Updated kernel packages that fix one security issue and one bug are nowavailable for Red Hat Enterprise Linux 5.9 Advanced Update Support.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.* It was found that the Linux kernel’s implementation of vectored pipe readand write functionality did not take into account the I/O vectors that werealready processed when retrying after a failed atomic access operation,potentially resulting in memory corruption due to an I/O vector arrayoverrun. A local, unprivileged user could use this flaw to crash the systemor, potentially, escalate their privileges on the system. (CVE-2015-1805,Important)The security impact of this issue was discovered by Red Hat.This update also fixes the following bug:* Previously, the signal delivery paths did not clear the TS_USEDFPU flag,which could confuse the switch_to() function and lead to floating-pointunit (FPU) corruption. With this update, TS_USEDFPU is cleared as expected,and FPU is no longer under threat of corruption. (BZ#1214239)All kernel users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. The system must berebooted for this update to take effect.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Long Life (v. 5.9 server)

SRPMS:
kernel-2.6.18-348.31.2.el5.src.rpm
    MD5: 373c7fe34138fe89600d734a90d57f89SHA-256: f5e9b07a1cbe62bb501ce2fb79f040b777e9270e66e411b78e0e8049ef136661
 
IA-32:
kernel-2.6.18-348.31.2.el5.i686.rpm
    MD5: 4afc6f609ead71ec4825d594bd1dc9aaSHA-256: 2b162d840518067841ea588365fb527dda10be52fe72c161031ae83de9d5fb88
kernel-PAE-2.6.18-348.31.2.el5.i686.rpm
    MD5: ba7d8ab53074fe3a53e825b3d31e81bbSHA-256: c4103f53bc87afd6d5303f6412d4830dc08108e28ffac1760a7a70ae8f4c2a84
kernel-PAE-devel-2.6.18-348.31.2.el5.i686.rpm
    MD5: 31530989e0aa55e3b8ed1d04afafc9d9SHA-256: 6f613a19f5a73e7048d513c1d876711d3df26eaba02eaa7567df48e2e5434638
kernel-debug-2.6.18-348.31.2.el5.i686.rpm
    MD5: 3c421e11baa77d96283608b5a9319ac8SHA-256: 3e0172715b96efbec8ea8c693d159272a76d1dd5ded443ec70f39bd35d83b845
kernel-debug-devel-2.6.18-348.31.2.el5.i686.rpm
    MD5: b1639298a885ac03563e143c072fa14bSHA-256: c35bc7b2fa0fc2b74576adbbc465dab8db36302398138f581c0480f01f501830
kernel-devel-2.6.18-348.31.2.el5.i686.rpm
    MD5: b2a8ce852210e975e12103e86ed4094cSHA-256: a99d8b5bd339732aad993359e911c15d789c1587ae09efb5a60c6cd8b0411946
kernel-doc-2.6.18-348.31.2.el5.noarch.rpm
    MD5: 6ac36d81bfcc9a575a4b42e980479cc5SHA-256: c4f4f3a9023cfcb9bc24e339ee9c0aef1f4fac0026d13369e0b8b2bb67a154ab
kernel-headers-2.6.18-348.31.2.el5.i386.rpm
    MD5: 20e3a877d824d048f608c43a0058153dSHA-256: 2a236fe8a8102076440c9df328767b553d48783f17f91b4448a7bc88adbe2792
kernel-xen-2.6.18-348.31.2.el5.i686.rpm
    MD5: 03ec92e5e5796082bbac9e448d62e2f6SHA-256: 72b05e7626d1ad409979c0d7e337a972e1f4bfdea6a0a62944e4ae55964b64bb
kernel-xen-devel-2.6.18-348.31.2.el5.i686.rpm
    MD5: cccdd10f778e3598cad11b4c355eb249SHA-256: 0fd7e2077827023661e584f434cdc8e5d78c774c38832a9cfbcaef731c8be7ba
 
IA-64:
kernel-2.6.18-348.31.2.el5.ia64.rpm
    MD5: 9d883b7df4f4ab20b0bbf12fd886360aSHA-256: 0f3c2e75ea35713fd0ddfd5a1585df5ca9ccc2966222f66114f8f7d70772ae5d
kernel-debug-2.6.18-348.31.2.el5.ia64.rpm
    MD5: 444ad7c3a35c1963fb6513c15ed50054SHA-256: 34ba1c138ccd11d753b4af4610226d5959b5d58c077797d280b826bec9f128e9
kernel-debug-devel-2.6.18-348.31.2.el5.ia64.rpm
    MD5: cfce5fc628d177c2c4b32bd3fcf715eeSHA-256: 46a9c497dd64e0c581cc0feca65829180f02877b0207abffd49850d122ea771b
kernel-devel-2.6.18-348.31.2.el5.ia64.rpm
    MD5: 3b43a356713c2ff94e27c208b441313dSHA-256: 33a8256a1c455b3767d8262f8af28233263162012a135f9d8e7cc4456a096f41
kernel-doc-2.6.18-348.31.2.el5.noarch.rpm
    MD5: 6ac36d81bfcc9a575a4b42e980479cc5SHA-256: c4f4f3a9023cfcb9bc24e339ee9c0aef1f4fac0026d13369e0b8b2bb67a154ab
kernel-headers-2.6.18-348.31.2.el5.ia64.rpm
    MD5: 52c195999df988360fc079b37cd9c855SHA-256: 9aff31099f05d6d08fbed8fa660944095a95caf0a68dcaa0f9605ff984d1aac1
kernel-xen-2.6.18-348.31.2.el5.ia64.rpm
    MD5: 752f4cd446a2d3721ebcb164083d73baSHA-256: 42a6afc5fcf679e500e502a379b1f1b5817c4af3f28bcd27e08d3a7c4dddfcfa
kernel-xen-devel-2.6.18-348.31.2.el5.ia64.rpm
    MD5: 28f155962199591b6cdb385156c86742SHA-256: ccc12b389f9338ccdf6c7e5fcf956751e82e1b4294434acc467a0a3b2ff8b287
 
x86_64:
kernel-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: 302b656c39d8d569f4251db8f5ad00a6SHA-256: 04bd742095fba8e1e27c61a7c2e103351025f4c86a6324f9fee4ac420648483e
kernel-debug-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: 9d2b0f8b32b71c9ae09f7339e5fa16a1SHA-256: 1e77089496e3d1ce46a945e107da26372a1b11e8da326e0fdf597949acd0df13
kernel-debug-devel-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: 844d36232d4f9629bca71387cd16e963SHA-256: b69b328965314bb40df6ce255fb0e00029128573cb3f5828a5a99a12362af916
kernel-devel-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: 50fb70c03b932e04225bd725c29f66f8SHA-256: 3462e3870f2c8cfcc71eef23e75617fa98e42e5fa34d7a94e1b7c1620f2332ee
kernel-doc-2.6.18-348.31.2.el5.noarch.rpm
    MD5: 6ac36d81bfcc9a575a4b42e980479cc5SHA-256: c4f4f3a9023cfcb9bc24e339ee9c0aef1f4fac0026d13369e0b8b2bb67a154ab
kernel-headers-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: dcf62a5ff5b10b835b7a522fd39cd12dSHA-256: 0dd906f262405d8c9963aacc441eb7ffe38d4077744bd345a81bc45cfc8558e9
kernel-xen-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: 8bf2017eb83a40516bcb805b2d74a75cSHA-256: e81b3caeac824892ab67bd8a851570000a6270a44001e95012a04463b21f054e
kernel-xen-devel-2.6.18-348.31.2.el5.x86_64.rpm
    MD5: ec32e1605fbbbae77c26ea3cdfad5c0fSHA-256: de63b156bcdaa428d3c066ef3013cacbfbdea87727dbbdf9aff231bda468edd8
 
(The unlinked packages above are only available from the Red Hat Network)
1202855 – CVE-2015-1805 kernel: pipe: iovec overrun leading to memory corruption

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply