An update for kernel is now available for Red Hat Enterprise Linux 6.2 AdvancedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operatingsystem.Security Fix(es):* A flaw was found in the way certain interfaces of the Linux kernel’sInfiniband subsystem used write() as bi-directional ioctl() replacement, whichcould lead to insufficient memory security checks when being invoked using thesplice() system call. A local unprivileged user on a system with eitherInfiniband hardware present or RDMA Userspace Connection Manager Access moduleexplicitly loaded, could use this flaw to escalate their privileges on thesystem. (CVE-2016-4565, Important)Red Hat would like to thank Jann Horn for reporting this issue.
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258The system must be rebooted for this update to take effect.Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
kernel-2.6.32-220.67.1.el6.src.rpm
    MD5: ae099e4d96de97db50dd42492cce6f78SHA-256: 51f4d027bca33349b6505f30ba52ce331f10250909179b3a68c8ac1e5243ed3a
 
x86_64:
kernel-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 7caf8349fb3e9321dfda8861761436fdSHA-256: abebb6d26df15986c127103785403fff510a6d70285a411e41e5f945f5c89718
kernel-debug-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 76b6e9ba4b61b3fa9153d06ebabff280SHA-256: 3c7a91e59755c5eb09c6d0c7bd8c8e284f7c6ca3fea412c96a6f84e1c6d2dd23
kernel-debug-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 1ca759c2676396b8671b8d60a498da9bSHA-256: 6cf3316646728bc016733ffdfeed03a4c106e3efb4b295dc8c66c96ca709af27
kernel-debug-devel-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 094fddeff6fd4c6c8806a234bbadd832SHA-256: aa05dd99509df95a49fb29b80a1f8864c2d9de70617f685318fc478b9281d4a9
kernel-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 3fb98d8340c063def5eae4dc495708f5SHA-256: 98f79cc4a855b0f1c88a986c32035d30f4695faa788e38cacc1bbb1ff06b556f
kernel-debuginfo-common-x86_64-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 988253124de3f0dce2df1f67920ffa6eSHA-256: 5431731488f5743cc2ffd294e71d788cd065aef4e4643f2a117cd7f197f837d1
kernel-devel-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 88b409debd22064314c7b942e49939b5SHA-256: 99ef95e148c770aac670196c62581cc38569dffcf568bec1531e8b9028120d0c
kernel-doc-2.6.32-220.67.1.el6.noarch.rpm
    MD5: 270010027cb20de1d195b8940f292c50SHA-256: e35d01028019681f84d1fc52f4fefb974b0b1b3bbad2f93ea847db4b76eb11a5
kernel-firmware-2.6.32-220.67.1.el6.noarch.rpm
    MD5: 0370faebb02d795a33c2231d17a5a1b1SHA-256: 2a4099f69f78ae1cc2c00554cee5454fbe83a4fc16eea1ae5397c8a958817c2b
kernel-headers-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 7aea6dc1e604a85bf770228101249eb0SHA-256: f3bae27740b1557c9dd88bbbb43d2d046aa1986433b1d9550a8fb1b2283afaa9
perf-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 9d4188b02cd1d35d2b9fb9495a049e48SHA-256: 764851a26bdeef55708e7952a6ef0d784a5c9a96e2e5b7e760a0a285e226f24e
perf-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 829d3d2990ce71cd467504b41dbd8421SHA-256: c7964b1a73cdd63237777bf8e56181e99d641223a19faa250b007dfb39a3078c
python-perf-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 14741132c88095cf719eed8356d68f18SHA-256: 1d54a9076c8cbe3b9a30914a157c2b588e385fa9b1bfb6a4fb0ee0b5de06bdcb
python-perf-debuginfo-2.6.32-220.67.1.el6.x86_64.rpm
    MD5: 372922543bfd5c4c953b07e5dff7da4cSHA-256: 6e8029fc6cb377e48eb7a9edb0860c56aade42a47f70bdbfe2dc4c1075c73355
 
(The unlinked packages above are only available from the Red Hat Network)

1310570 – CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply