Issued:
2018-12-12
Updated:
2018-12-12

RHSA-2018:3823 - Security Advisory

Synopsis

Moderate: kernel security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Previously, on certain Intel 64 systems, the microcode contained a new model-specific register (MSR) that was not present in the older microcode running on CPUs that had not been updated yet. As a consequence, the system crashed due to a general protection fault on a CPU running the older microcode. This update fixes the bug by having the kernel use MSR access routines that handle the general protection fault. As a result, the system no longer crashes in the described scenario. (BZ#1652467)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 5.9 x86_64
  • Red Hat Enterprise Linux Server - AUS 5.9 i386

Fixes

  • BZ - 1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port()

CVEs

References

Red Hat Enterprise Linux Server - AUS 5.9

SRPM
kernel-2.6.18-348.42.1.el5.src.rpm SHA-256: 663f5a4d8cd90988cc6e27eb39c1734f98d79239a2cb9de0c41db3e688ec02ab
x86_64
kernel-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: d9f814f13b133c466bd3017bc74a59697b1f1d7e90a8f7e82f7c01b51d28e4b7
kernel-debug-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: d77da94bc0f258bd35046aee2c4f237818d3b2eaf95f2030dd635c6c9aa1aa53
kernel-debug-debuginfo-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: e76deb4d6cd8f8617119a35bf8a8730ef9235b682eac68735074e07726419c94
kernel-debug-devel-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: 09ed508d7f2175ab3c3caca129aa183aaad4b60c6c62eb15e42b7564b8956150
kernel-debuginfo-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: 7790c222e9a497f0264dd05dc3356a4a14c2ca976d51c405b4746c1fac474573
kernel-debuginfo-common-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: 1dd61aa81c64b2c13a58cfa8fef724d47ce51b40aba086591b520c39bdbbb4c6
kernel-devel-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: 130d21d061f196c93f27bf3c1983ff5b73db3bc637dfe1c9ffec99773e329064
kernel-doc-2.6.18-348.42.1.el5.noarch.rpm SHA-256: 2a7323c22677bd30bc749ed3ff036ceb0e9fb63cc251161e15c407127712e2f5
kernel-headers-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: 026f5463ad1eab165e3bccd118357a2f2c85c9dd26c277a37bda6d09b3405479
kernel-xen-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: ccd11d6dfcc4d65dc905b18b31173f50b79a3816db618fac8fe13a7864a9c812
kernel-xen-debuginfo-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: 837f95ab45687dcdee5f42594ca8ce28cfcb24f65bef21aa6a79eb4c492df003
kernel-xen-devel-2.6.18-348.42.1.el5.x86_64.rpm SHA-256: be558e70bc2a1d72bf67257bfac59caca8c2c4f97dea87cf13658592fc008639
i386
kernel-2.6.18-348.42.1.el5.i686.rpm SHA-256: a8ee7e0250e0570ce4b3c11e2567dcebb83f6bdbddbf21a15df107ab8dd255b4
kernel-PAE-2.6.18-348.42.1.el5.i686.rpm SHA-256: 85dc2652e255027d710055aab0c1a946b74bc9853bdf5f7c27cda9981973db0a
kernel-PAE-debuginfo-2.6.18-348.42.1.el5.i686.rpm SHA-256: 78ae12eafaae0f66a80ab033480b9ae1f9afbc84e481636e7a73a87ed572f46d
kernel-PAE-devel-2.6.18-348.42.1.el5.i686.rpm SHA-256: 392b99e47a243260d9f30655087aa61bd590311827f0a6b8f5b835f37769ef58
kernel-debug-2.6.18-348.42.1.el5.i686.rpm SHA-256: 343bbcd3fcd9505083d4d8f1b50d3376c78cf4b9a403bf5e4a13f23127a9cedc
kernel-debug-debuginfo-2.6.18-348.42.1.el5.i686.rpm SHA-256: 39fa4aac7c39cface79a48f4de6c05091e33fe7d1cffe15e4d32be7698f9d0cf
kernel-debug-devel-2.6.18-348.42.1.el5.i686.rpm SHA-256: 15c6d12e75a5adf690814370ff482010b79d3f97228a9675e88570bf60059f97
kernel-debuginfo-2.6.18-348.42.1.el5.i686.rpm SHA-256: ea5aadd2d8ceb39cbd3f7d2c3eef4f4eaa0ac1c20e306450ba71a6eff5777509
kernel-debuginfo-common-2.6.18-348.42.1.el5.i686.rpm SHA-256: b5defa982c96c469bff5ed4a2a4645b18946a24e93010341facdf0369a42d301
kernel-devel-2.6.18-348.42.1.el5.i686.rpm SHA-256: 6f4c51a7dfd2b1c69129a0a661777b78139f313de65d900cbfdfeab7e9c7bec9
kernel-doc-2.6.18-348.42.1.el5.noarch.rpm SHA-256: 2a7323c22677bd30bc749ed3ff036ceb0e9fb63cc251161e15c407127712e2f5
kernel-headers-2.6.18-348.42.1.el5.i386.rpm SHA-256: 581baf65e8cf5f31378beb902783e86959d9b744c03c8d1cb938611c9439d028
kernel-xen-2.6.18-348.42.1.el5.i686.rpm SHA-256: c34cde7f195cfcb3c1c06337466e24814e4659db81afabe2578051b86fd3a536
kernel-xen-debuginfo-2.6.18-348.42.1.el5.i686.rpm SHA-256: ef58e477d1ae8f43cba5398a4d50511eb524cc938722fe3af046506e4e5aed05
kernel-xen-devel-2.6.18-348.42.1.el5.i686.rpm SHA-256: e8bd9523fb789081f29b962c4c430e1085ebf1955a6be2cdba7569913088a1a3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.