- Issued:
- 2018-01-25
- Updated:
- 2018-01-25
RHSA-2018:0152 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- A flaw was found in the Linux kernel's key management system where it was possible for an attacker to escalate privileges or crash the machine. If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there. (CVE-2015-8539, Important)
- It was found that fanout_add() in 'net/packet/af_packet.c' in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug. (CVE-2017-15649, Important)
- A vulnerability was found in the Linux kernel where the keyctl_set_reqkey_keyring() function leaks the thread keyring. This allows an unprivileged local user to exhaust kernel memory and thus cause a DoS. (CVE-2017-7472, Moderate)
Red Hat would like to thank Dmitry Vyukov of Google engineering for reporting CVE-2015-8539.
Bug Fix(es):
- The kernel-rt packages have been upgraded to 3.10.0-693.15.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1519506)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
Fixes
- BZ - 1284450 - CVE-2015-8539 kernel: local privesc in key management
- BZ - 1442086 - CVE-2017-7472 kernel: keyctl_set_reqkey_keyring() leaks thread keyrings
- BZ - 1504574 - CVE-2017-15649 kernel: Use-after-free in the af_packet.c
- BZ - 1519506 - kernel-rt: update to the RHEL7.4.z batch#4 source tree
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-693.17.1.rt56.636.el7.src.rpm | SHA-256: 906c5f8854e2aadc8ba8a185fd85056a555be9b44c17a3e422ddaf3ecd8a335d |
| x86_64 | |
| kernel-rt-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: ddb0c4a42e4a226c51ffc801b90374b2758796197692f86f62e2bb941146348f |
| kernel-rt-debug-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 7d619f268868daab1eedd70ea27fb976a76c2b1ebc523a55a91ba10454e7a83d |
| kernel-rt-debug-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 373aaa2e991c7ec1d459ead858d83421b4ecbc82c724513fba4656e6041e4c77 |
| kernel-rt-debug-devel-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 3709e2e998f3fdd2fe330e6af7461a4cfa43e107a8c8730879c9413d63762824 |
| kernel-rt-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 4d7e9f15afeae037982df82cce1dda26985e47253017af4a5b116afa461571e5 |
| kernel-rt-debuginfo-common-x86_64-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: f914f92eddee9832916dc53724c72b848ac1dc2f4081d830c0f2d9f286b5421d |
| kernel-rt-devel-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: c0f54b815e85697b32b1aeb967cf697a84124e25fe659d4f338c1b4027a608e9 |
| kernel-rt-doc-3.10.0-693.17.1.rt56.636.el7.noarch.rpm | SHA-256: 7ea5ed74e7c236a641728c5b31d6f1f2b0bd8d3b082358391977b1e2e8468fa3 |
| kernel-rt-trace-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 956cbc58dfe65fe2f19faa8ffc65c70cb614bde4eed675fd2e21cb2e3c9c5a45 |
| kernel-rt-trace-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: c8af024e73e05815510c018e270f0b53d60403807c35c67696c36fef753adcad |
| kernel-rt-trace-devel-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 1b44a46e9edd5689b4f75568815235dd0a98bbaae061621816d2449fa82d7faf |
Red Hat Enterprise Linux for Real Time for NFV 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-693.17.1.rt56.636.el7.src.rpm | SHA-256: 906c5f8854e2aadc8ba8a185fd85056a555be9b44c17a3e422ddaf3ecd8a335d |
| x86_64 | |
| kernel-rt-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: ddb0c4a42e4a226c51ffc801b90374b2758796197692f86f62e2bb941146348f |
| kernel-rt-debug-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 7d619f268868daab1eedd70ea27fb976a76c2b1ebc523a55a91ba10454e7a83d |
| kernel-rt-debug-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 373aaa2e991c7ec1d459ead858d83421b4ecbc82c724513fba4656e6041e4c77 |
| kernel-rt-debug-devel-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 3709e2e998f3fdd2fe330e6af7461a4cfa43e107a8c8730879c9413d63762824 |
| kernel-rt-debug-kvm-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 51165673b2c089faa1c9d97d8ee20dd896ebd704c769da9f7a336e40622c7ccb |
| kernel-rt-debug-kvm-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 2e9ce209f441ea5e6b61c11d98ca28a18526b2cddbe00d5a4cf4346a3d858484 |
| kernel-rt-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 4d7e9f15afeae037982df82cce1dda26985e47253017af4a5b116afa461571e5 |
| kernel-rt-debuginfo-common-x86_64-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: f914f92eddee9832916dc53724c72b848ac1dc2f4081d830c0f2d9f286b5421d |
| kernel-rt-devel-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: c0f54b815e85697b32b1aeb967cf697a84124e25fe659d4f338c1b4027a608e9 |
| kernel-rt-doc-3.10.0-693.17.1.rt56.636.el7.noarch.rpm | SHA-256: 7ea5ed74e7c236a641728c5b31d6f1f2b0bd8d3b082358391977b1e2e8468fa3 |
| kernel-rt-kvm-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 955690f32528ea912770e96ab368e332e1ecfe0074df2857d08de249cadc9759 |
| kernel-rt-kvm-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: c12b5dd4e7272fd80c68dfd7c6b9b2971d28d7609565d87530be8c460ec53df1 |
| kernel-rt-trace-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 956cbc58dfe65fe2f19faa8ffc65c70cb614bde4eed675fd2e21cb2e3c9c5a45 |
| kernel-rt-trace-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: c8af024e73e05815510c018e270f0b53d60403807c35c67696c36fef753adcad |
| kernel-rt-trace-devel-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: 1b44a46e9edd5689b4f75568815235dd0a98bbaae061621816d2449fa82d7faf |
| kernel-rt-trace-kvm-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: eb720100f3156062d0b6e30ffc0ee5ae362178611befaffe52f9758bb2706fac |
| kernel-rt-trace-kvm-debuginfo-3.10.0-693.17.1.rt56.636.el7.x86_64.rpm | SHA-256: ffcfa7f3fb23b12d26923d1a77104a0320be1fb03ef9e3ea3515422029cffca0 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.