Red Hat Product Errata RHSA-2016:1617 - Security Advisory

Issued:: 2016-08-16
Updated:: 2016-08-16

RHSA-2016:1617 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. (CVE-2016-4565, Important)

Red Hat would like to thank Jann Horn for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 6.2 x86_64

Fixes

BZ - 1310570 - CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

CVEs

CVE-2016-4565

References

http://www.redhat.com/security/updates/classification/#normal

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.2

SRPM
kernel-2.6.32-220.67.1.el6.src.rpm	SHA-256: 51f4d027bca33349b6505f30ba52ce331f10250909179b3a68c8ac1e5243ed3a
x86_64
kernel-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: abebb6d26df15986c127103785403fff510a6d70285a411e41e5f945f5c89718
kernel-debug-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 3c7a91e59755c5eb09c6d0c7bd8c8e284f7c6ca3fea412c96a6f84e1c6d2dd23
kernel-debug-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 6cf3316646728bc016733ffdfeed03a4c106e3efb4b295dc8c66c96ca709af27
kernel-debug-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 6cf3316646728bc016733ffdfeed03a4c106e3efb4b295dc8c66c96ca709af27
kernel-debug-devel-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: aa05dd99509df95a49fb29b80a1f8864c2d9de70617f685318fc478b9281d4a9
kernel-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 98f79cc4a855b0f1c88a986c32035d30f4695faa788e38cacc1bbb1ff06b556f
kernel-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 98f79cc4a855b0f1c88a986c32035d30f4695faa788e38cacc1bbb1ff06b556f
kernel-debuginfo-common-x86_64-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 5431731488f5743cc2ffd294e71d788cd065aef4e4643f2a117cd7f197f837d1
kernel-debuginfo-common-x86_64-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 5431731488f5743cc2ffd294e71d788cd065aef4e4643f2a117cd7f197f837d1
kernel-devel-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 99ef95e148c770aac670196c62581cc38569dffcf568bec1531e8b9028120d0c
kernel-doc-2.6.32-220.67.1.el6.noarch.rpm	SHA-256: e35d01028019681f84d1fc52f4fefb974b0b1b3bbad2f93ea847db4b76eb11a5
kernel-firmware-2.6.32-220.67.1.el6.noarch.rpm	SHA-256: 2a4099f69f78ae1cc2c00554cee5454fbe83a4fc16eea1ae5397c8a958817c2b
kernel-headers-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: f3bae27740b1557c9dd88bbbb43d2d046aa1986433b1d9550a8fb1b2283afaa9
perf-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 764851a26bdeef55708e7952a6ef0d784a5c9a96e2e5b7e760a0a285e226f24e
perf-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: c7964b1a73cdd63237777bf8e56181e99d641223a19faa250b007dfb39a3078c
perf-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: c7964b1a73cdd63237777bf8e56181e99d641223a19faa250b007dfb39a3078c
python-perf-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 1d54a9076c8cbe3b9a30914a157c2b588e385fa9b1bfb6a4fb0ee0b5de06bdcb
python-perf-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 6e8029fc6cb377e48eb7a9edb0860c56aade42a47f70bdbfe2dc4c1075c73355
python-perf-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm	SHA-256: 6e8029fc6cb377e48eb7a9edb0860c56aade42a47f70bdbfe2dc4c1075c73355

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories