Updated kernel packages that fix three security issues are now availablefor Red Hat Enterprise Linux 6.2 Advanced Update Support.Red Hat Product Security has rated this update as having Important securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.* A flaw was found in the way the Linux kernel’s SCTP implementationhandled malformed or duplicate Address Configuration Change Chunks(ASCONF). A remote attacker could use either of these flaws to crash thesystem. (CVE-2014-3673, CVE-2014-3687, Important)* A flaw was found in the way the Linux kernel’s SCTP implementationhandled the association’s output queue. A remote attacker could sendspecially crafted packets that would cause the system to use an excessiveamount of memory, leading to a denial of service. (CVE-2014-3688,Important)The CVE-2014-3673 issue was discovered by Liu Wei of Red Hat.All kernel users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. The system must berebooted for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258To install kernel packages manually, use “rpm -ivh [package]”. Do not use”rpm -Uvh” as that will remove the running kernel binaries from yoursystem. You may use “rpm -e” to remove old kernels after determining thatthe new kernel functions properly on your system.Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
kernel-2.6.32-220.58.1.el6.src.rpm
    MD5: 34988b237ae67a13b668f9a318fba853SHA-256: d6b88bbb40a2d22ff9ab1cbc21dff0492e4db28e5b31f6c1fd5c5f7298467a30
 
x86_64:
kernel-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 025444c9f299d8ae5344dff080269f5cSHA-256: fa6eb20892bf76902a3b65aa954f2404509fcc653ca0ccfd6fde271c3d6f620c
kernel-debug-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 760f8a2acb1813ce75ca80ed88b0d39cSHA-256: 7c1530405b26550df9d9aa7410b848c29375288f0f18275b4cd90620225ea9a8
kernel-debug-debuginfo-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 64094806798f1a9ce69956e14254c70cSHA-256: 156365bbd199cc16309bd8d3186cff5cb94b3fa30992220652dd7896035ee8c1
kernel-debug-devel-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 54cf0924dc1d9ae0fdb6d956f77189a2SHA-256: 98519c6b843a63d7ecd03f72d33d13f1191042a41d1cf81cb81438c731ee36ae
kernel-debuginfo-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 6e18c309625aa27cc4887652ff489f3eSHA-256: 4fa307d2479b9562bf5e7c4739e1579f194e86ca055f5f2b265259597d4e4394
kernel-debuginfo-common-x86_64-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: aeb2bdf1ddb9df2cc2f5d53fc8a30234SHA-256: f884a9ccc12467c04cdbbe2a8027c3583ed7525ff4ec3b5d8335bc7bf6883ed1
kernel-devel-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 2e6c6468215f810443a16617cbea80f0SHA-256: 18c322fe82db33fd4653f8ce50b39741580a189872d8541cc6f9fbdb03ea7f41
kernel-doc-2.6.32-220.58.1.el6.noarch.rpm
    MD5: b79740a6fb673f57a75dad49d7698d51SHA-256: bbfcdaae2c8354dd02faf10720c126c7360cc829c442f3c503ad8d0edd7c165d
kernel-firmware-2.6.32-220.58.1.el6.noarch.rpm
    MD5: ef1b75253dec32f49c374688d8ef13bcSHA-256: f38d6fcc041c8dfdb287cf572cec349c69963f11550745614e279de777f14d07
kernel-headers-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: c9d5ff92b0949d55b743b98b1b986e91SHA-256: 1bfb5bb7028c32b44bc7a109b357989011dfbb26b99bfb52cda1a31c9b087170
perf-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: f5d27403e3a4e9bbc659b177b66371d2SHA-256: 2429ecd7d4735627ca72ec65d1906f6373ff458617a3764b41d5587a61b9162e
perf-debuginfo-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 94952ccfeb178c7cc0671165357ff343SHA-256: 946f3ee8ae006af709f8013228a45c3482a02359f87b35a27a2a55132082d108
python-perf-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: 5fa5d964ef21fa6c84367f2b9bf1da0bSHA-256: 5e63ae61a6fe8f15eeb23fe76632341779e101955d872a882b2e25eab10518c7
python-perf-debuginfo-2.6.32-220.58.1.el6.x86_64.rpm
    MD5: f3e2af0e627cd23c69bcf444f099efdfSHA-256: a023cb410e4208a934677cf4233825b8e2a0216abc8f91e40e0e32822d282d57
 
(The unlinked packages above are only available from the Red Hat Network)
1147850 – CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks1155731 – CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks1155745 – CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply