Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2016:1096 - Security Advisory
Issued:
2016-05-23
Updated:
2016-05-23

RHSA-2016:1096 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. (CVE-2015-5364, CVE-2015-5366, Important)

Bug Fix(es):

  • Prior to this update, if processes that generate interrupts were active during the guest shutdown sequence, the virtio driver in some cases did not correctly clear the interrupts. As a consequence, the guest kernel became unresponsive, which prevented the shutdown from completing. With this update, the virtio driver processes interrupts more effectively, and guests now shut down reliably in the described scenario. (BZ#1323568)
  • At a process or thread exit, when the Linux kernel undoes any SysV semaphore operations done previously (the ones done using semop with the SEM_UNDO flag), there was a possible flaw and race with another process or thread removing the same semaphore set where the operations occurred, leading to possible use of in-kernel-freed memory and then to possible unpredictable behavior. This bug could be noticed with software which uses IPC SysV semaphores, such as IBM DB2, which for example in certain cases could lead to some of its processes or utilities to get incorrectly stalled in some IPC semaphore operation or syscall after the race or problem happened. A patch has been provided to fix this bug, and the kernel now behaves as expected in the aforementioned scenario. (BZ#1326341)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 6.4 x86_64

Fixes

  • BZ - 1239029 - CVE-2015-5366 CVE-2015-5364 kernel: net: incorrect processing of checksums in UDP implementation

CVEs

  • CVE-2015-5364
  • CVE-2015-5366

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.4

SRPM
kernel-2.6.32-358.71.1.el6.src.rpm SHA-256: 4e2fc691c0c834aa5cf1c69862d2c6ec50af3b0b81ed1247784dd75b7942c25a
x86_64
kernel-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 39f3f4d0dd6c2062933e71bcf75274a8f7378f65b580dc1c5fb3bcd51551292d
kernel-debug-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: d903b6ba9ee2d83637868291bf3fef4489bd3d6b1a0cbf44c72a8fe3b5ee2561
kernel-debug-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 6a72741e05d69631fb98cf5b51bb7cf7e79858716eeb97a66bbffcf57c933ed9
kernel-debug-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 6a72741e05d69631fb98cf5b51bb7cf7e79858716eeb97a66bbffcf57c933ed9
kernel-debug-devel-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: ae3915e9bf3b1428955bcb8a9497cdc76e9c0d22c5690680378b2a8558d01504
kernel-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 10802d0ac1fa9ddeecb9fd4f665680050967124da902be6797638341c770531d
kernel-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 10802d0ac1fa9ddeecb9fd4f665680050967124da902be6797638341c770531d
kernel-debuginfo-common-x86_64-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 5b3aa32aa37d82ec5f6462dcd6c972b86122c2905e34c8be13ac500acb0b82f5
kernel-debuginfo-common-x86_64-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 5b3aa32aa37d82ec5f6462dcd6c972b86122c2905e34c8be13ac500acb0b82f5
kernel-devel-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 7fa904d0d52e31e9af1700f4ab37e5b82d2ed464717ca0153f810c3ed5644398
kernel-doc-2.6.32-358.71.1.el6.noarch.rpm SHA-256: 697d507e2c59dfeaaa071a4ee9a0096f2ada4b66ff7ee2c6c1c6eb8e028c1ff0
kernel-firmware-2.6.32-358.71.1.el6.noarch.rpm SHA-256: 46f0d0738beb9b06ab1c3f9b00a1abb4d998a6c19624a5af349d19646dd74386
kernel-headers-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 8077f4643e43ab86e7c14f1ea3191c0609ab0c60e8ace7923cca34ed9a540873
perf-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 32e01e9bcfa50f4eeca20bbc0746777fb1aad1889a863bb771635894c88d2009
perf-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 5cd8910877f862d75e212cdde987c3110a4081b7254c3e7e91368ab73eadf741
perf-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: 5cd8910877f862d75e212cdde987c3110a4081b7254c3e7e91368ab73eadf741
python-perf-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: c08991e35c8ae4f18594570896d1617cd1477166317c40d88b5547c7b1f3855b
python-perf-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: d536965503b2d7c7198374022b1678b49dbe026245b5382f88e7f3f595ebe1f0
python-perf-debuginfo-2.6.32-358.71.1.el6.x86_64.rpm SHA-256: d536965503b2d7c7198374022b1678b49dbe026245b5382f88e7f3f595ebe1f0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter