- Home
- CVEs with nessus.description==From+Red+Hat+Security+Advisory+2015%3A0674+%3A%0A%0AUpdated+kernel+packages+that+fix+multiple+security+issues+and+several+bugs+are+now+available+for+Red+Hat+Enterprise+Linux+6.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+Important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+It+was+found+that+the+Linux+kernel%27s+Infiniband+subsystem+did+not+properly+sanitize+input+parameters+while+registering+memory+regions+from+user+space+via+the+%28u%29verbs+API.+A+local+user+with+access+to+a+%2Fdev%2Finfiniband%2FuverbsX+device+could+use+this+flaw+to+crash+the+system+or%2C+potentially%2C+escalate+their+privileges+on+the+system.%0A%28CVE-2014-8159%2C+Important%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+splice%28%29+system+call+validated+its+parameters.+On+certain+file+systems%2C+a+local%2C+unprivileged+user+could+use+this+flaw+to+write+past+the+maximum+file+size%2C+and+thus+crash+the+system.+%28CVE-2014-7822%2C+Moderate%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+netfilter+subsystem+handled+generic+protocol+tracking.+As+demonstrated+in+the+Stream+Control+Transmission+Protocol+%28SCTP%29+case%2C+a+remote+attacker+could+use+this+flaw+to+bypass+intended+iptables+rule+restrictions+when+the+associated+connection+tracking+module+was+not+loaded+on+the+system.%0A%28CVE-2014-8160%2C+Moderate%29%0A%0A%2A+It+was+found+that+the+fix+for+CVE-2014-3601+was+incomplete%3A+the+Linux+kernel%27s+kvm_iommu_map_pages%28%29+function+still+handled+IOMMU+mapping+failures+incorrectly.+A+privileged+user+in+a+guest+with+an+assigned+host+device+could+use+this+flaw+to+crash+the+host.%0A%28CVE-2014-8369%2C+Moderate%29%0A%0ARed+Hat+would+like+to+thank+Mellanox+for+reporting+CVE-2014-8159%2C+and+Akira+Fujita+of+NEC+for+reporting+CVE-2014-7822.%0A%0ABug+fixes+%3A%0A%0A%2A+The+maximum+amount+of+entries+in+the+IPv6+route+table+%28net.ipv6.route.max_size%29+was+4096%2C+and+every+route+towards+this+maximum+size+limit+was+counted.+Communication+to+more+systems+was+impossible+when+the+limit+was+exceeded.+Now%2C+only+cached+routes+are+counted%2C+which+guarantees+that+the+kernel+does+not+run+out+of+memory%2C+but+the+user+can+now+install+as+many+routes+as+the+memory+allows+until+the+kernel+indicates+it+can+no+longer+handle+the+amount+of+memory+and+returns+an+error+message.%0A%0AIn+addition%2C+the+default+%27net.ipv6.route.max_size%27+value+has+been+increased+to+16384+for+performance+improvement+reasons.+%28BZ%231177581%29%0A%0A%2A+When+the+user+attempted+to+scan+for+an+FCOE-served+Logical+Unit+Number+%28LUN%29%2C+after+an+initial+LUN+scan%2C+a+kernel+panic+occurred+in+bnx2fc_init_task.+System+scanning+for+LUNs+is+now+stable+after+LUNs+have+been+added.+%28BZ%231179098%29%0A%0A%2A+Under+certain+conditions%2C+such+as+when+attempting+to+scan+the+network+for+LUNs%2C+a+race+condition+in+the+bnx2fc+driver+could+trigger+a+kernel+panic+in+bnx2fc_init_task.+A+patch+fixing+a+locking+issue+that+caused+the+race+condition+has+been+applied%2C+and+scanning+the+network+for+LUNs+no+longer+leads+to+a+kernel+panic.+%28BZ%231179098%29%0A%0A%2A+Previously%2C+it+was+not+possible+to+boot+the+kernel+on+Xen+hypervisor+in+PVHVM+mode+if+more+than+32+vCPUs+were+specified+in+the+guest+configuration.+Support+for+more+than+32+vCPUs+has+been+added%2C+and+the+kernel+now+boots+successfully+in+the+described+situation.+%28BZ%231179343%29%0A%0A%2A+When+the+NVMe+driver+allocated+a+namespace+queue%2C+it+indicated+that+it+was+a+request-based+driver+when+it+was+actually+a+block+I%2FO-based+driver.+Consequently%2C+when+NVMe+driver+was+loaded+along+with+a+request-based+dm+device%2C+the+system+could+terminate+unexpectedly+or+become+unresponsive+when+attempting+to+access+data.+The+NVMe+driver+no+longer+sets+the+QUEUE_FLAG_STACKABLE+bit+when+allocating+a+namespace+queue+and+device-mapper+no+longer+perceives+NVMe+driver+as+request-based%3B+system+hangs+or+crashes+no+longer+occur.+%28BZ%231180555%29%0A%0A%2A+If+a+user+attempted+to+apply+an+NVRAM+firmware+update+when+running+the+tg3+module+provided+with+Red+Hat+Enterprise+Linux+6.6+kernels%2C+the+update+could+fail.+As+a+consequence%2C+the+Network+Interface+Card+%28NIC%29+could+stay+in+an+unusable+state+and+this+could+prevent+the+entire+system+from+booting.+The+tg3+module+has+been+updated+to+correctly+apply+firmware+updates.+%28BZ%231182903%29%0A%0A%2A+Support+for+key+sizes+of+256+and+192+bits+has+been+added+to+AES-NI.%0A%28BZ%231184332%29
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top