Red Hat Product Errata RHSA-2016:2132 - Security Advisory

Issued:: 2016-11-01
Updated:: 2016-11-01

RHSA-2016:2132 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important)

Red Hat would like to thank Phil Oester for reporting this issue.

Bug Fix(es):

Previously, the BUG_ON() signal appeared in the fs_clear_inode() function where the nfs_have_writebacks() function reported a positive value for nfs_inode->npages. As a consequence, a kernel panic occurred. The provided patch performs a serialization by holding the inode i_lock over the check of PagePrivate and locking the request, which fixes this bug. (BZ#1365157)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 6.2 x86_64

Fixes

BZ - 1384344 - CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage

CVEs

CVE-2016-5195

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.2

SRPM
kernel-2.6.32-220.68.1.el6.src.rpm	SHA-256: fb2e8ec87ab08eb8301328cef92e228ef7d9c51c3cfcad5515e2952817e21b00
x86_64
kernel-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: b2e623d7519b951f9fd2978d2c1b00da319f9631d995f136b17a1fb4c85a0983
kernel-debug-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 0004f0f90d10949cb270dbc798ead01b98b0070d1fdd519f9db55047fe3c07ae
kernel-debug-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: d2a733b6bf9c00a19d2e84c53a78b025edb024ea51c70df84b99d2853a47ad1d
kernel-debug-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: d2a733b6bf9c00a19d2e84c53a78b025edb024ea51c70df84b99d2853a47ad1d
kernel-debug-devel-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: c98b2deda7cddf4498e5683f39574ae4b6065d93b816b0d3c5f3cf68f4a2be08
kernel-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: eabdf20c4113982bec83ef26eeaf7afe37d2294c5cfefeecd938a6dd2845bf2c
kernel-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: eabdf20c4113982bec83ef26eeaf7afe37d2294c5cfefeecd938a6dd2845bf2c
kernel-debuginfo-common-x86_64-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 561ccdceb8d82fe711d074ce3f6ed00c11dc19773797752105fd330f0e84e2d1
kernel-debuginfo-common-x86_64-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 561ccdceb8d82fe711d074ce3f6ed00c11dc19773797752105fd330f0e84e2d1
kernel-devel-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: b1c70194ac8d9ca2ee7a2382c8fa51c051f5d016ad381d293435d58427f5de82
kernel-doc-2.6.32-220.68.1.el6.noarch.rpm	SHA-256: dd619d5397959c36a83fa8e0016d3e9f027856f9e5620057d1e89629b6a01c80
kernel-firmware-2.6.32-220.68.1.el6.noarch.rpm	SHA-256: e6578cd66eb679489c5e92c4b2a5eda60b1e55007a919d64853b2b060d38ad7a
kernel-headers-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 2eddabc769c00eb45223b15333c0fcabbffc5cfa6dc5ae3497e8f532b7d98a5f
perf-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 92ae701a6c4e094bcf9eddb25219871896f7733ab09baa2204ab75a3c94597f9
perf-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 046cc7bf4cae0313ea7b9b7998d0d6dff0e1d20c1ecc91a0eb08d8d4556b0b51
perf-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 046cc7bf4cae0313ea7b9b7998d0d6dff0e1d20c1ecc91a0eb08d8d4556b0b51
python-perf-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 84570415c7e6d30fd009c1e066578aa124a749ab70b67942a350ca1a701144c1
python-perf-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 45cb57dbff1e4280ff89ab0537df505ae75e5837ed1ccf9bbeb033fbca6d613d
python-perf-debuginfo-2.6.32-220.68.1.el6.x86_64.rpm	SHA-256: 45cb57dbff1e4280ff89ab0537df505ae75e5837ed1ccf9bbeb033fbca6d613d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Red Hat Customer Portal Labs

Additional Tools

Red Hat Insights

Red Hat Product Security Center

Spectre & Meltdown Detector

Security Updates

Resources

Customer Portal Community

Customer Events

Stories