- Home
- CVEs with nessus.description==From+Red+Hat+Security+Advisory+2015%3A0102+%3A%0A%0AUpdated+kernel+packages+that+fix+multiple+security+issues+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+7.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+Important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+SCTP+implementation+validated+INIT+chunks+when+performing+Address+Configuration+Change+%28ASCONF%29.+A+remote+attacker+could+use+this+flaw+to+crash+the+system+by+sending+a+specially+crafted+SCTP+packet+to+trigger+a+NULL+pointer+dereference+on+the+system.+%28CVE-2014-7841%2C+Important%29%0A%0A%2A+A+race+condition+flaw+was+found+in+the+way+the+Linux+kernel%27s+mmap%282%29%2C+madvise%282%29%2C+and+fallocate%282%29+system+calls+interacted+with+each+other+while+operating+on+virtual+memory+file+system+files.+A+local+user+could+use+this+flaw+to+cause+a+denial+of+service.%0A%28CVE-2014-4171%2C+Moderate%29%0A%0A%2A+A+NULL+pointer+dereference+flaw+was+found+in+the+way+the+Linux+kernel%27s+Common+Internet+File+System+%28CIFS%29+implementation+handled+mounting+of+file+system+shares.+A+remote+attacker+could+use+this+flaw+to+crash+a+client+system+that+would+mount+a+file+system+share+from+a+malicious+server.+%28CVE-2014-7145%2C+Moderate%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+splice%28%29+system+call+validated+its+parameters.+On+certain+file+systems%2C+a+local%2C+unprivileged+user+could+use+this+flaw+to+write+past+the+maximum+file+size%2C+and+thus+crash+the+system.+%28CVE-2014-7822%2C+Moderate%29%0A%0A%2A+It+was+found+that+the+parse_rock_ridge_inode_internal%28%29+function+of+the+Linux+kernel%27s+ISOFS+implementation+did+not+correctly+check+relocated+directories+when+processing+Rock+Ridge+child+link+%28CL%29+tags.%0AAn+attacker+with+physical+access+to+the+system+could+use+a+specially+crafted+ISO+image+to+crash+the+system+or%2C+potentially%2C+escalate+their+privileges+on+the+system.+%28CVE-2014-5471%2C+CVE-2014-5472%2C+Low%29%0A%0ARed+Hat+would+like+to+thank+Akira+Fujita+of+NEC+for+reporting+the+CVE-2014-7822+issue.+The+CVE-2014-7841+issue+was+discovered+by+Liu+Wei+of+Red+Hat.%0A%0AThis+update+also+fixes+the+following+bugs+%3A%0A%0A%2A+Previously%2C+a+kernel+panic+could+occur+if+a+process+reading+from+a+locked+NFS+file+was+killed+and+the+lock+was+not+released+properly+before+the+read+operations+finished.+Consequently%2C+the+system+crashed.%0AThe+code+handling+file+locks+has+been+fixed%2C+and+instead+of+halting%2C+the+system+now+emits+a+warning+about+the+unreleased+lock.+%28BZ%231172266%29%0A%0A%2A+A+race+condition+in+the+command+abort+handling+logic+of+the+ipr+device+driver+could+cause+the+kernel+to+panic+when+the+driver+received+a+response+to+an+abort+command+prior+to+receiving+other+responses+to+the+aborted+command+due+to+the+support+for+multiple+interrupts.+With+this+update%2C+the+abort+handler+waits+for+the+aborted+command%27s+responses+first+before+completing+an+abort+operation.+%28BZ%231162734%29%0A%0A%2A+Previously%2C+a+race+condition+could+occur+when+changing+a+Page+Table+Entry+%28PTE%29+or+a+Page+Middle+Directory+%28PMD%29+to+%27pte_numa%27+or+%27pmd_numa%27%2C+respectively%2C+causing+the+kernel+to+crash.+This+update+removes+the+BUG_ON%28%29+macro+from+the+__handle_mm_fault%28%29+function%2C+preventing+the+kernel+panic+in+the+aforementioned+scenario.%0A%28BZ%231170662%29%0A%0AAll+kernel+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top