An update for kernel is now available for Red Hat Enterprise Linux 6.5 AdvancedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operatingsystem.Security Fix(es):* A flaw was found in the way certain interfaces of the Linux kernel’sInfiniband subsystem used write() as bi-directional ioctl() replacement, whichcould lead to insufficient memory security checks when being invoked using thesplice() system call. A local unprivileged user on a system with eitherInfiniband hardware present or RDMA Userspace Connection Manager Access moduleexplicitly loaded, could use this flaw to escalate their privileges on thesystem. (CVE-2016-4565, Important)* It was found that the RFC 5961 challenge ACK rate limiting as implemented inthe Linux kernel’s networking subsystem allowed an off-path attacker to leakcertain information about a given connection by creating congestion on theglobal challenge ACK rate limit counter and then measuring the changes byprobing packets. An off-path attacker could use this flaw to either terminateTCP connection and/or inject payload into non-secured TCP connection between twoendpoints on the network. (CVE-2016-5696, Important)Red Hat would like to thank Jann Horn for reporting CVE-2016-4565 and Yue Cao(Cyber Security Group of the CS department of University of California inRiverside) for reporting CVE-2016-5696.Bug Fix(es):* After upgrading the kernel, CPU load average increased compared to the priorkernel version due to the modification of the scheduler. The provided patchsetmakes the calculation algorithm of this load average roll back to the status ofthe previous system version thus resulting in relatively lower values in thesame system load. (BZ#1343010)
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258The system must be rebooted for this update to take effect.Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
kernel-2.6.32-431.73.2.el6.src.rpm
    MD5: a1d875c6380a39aee0667c2ddafed654SHA-256: c9a369a1f868f13dbdcc6cb7793a990ee8009cb30f7256d33afe0f0ee291ab8b
 
x86_64:
kernel-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: b8b542f54cf64de2b5ebe366a17eb595SHA-256: 8c997d4e764db9351d075c1bf7ddd2f53fd58edab5453410a0db98b7ef43fd04
kernel-abi-whitelists-2.6.32-431.73.2.el6.noarch.rpm
    MD5: 1249f64ccf03ce60a2d3a2271dbfaeb8SHA-256: 83d4a626ad990b567709005c4ed68d4e34704b2e3468a2fa16a9b09fa872d5cd
kernel-debug-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 908ce76f7fd920dd451780b2a2b1d838SHA-256: 99fce47d13d06d5fb47f168a1b8d453aedf5d7d7e079df242035c4cbe5dc5847
kernel-debug-debuginfo-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: d8ac1d181f442b87cffa51a6e653d068SHA-256: 60deaace0b1aa6b9397e3496b35e06d0609ec40584971c93f04a234b7bbfd4b1
kernel-debug-devel-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 0a738dc967f3f6c190238698b0820bb0SHA-256: a288c7138c72a14f80c8eeeffa8aa55eab6f439c4e717cb095261adaeaddc5e0
kernel-debuginfo-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 825c144b925d1eaeb53ccd5a544d4962SHA-256: 147fc874fb460f04f1275714467594af6e9d72aac90eb1cd545cb8ab24856756
kernel-debuginfo-common-x86_64-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 582ad12ded45fe4a8ae68bd4b0076c18SHA-256: 0e83a9da4b58e17c1f2ae1a2771e85f847dfe8ae3faac8dae6c6d5c87e26353c
kernel-devel-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 690be4d2ef100b7b9db7080a2ee03480SHA-256: 00e411b356ef07be0129c97eb173f331639527f4963121ac8c500b242ebba37e
kernel-doc-2.6.32-431.73.2.el6.noarch.rpm
    MD5: 0e311670af3633650807b06c3306cc8aSHA-256: a5fe6778ac59784c17b814713715d37d9cbc51078f09d66f2698f16e4cdc011c
kernel-firmware-2.6.32-431.73.2.el6.noarch.rpm
    MD5: e5a02da920696d7c5e9e40246b536263SHA-256: 70a4d75567beabecfdbee11e1375e0f667e2276093ff99b205ee5ed666be5a29
kernel-headers-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: f7af869b0ec7c73df4cf40bb7772d609SHA-256: d559b2a02923531e0019c3e3f04a0cea2124c3b081cc126115d9e1bbb03c9ad8
perf-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 390f9fd198da63514ba3c220d0875116SHA-256: 435965e8d6abf336a5c5c55e8328bdcf619aefc64acfbcceacb4a0946fe679f7
perf-debuginfo-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: 13b3318983d6205559291e85c46091bcSHA-256: 693e4f7f25af56eef968c6572d686c80b1ee51b96b13ba7d90c147bbceafc984
python-perf-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: f0e8a0fec2134d052e38da029afc85e4SHA-256: fe7ec75d8b751632ad1d5509be4f58b1d393d2df8c590af8cf0fdf0e5baef39f
python-perf-debuginfo-2.6.32-431.73.2.el6.x86_64.rpm
    MD5: c1a0772cd0ff72a1ab677dd68cd3909eSHA-256: 4968935356bc748aa440ed86f4d59cc8f0172c71e8828fa71c9e102438e4ed3c
 
(The unlinked packages above are only available from the Red Hat Network)

1310570 – CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko1354708 – CVE-2016-5696 kernel: challenge ACK counter information disclosure.

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply