de2
kernel-rt-trace-debuginfo-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 549fb4bf46c1245a658606201fc0cdaa431492c97d4bb89046c6d917a7b38573
kernel-rt-trace-devel-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: a2ecbcc3973924028ab192f9997f4d8efc7b70a73955edfa3b098e1443409962
kernel-rt-vanilla-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 45cb5541eabdef87e669d13b4eb310657fd691139e480dfa82d69d517aae2a9d
kernel-rt-vanilla-debuginfo-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: ee70f01bdfa9fa43dee85d2ae4fe32963245897cfd28e6a8b0fb8db70ef9ea85
kernel-rt-vanilla-devel-3.10.0-327.rt56.183.el6rt.x86_64.rpm	SHA-256: 30ba51afd8b727032bc7f0a3ea423f6dd94cf5435250fcc6fe452173543259c3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories