An update for kernel is now available for Red Hat Enterprise Linux 6.4 AdvancedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operatingsystem.Security Fix(es):* A flaw was found in the way certain interfaces of the Linux kernel’sInfiniband subsystem used write() as bi-directional ioctl() replacement, whichcould lead to insufficient memory security checks when being invoked using thesplice() system call.

A local unprivileged user on a system with eitherInfiniband hardware present or RDMA Userspace Connection Manager Access moduleexplicitly loaded, could use this flaw to escalate their privileges on thesystem. (CVE-2016-4565)Red Hat would like to thank Jann Horn for reporting this issue.
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258The system must be rebooted for this update to take effect.Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
kernel-2.6.32-358.72.1.el6.src.rpm
    MD5: 865f99deb4aa470315463e45814ffe9fSHA-256: 2289dbed5c9f752656376a060c844a9e8339b893aab2ac047ebdad39be06fca8
 
x86_64:
kernel-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 3c63989b5da1cce6a936ef89add972afSHA-256: b21cb8c7653bac88bc847e887a5859cad07f36fedcac66543da30a5b8b7f168d
kernel-debug-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 7330a46a369953d21b3b969b8a49f4f0SHA-256: 2db4a2601eec77bede6e4263e779383e763295b949c6972a66a3969ef9200360
kernel-debug-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: a00b6f385ec56b2f1b308432eedbf046SHA-256: ebd2273498877e8c86ab9d74843941d8e15bbc86d7fae46d0875c7660e21b363
kernel-debug-devel-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 12a6a6c120c82a16269c099206d58f2fSHA-256: 776a1da8d6e416e8679d24962081f186e077bdff69c09341f80b890c8a61e1b8
kernel-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 600c56eda4a7fa3efec7bdd8bf8707c3SHA-256: 546ceabdfae6188a0a052af45b59bf7c4d550bcb67d65c2bdea1cc2941e9ae26
kernel-debuginfo-common-x86_64-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 2ea3a1bd81adaabe05dff2a05c5e1bdfSHA-256: 2b74356636381112af8053c88775c105fab8a821f160a5e8464afb37cfd8b37e
kernel-devel-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 9be03d9d229388ef78ba104573d99a74SHA-256: 6485cb08be1d0dae3b638112eeb4a23c96452805841eae99ba86d8a95cc6266f
kernel-doc-2.6.32-358.72.1.el6.noarch.rpm
    MD5: 7fa7b52f116ddd0c813b59775847a705SHA-256: 46e79aca46f074a7440b4686a1de309afae5a008c38434ddbb81702fa23a3c9a
kernel-firmware-2.6.32-358.72.1.el6.noarch.rpm
    MD5: ba8cb113f5be02dc3f633f49b173a7ffSHA-256: badff12c5e7445037572d424dddfdeecc730a23ba2736d8188bea972ee83d1fb
kernel-headers-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 92413b38990fc983b27b4210581ae948SHA-256: e6e5f699e8a75b5312a7f4592ce131103a0bddbbb084c780a17971e7f47cd370
perf-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 118eb29743af26da015362e65d1cc4dcSHA-256: 1a1143edf14d6fc1dd65669c97ec9da15153e883304f120f10821b5eb1f1fde1
perf-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 315b7be2b44fa0957980cb2cded5c6d6SHA-256: bcc57770c26bf6a3cd0b70c5b189c03a58878b53dd2b4d937f9679be62786db0
python-perf-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 120be75f8c5c982ed33cf7b51502bf4eSHA-256: 83845088aeb66365a9614d6f8d2e9715b41bc0cdecb35d2681b43afb19d7ba42
python-perf-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm
    MD5: 04da48df0b1051d7ce9cb31c781f6d07SHA-256: 44705eda69c3f425ccc23f5f77f25b01be9aa28251ab8310bc3f53a8f3a7e1f0
 
(The unlinked packages above are only available from the Red Hat Network)

1310570 – CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply