Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[RHSA-2015:0290-01] Important: kernel security, bug fix, and enhancement update

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

=====================================================================

Red Hat Security Advisory

 

Synopsis: Important: kernel security, bug fix, and enhancement update

Advisory ID: RHSA-2015:0290-01

Product: Red Hat Enterprise Linux

Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0290.html

Issue date: 2015-03-05

CVE Names: CVE-2014-3690 CVE-2014-3940 CVE-2014-7825

CVE-2014-7826 CVE-2014-8086 CVE-2014-8160

CVE-2014-8172 CVE-2014-8173 CVE-2014-8709

CVE-2014-8884 CVE-2015-0274

=====================================================================

 

1. Summary:

 

Updated kernel packages that fix multiple security issues, address several

hundred bugs, and add numerous enhancements are now available as part of

the ongoing support and maintenance of Red Hat Enterprise Linux version 7.

This is the first regular update.

 

Red Hat Product Security has rated this update as having Important security

impact. Common Vulnerability Scoring System (CVSS) base scores, which give

detailed severity ratings, are available for each vulnerability from the

CVE links in the References section.

 

2. Relevant releases/architectures:

 

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

 

3. Description:

 

The kernel packages contain the Linux kernel, the core of any Linux

operating system.

 

* A flaw was found in the way the Linux kernel's XFS file system handled

replacing of remote attributes under certain conditions. A local user with

access to XFS file system mount could potentially use this flaw to escalate

their privileges on the system. (CVE-2015-0274, Important)

 

* It was found that the Linux kernel's KVM implementation did not ensure

that the host CR4 control register value remained unchanged across VM

entries on the same virtual CPU. A local, unprivileged user could use this

flaw to cause denial of service on the system. (CVE-2014-3690, Moderate)

 

* A flaw was found in the way Linux kernel's Transparent Huge Pages (THP)

implementation handled non-huge page migration. A local, unprivileged user

could use this flaw to crash the kernel by migrating transparent hugepages.

(CVE-2014-3940, Moderate)

 

* An out-of-bounds memory access flaw was found in the syscall tracing

functionality of the Linux kernel's perf subsystem. A local, unprivileged

user could use this flaw to crash the system. (CVE-2014-7825, Moderate)

 

* An out-of-bounds memory access flaw was found in the syscall tracing

functionality of the Linux kernel's ftrace subsystem. On a system with

ftrace syscall tracing enabled, a local, unprivileged user could use this

flaw to crash the system, or escalate their privileges. (CVE-2014-7826,

Moderate)

 

* A race condition flaw was found in the Linux kernel's ext4 file system

implementation that allowed a local, unprivileged user to crash the system

by simultaneously writing to a file and toggling the O_DIRECT flag using

fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate)

 

* A flaw was found in the way the Linux kernel's netfilter subsystem

handled generic protocol tracking. As demonstrated in the Stream Control

Transmission Protocol (SCTP) case, a remote attacker could use this flaw to

bypass intended iptables rule restrictions when the associated connection

tracking module was not loaded on the system. (CVE-2014-8160, Moderate)

 

* It was found that due to excessive files_lock locking, a soft lockup

could be triggered in the Linux kernel when performing asynchronous I/O

operations. A local, unprivileged user could use this flaw to crash the

system. (CVE-2014-8172, Moderate)

 

* A NULL pointer dereference flaw was found in the way the Linux kernel's

madvise MADV_WILLNEED functionality handled page table locking. A local,

unprivileged user could use this flaw to crash the system. (CVE-2014-8173,

Moderate)

 

* An information leak flaw was found in the Linux kernel's IEEE 802.11

wireless networking implementation. When software encryption was used, a

remote attacker could use this flaw to leak up to 8 bytes of plaintext.

(CVE-2014-8709, Low)

 

* A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge

DEC USB device driver. A local user with write access to the corresponding

device could use this flaw to crash the kernel or, potentially, elevate

their privileges on the system. (CVE-2014-8884, Low)

 

Red Hat would like to thank Eric Windisch of the Docker project for

reporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, and

Robert Święcki for reporting CVE-2014-7825 and CVE-2014-7826.

 

This update also fixes several hundred bugs and adds numerous enhancements.

Refer to the Red Hat Enterprise Linux 7.1 Release Notes for information on

the most significant of these changes, and the following Knowledgebase

article for further information: https://access.redhat.com/articles/1352803

 

All Red Hat Enterprise Linux 7 users are advised to install these updated

packages, which correct these issues and add these enhancements. The system

must be rebooted for this update to take effect.

 

4. Solution:

 

Before applying this update, make sure all previously released errata

relevant to your system have been applied.

 

For details on how to apply this update, refer to:

 

https://access.redhat.com/articles/11258

 

5. Bugs fixed (https://bugzilla.redhat.com/):

 

839966 - Trigger RHEL7 crash in guest domU, host don't generate core file

915335 - RFE: Multiple virtio-rng devices support

968147 - enable online multiple hot-added CPUs cause RHEL7.0 guest hang(soft lockup)

1043379 - guest screen fail to return back to the originally screen after resume from S3(still black screen)

1050834 - lockdep warning in flush_work() when hotunplugging a virtio-scsi disk (scsi-block + iscsi://)

1058608 - [RFE] btrfs-progs: btrfs resize doesn't support T/P/E suffix

1065474 - Size of external origin needs to be aligned with thin pool chunk size

1067126 - Virt-manager doesn't configure bridge for VM

1068627 - implement lazy save/restore of debug registers

1071340 - FCoE target: kernel panic when initiator connects to target

1074747 - kvm unit test "realmode" fails

1078775 - During query cpuinfo during guest boot from ipxe repeatedly in AMD hosts, vm repeatedly reboot.

1079841 - kvm unit test "debug" fails

1080894 - dm-cache: crash on creating cache

1083860 - kernel panic when virtscsi_init fails

1083969 - libguestfs-test-tool hangs when the guest is boot with -cpu host

1086058 - fail to boot L2 guest on wildcatpass Haswell host

1088784 - qemu ' KVM internal error. Suberror: 1' when query cpu frequently during pxe boot in Intel "Q95xx" host

1091818 - Windows guest booting failed with apicv and hv_vapic

1095099 - RHEL7.0 guest hang during kdump with qxl shared irq

1098643 - sync with latest upstream dm-thin provisioning improvements and fixes (through 3.15)

1102641 - BUG: It is not possible to communicate between local program and local ipv6 address when at least one 'netlabelctl unlbl' rule is added

1104097 - CVE-2014-3940 Kernel: missing check during hugepage migration

1115201 - [xfs] can't create inodes in newly added space after xfs_growfs

1117542 - Support for movntdq

1119662 - BUG: NetLabel lead to kernel panic on some SELinux levels

1120850 - unable recover NFSv3 locks NLM_DENIED_NOLOCK

1124880 - [fuse] java.io.FileNotFoundException (FNF) during time period with unrecovered disk errors

1127218 - Include fix commit daba287b299ec7a ("ipv4: fix DO and PROBE pmtu mode regarding local fragmentation with UFO/CORK")

1131552 - Solarflare devices do not provide PCIe ACS support, limiting device assignment use case due to IOMMU grouping

1141399 - Device 'vfio-pci' could not be initialized when passing through Intel 82599

1151353 - CVE-2014-8086 Kernel: fs: ext4 race condition

1153322 - CVE-2014-3690 kernel: kvm: vmx: invalid host cr4 handling across vm entries

1161565 - CVE-2014-7825 CVE-2014-7826 kernel: insufficient syscall number validation in perf and ftrace subsystems

1164266 - CVE-2014-8884 kernel: usb: buffer overflow in ttusb-dec

1173580 - CVE-2014-8709 kernel: net: mac80211: plain text information leak

1182059 - CVE-2014-8160 kernel: iptables restriction bypass if a protocol handler kernel module not loaded

1195248 - CVE-2015-0274 kernel: xfs: replacing remote attributes memory corruption

1198457 - CVE-2014-8173 kernel: NULL pointer dereference in madvise(MADV_WILLNEED) support

1198503 - CVE-2014-8172 kernel: soft lockup on aio

 

6. Package List:

 

Red Hat Enterprise Linux Client (v. 7):

 

Source:

kernel-3.10.0-229.el7.src.rpm

 

noarch:

kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm

kernel-doc-3.10.0-229.el7.noarch.rpm

 

x86_64:

kernel-3.10.0-229.el7.x86_64.rpm

kernel-debug-3.10.0-229.el7.x86_64.rpm

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debug-devel-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-devel-3.10.0-229.el7.x86_64.rpm

kernel-headers-3.10.0-229.el7.x86_64.rpm

kernel-tools-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-3.10.0-229.el7.x86_64.rpm

perf-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux Client Optional (v. 7):

 

x86_64:

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux ComputeNode (v. 7):

 

Source:

kernel-3.10.0-229.el7.src.rpm

 

noarch:

kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm

kernel-doc-3.10.0-229.el7.noarch.rpm

 

x86_64:

kernel-3.10.0-229.el7.x86_64.rpm

kernel-debug-3.10.0-229.el7.x86_64.rpm

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debug-devel-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-devel-3.10.0-229.el7.x86_64.rpm

kernel-headers-3.10.0-229.el7.x86_64.rpm

kernel-tools-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-3.10.0-229.el7.x86_64.rpm

perf-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

 

x86_64:

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux Server (v. 7):

 

Source:

kernel-3.10.0-229.el7.src.rpm

 

noarch:

kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm

kernel-doc-3.10.0-229.el7.noarch.rpm

 

ppc64:

kernel-3.10.0-229.el7.ppc64.rpm

kernel-bootwrapper-3.10.0-229.el7.ppc64.rpm

kernel-debug-3.10.0-229.el7.ppc64.rpm

kernel-debug-debuginfo-3.10.0-229.el7.ppc64.rpm

kernel-debug-devel-3.10.0-229.el7.ppc64.rpm

kernel-debuginfo-3.10.0-229.el7.ppc64.rpm

kernel-debuginfo-common-ppc64-3.10.0-229.el7.ppc64.rpm

kernel-devel-3.10.0-229.el7.ppc64.rpm

kernel-headers-3.10.0-229.el7.ppc64.rpm

kernel-tools-3.10.0-229.el7.ppc64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.ppc64.rpm

kernel-tools-libs-3.10.0-229.el7.ppc64.rpm

perf-3.10.0-229.el7.ppc64.rpm

perf-debuginfo-3.10.0-229.el7.ppc64.rpm

python-perf-debuginfo-3.10.0-229.el7.ppc64.rpm

 

s390x:

kernel-3.10.0-229.el7.s390x.rpm

kernel-debug-3.10.0-229.el7.s390x.rpm

kernel-debug-debuginfo-3.10.0-229.el7.s390x.rpm

kernel-debug-devel-3.10.0-229.el7.s390x.rpm

kernel-debuginfo-3.10.0-229.el7.s390x.rpm

kernel-debuginfo-common-s390x-3.10.0-229.el7.s390x.rpm

kernel-devel-3.10.0-229.el7.s390x.rpm

kernel-headers-3.10.0-229.el7.s390x.rpm

kernel-kdump-3.10.0-229.el7.s390x.rpm

kernel-kdump-debuginfo-3.10.0-229.el7.s390x.rpm

kernel-kdump-devel-3.10.0-229.el7.s390x.rpm

perf-3.10.0-229.el7.s390x.rpm

perf-debuginfo-3.10.0-229.el7.s390x.rpm

python-perf-debuginfo-3.10.0-229.el7.s390x.rpm

 

x86_64:

kernel-3.10.0-229.el7.x86_64.rpm

kernel-debug-3.10.0-229.el7.x86_64.rpm

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debug-devel-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-devel-3.10.0-229.el7.x86_64.rpm

kernel-headers-3.10.0-229.el7.x86_64.rpm

kernel-tools-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-3.10.0-229.el7.x86_64.rpm

perf-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux Server Optional (v. 7):

 

ppc64:

kernel-debug-debuginfo-3.10.0-229.el7.ppc64.rpm

kernel-debuginfo-3.10.0-229.el7.ppc64.rpm

kernel-debuginfo-common-ppc64-3.10.0-229.el7.ppc64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.ppc64.rpm

kernel-tools-libs-devel-3.10.0-229.el7.ppc64.rpm

perf-debuginfo-3.10.0-229.el7.ppc64.rpm

python-perf-3.10.0-229.el7.ppc64.rpm

python-perf-debuginfo-3.10.0-229.el7.ppc64.rpm

 

s390x:

kernel-debug-debuginfo-3.10.0-229.el7.s390x.rpm

kernel-debuginfo-3.10.0-229.el7.s390x.rpm

kernel-debuginfo-common-s390x-3.10.0-229.el7.s390x.rpm

kernel-kdump-debuginfo-3.10.0-229.el7.s390x.rpm

perf-debuginfo-3.10.0-229.el7.s390x.rpm

python-perf-3.10.0-229.el7.s390x.rpm

python-perf-debuginfo-3.10.0-229.el7.s390x.rpm

 

x86_64:

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux Workstation (v. 7):

 

Source:

kernel-3.10.0-229.el7.src.rpm

 

noarch:

kernel-abi-whitelists-3.10.0-229.el7.noarch.rpm

kernel-doc-3.10.0-229.el7.noarch.rpm

 

x86_64:

kernel-3.10.0-229.el7.x86_64.rpm

kernel-debug-3.10.0-229.el7.x86_64.rpm

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debug-devel-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-devel-3.10.0-229.el7.x86_64.rpm

kernel-headers-3.10.0-229.el7.x86_64.rpm

kernel-tools-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-3.10.0-229.el7.x86_64.rpm

perf-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

Red Hat Enterprise Linux Workstation Optional (v. 7):

 

x86_64:

kernel-debug-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-debuginfo-common-x86_64-3.10.0-229.el7.x86_64.rpm

kernel-tools-debuginfo-3.10.0-229.el7.x86_64.rpm

kernel-tools-libs-devel-3.10.0-229.el7.x86_64.rpm

perf-debuginfo-3.10.0-229.el7.x86_64.rpm

python-perf-3.10.0-229.el7.x86_64.rpm

python-perf-debuginfo-3.10.0-229.el7.x86_64.rpm

 

These packages are GPG signed by Red Hat for security. Our key and

details on how to verify the signature are available from

https://access.redhat.com/security/team/key/

 

7. References:

 

https://access.redhat.com/security/cve/CVE-2014-3690

https://access.redhat.com/security/cve/CVE-2014-3940

https://access.redhat.com/security/cve/CVE-2014-7825

https://access.redhat.com/security/cve/CVE-2014-7826

https://access.redhat.com/security/cve/CVE-2014-8086

https://access.redhat.com/security/cve/CVE-2014-8160

https://access.redhat.com/security/cve/CVE-2014-8172

https://access.redhat.com/security/cve/CVE-2014-8173

https://access.redhat.com/security/cve/CVE-2014-8709

https://access.redhat.com/security/cve/CVE-2014-8884

https://access.redhat.com/security/cve/CVE-2015-0274

https://access.redhat.com/security/updates/classification/#important

https://access.redhat.com/articles/1352803

 

8. Contact:

 

The Red Hat security contact is . More contact

details at https://access.redhat.com/security/team/contact/

 

Copyright 2015 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iD8DBQFU+GmuXlSAg2UNWIIRAsuVAJ0cw57y0gf8PHaHBm+h2iMw579L0QCgj2Yx

RbiWM5G7puiwtgziJ75pAwM=

=0gV7

-----END PGP SIGNATURE-----

 

 

--

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×