- Issued:
- 2016-09-14
- Updated:
- 2016-09-14
RHSA-2016:1875 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
The kernel-rt packages have been upgraded to the kernel-3.10.0-327.36.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1366538)
Security Fix(es):
- A security flaw was found in the Linux kernel in the mark_source_chains() function in "net/ipv4/netfilter/ip_tables.c". It is possible for a user-supplied "ipt_entry" structure to have a large "next_offset" field. This field is not bounds checked prior to writing to a counter value at the supplied offset. (CVE-2016-3134, Important)
- A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges. (CVE-2016-4997, Important)
- An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
Fixes
- BZ - 1317383 - CVE-2016-3134 kernel: netfilter: missing bounds check in ipt_entry structure
- BZ - 1349722 - CVE-2016-4997 kernel: compat IPT_SO_SET_REPLACE setsockopt
- BZ - 1349886 - CVE-2016-4998 kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
- BZ - 1366538 - kernel-rt: update to the RHEL7.2.z batch#7 source tree
CVEs
References
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-327.36.1.rt56.237.el7.src.rpm | SHA-256: 49b5421af93683200e335791663e2f056e20d385338dfde7c4f058dc963bb28f |
| x86_64 | |
| kernel-rt-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: b17715b889c0518d3097b608a684a3ff22fef61260beea59aaefe14e9760dd74 |
| kernel-rt-debug-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 0c4a0be3f5120ab98501cd68133ec29a07d97339d34ac8f67ac07c8bccfba6be |
| kernel-rt-debug-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: c6a5444fc2aa79c634ae24a8cf14624e871fef3b321b09341b969878d854f505 |
| kernel-rt-debug-devel-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 2dc094bf14e4ae53b41e694d8ca61cae903bceab0af8126a107c22b3b1d2575b |
| kernel-rt-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 67e0413f90fd2cf9ee9ea96251a920005f81a96321cf4ea7c60afc7550eb70ed |
| kernel-rt-debuginfo-common-x86_64-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 261ac0ed264462b164f99c220ef8c5081c269785310bb2c3da3ddfe18d57447e |
| kernel-rt-devel-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: d96e1edc20af5116d2c266b9aac2c844a82a263b3513fd9b53484116b4d547b5 |
| kernel-rt-doc-3.10.0-327.36.1.rt56.237.el7.noarch.rpm | SHA-256: 013d12d7b540b26d2135380c120cd4338315835e84cbcee583e55861e673187c |
| kernel-rt-trace-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 5f5f0d23d3735a81b5868fbc245c0b66110f2a00ecdbab4dc05c257d48a6bfdb |
| kernel-rt-trace-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 85975bf91543fa32913f80301e1967456a180b1b82397411907d1ab950f3b623 |
| kernel-rt-trace-devel-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: baeac3bff65158acf8f81b5baa8b7d0bfa51f880f251c4fe6c141cc56552cb51 |
Red Hat Enterprise Linux for Real Time for NFV 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-327.36.1.rt56.237.el7.src.rpm | SHA-256: 49b5421af93683200e335791663e2f056e20d385338dfde7c4f058dc963bb28f |
| x86_64 | |
| kernel-rt-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: b17715b889c0518d3097b608a684a3ff22fef61260beea59aaefe14e9760dd74 |
| kernel-rt-debug-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 0c4a0be3f5120ab98501cd68133ec29a07d97339d34ac8f67ac07c8bccfba6be |
| kernel-rt-debug-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: c6a5444fc2aa79c634ae24a8cf14624e871fef3b321b09341b969878d854f505 |
| kernel-rt-debug-devel-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 2dc094bf14e4ae53b41e694d8ca61cae903bceab0af8126a107c22b3b1d2575b |
| kernel-rt-debug-kvm-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 5bc5775f9a978cc2bfd53a41bc0ae62a7d7d4a1e0ed0b76a0e5c23140cd9a01d |
| kernel-rt-debug-kvm-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: b1c4c7e648fbece2e3c7ad5d99c547ee35752618bed536bd9f2bc4eaa73811ba |
| kernel-rt-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 67e0413f90fd2cf9ee9ea96251a920005f81a96321cf4ea7c60afc7550eb70ed |
| kernel-rt-debuginfo-common-x86_64-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 261ac0ed264462b164f99c220ef8c5081c269785310bb2c3da3ddfe18d57447e |
| kernel-rt-devel-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: d96e1edc20af5116d2c266b9aac2c844a82a263b3513fd9b53484116b4d547b5 |
| kernel-rt-doc-3.10.0-327.36.1.rt56.237.el7.noarch.rpm | SHA-256: 013d12d7b540b26d2135380c120cd4338315835e84cbcee583e55861e673187c |
| kernel-rt-kvm-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 52f8825b44e67595713e04be26b1663232c5fd71a5d1a1ce9afef093085fecf5 |
| kernel-rt-kvm-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: be790c9fc070e1a537d5c7b9dce7b6b1f1b54d84b3cd5b558540c833ae978cb3 |
| kernel-rt-trace-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 5f5f0d23d3735a81b5868fbc245c0b66110f2a00ecdbab4dc05c257d48a6bfdb |
| kernel-rt-trace-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 85975bf91543fa32913f80301e1967456a180b1b82397411907d1ab950f3b623 |
| kernel-rt-trace-devel-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: baeac3bff65158acf8f81b5baa8b7d0bfa51f880f251c4fe6c141cc56552cb51 |
| kernel-rt-trace-kvm-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: 5b6a84ddbe1aff4fc96f6fcdbb1b0dbb66c7dbee9402284ed5a5c48827e2bb24 |
| kernel-rt-trace-kvm-debuginfo-3.10.0-327.36.1.rt56.237.el7.x86_64.rpm | SHA-256: d8e465b7b131e16f1836bb234cb4d6267ed4fc296d91be2ff6a21ebfc202dcfd |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.