Updated kernel packages that fix one security issue are now available forRed Hat Enterprise Linux 6.2 Advanced Update Support.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.* A flaw was found in the way the Linux kernel handled GS segment registerbase switching when recovering from a #SS (stack segment) fault on anerroneous return to user space. A local, unprivileged user could use thisflaw to escalate their privileges on the system. (CVE-2014-9322, Important)Red Hat would like to thank Andy Lutomirski for reporting this issue.All kernel users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. The system must berebooted for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258To install kernel packages manually, use “rpm -ivh [package]”. Do not use”rpm -Uvh” as that will remove the running kernel binaries from yoursystem. You may use “rpm -e” to remove old kernels after determining thatthe new kernel functions properly on your system.Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
kernel-2.6.32-220.57.1.el6.src.rpm
    MD5: 5249c3fbc40c26331c126c2813a17501SHA-256: c30f0450c7f8686fea1644601e8521f646a39a4e189704b8cbc68a4d03608b93
 
x86_64:
kernel-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: 6dcb11decdf1c0657d3ffe3f3abc3bcfSHA-256: e52f542731265f52fd993135778de08ea74a2628a10774b9653389d1010ce96d
kernel-debug-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: c73ed9190f0e5906e15672f43abc7e64SHA-256: 495d3b5f323b4d24b9e4784ffd2554eda43366f7c552ade84f798b706278faa0
kernel-debug-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: a340065344957ba996c5155206c311a7SHA-256: aa8046cc5cd8dae04965331b8d9681cd5473e3e1ca59a9c02963ea00ba17e94b
kernel-debug-devel-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: 34d6e9a8c20ce80d1e04a7b64a7c21a4SHA-256: 854c1371f8bcb84758c320a07f65aa8f426fe4dd38549dd84c42158b42cb75ab
kernel-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: 39b7e691dc1a4eca3eb05a040fa0a3b5SHA-256: 7c980259b44b1be0fd69a0d5807007bb5a277ad7faec558719b47039e13ceccb
kernel-debuginfo-common-x86_64-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: da34058ba053f3ae905e8871b1c555c6SHA-256: 23c27bce6e0d1d5319a4e2e68ba3928c3bdf928fce0b032c121d49e4d7408067
kernel-devel-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: ff3ed40b551399ef841565cebb29c683SHA-256: 49903e58363d48c4ca34ad464cf0610311e8b361dc88eb82eb8b4fc86d6c93ef
kernel-doc-2.6.32-220.57.1.el6.noarch.rpm
    MD5: 1231fdef19f468319073866e9050a6a2SHA-256: 79d8cedd105c17f1467a0fb6fec972d2df4873673f185d30a5809536215f87ac
kernel-firmware-2.6.32-220.57.1.el6.noarch.rpm
    MD5: f061902bbcd47de2d16312cefa200479SHA-256: 49b92e82ae0b7b36db99ce4ad393b7d5ab118c928ddd83702a4535ae11c7652a
kernel-headers-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: ec11cca718a2789e65eb5a3ffcb5ff84SHA-256: 068da59c30b6bdd6e620e4bd9ad1520faf1c2493aba25568673de03decab6900
perf-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: d3687f8909bea65e86a13e5ba923d2a1SHA-256: 5c370742a249f26465d07cfd16d454ded9a3cd73acb1997c4a2397761c2dd6e2
perf-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: f8a105b27e61ae9e574850d758eb3c33SHA-256: de77d8871249caf4275b0732435031e49f8870908ce9bb9a032f8b2050125361
python-perf-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: e5f92663065e85fd60e4ea3219e7636cSHA-256: 0d515d2021b388e35a0c804a06355b57319a8da01c051524a42f68d336b5bde0
python-perf-debuginfo-2.6.32-220.57.1.el6.x86_64.rpm
    MD5: 9cbe8eee133ce4baa0e937167a5ba111SHA-256: cfd35d492b34d189d5e7979a066e2e769d8197716ec4c87f19541151382b0e07
 
(The unlinked packages above are only available from the Red Hat Network)
1172806 – CVE-2014-9322 kernel: x86: local privesc due to bad_iret and paranoid entry incompatibility

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply