- Home
- CVEs with nessus.description==Updated+kernel-rt+packages+that+fix+multiple+security+issues%2C+several+bugs%2C+and+add+various+enhancements+are+now+available+for+Red+Hat+Enterprise+Linux+7.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+Important+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel-rt+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+A+flaw+was+found+in+the+kernel%27s+implementation+of+the+Berkeley+Packet+Filter+%28BPF%29.+A+local+attacker+could+craft+BPF+code+to+crash+the+system+by+creating+a+situation+in+which+the+JIT+compiler+would+fail+to+correctly+optimize+the+JIT+image+on+the+last+pass.+This+would+lead+to+the+CPU+executing+instructions+that+were+not+part+of+the+JIT+code.+%28CVE-2015-4700%2C+Important%29%0A%0A%2A+Two+flaws+were+found+in+the+way+the+Linux+kernel%27s+networking+implementation+handled+UDP+packets+with+incorrect+checksum+values.+A+remote+attacker+could+potentially+use+these+flaws+to+trigger+an+infinite+loop+in+the+kernel%2C+resulting+in+a+denial+of+service+on+the+system%2C+or+cause+a+denial+of+service+in+applications+using+the+edge+triggered+epoll+functionality.+%28CVE-2015-5364%2C+CVE-2015-5366%2C+Important%29%0A%0A%2A+A+flaw+was+found+in+the+way+the+Linux+kernel%27s+ext4+file+system+handled+the+%27page+size+%3E+block+size%27+condition+when+the+fallocate+zero+range+functionality+was+used.+A+local+attacker+could+use+this+flaw+to+crash+the+system.+%28CVE-2015-0275%2C+Moderate%29%0A%0A%2A+It+was+found+that+the+Linux+kernel%27s+keyring+implementation+would+leak+memory+when+adding+a+key+to+a+keyring+via+the+add_key%28%29+function.%0AA+local+attacker+could+use+this+flaw+to+exhaust+all+available+memory+on+the+system.+%28CVE-2015-1333%2C+Moderate%29%0A%0A%2A+A+race+condition+flaw+was+found+in+the+way+the+Linux+kernel%27s+SCTP+implementation+handled+Address+Configuration+lists+when+performing+Address+Configuration+Change+%28ASCONF%29.+A+local+attacker+could+use+this+flaw+to+crash+the+system+via+a+race+condition+triggered+by+setting+certain+ASCONF+options+on+a+socket.+%28CVE-2015-3212%2C+Moderate%29%0A%0A%2A+An+information+leak+flaw+was+found+in+the+way+the+Linux+kernel%27s+Virtual+Dynamic+Shared+Object+%28vDSO%29+implementation+performed+address+randomization.+A+local%2C+unprivileged+user+could+use+this+flaw+to+leak+kernel+memory+addresses+to+user-space.+%28CVE-2014-9585%2C+Low%29%0A%0ARed+Hat+would+like+to+thank+Daniel+Borkmann+for+reporting+CVE-2015-4700%2C+and+Canonical+for+reporting+the+CVE-2015-1333+issue.%0AThe+CVE-2015-0275+issue+was+discovered+by+Xiong+Zhou+of+Red+Hat%2C+and+the+CVE-2015-3212+issue+was+discovered+by+Ji+Jianwen+of+Red+Hat+Engineering.%0A%0AThe+kernel-rt+packages+have+been+upgraded+to+version+3.10.0-229.13.1%2C+which+provides+a+number+of+bug+fixes+and+enhancements+over+the+previous+version%2C+including+%3A%0A%0A%2A+Fix+regression+in+scsi_send_eh_cmnd%28%29%0A%0A%2A+boot+hangs+at+%27Console%3A+switching+to+colour+dummy+device+80x25%27%0A%0A%2A+Update+tcp+stack+to+3.17+kernel%0A%0A%2A+Missing+some+code+from+patch+%27%28...%29+Fix+VGA+switcheroo+problem+related+to+hotplug%27%0A%0A%2A+ksoftirqd+high+CPU+usage+due+to+stray+tasklet+from+ioatdma+driver%0A%0A%2A+During+Live+Partition+Mobility+%28LPM%29+testing%2C+RHEL+7.1+LPARs+will+crash+in+kmem_cache_alloc%0A%0A%28BZ%231253809%29%0A%0AThis+update+also+fixes+the+following+bug+%3A%0A%0A%2A+The+hwlat_detector.ko+module+samples+the+clock+and+records+any+intervals+between+reads+that+exceed+a+specified+threshold.+However%2C+the+module+previously+tracked+the+maximum+interval+seen+for+the+%27inner%27+interval+but+did+not+record+when+the+%27outer%27+interval+was+greater.+A+patch+has+been+applied+to+fix+this+bug%2C+and+hwlat_detector.ko+now+correctly+records+if+the+outer+interval+is+the+maximal+interval+encountered+during+the+run.+%28BZ%231252365%29%0A%0AAll+kernel-rt+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+correct+these+issues+and+add+these+enhancements.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top