- Home
- CVEs with nessus.description==Updated+kernel-rt+packages+that+fix+three+security+issues%2C+several+bugs%2C+and+add+various+enhancements+are+now+available+for+Red+Hat+Enterprise+MRG+2.5.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+Moderate+security+impact.+Common+Vulnerability+Scoring+System+%28CVSS%29+base+scores%2C+which+give+detailed+severity+ratings%2C+are+available+for+each+vulnerability+from+the+CVE+links+in+the+References+section.%0A%0AThe+kernel-rt+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+An+integer+overflow+flaw+was+found+in+the+way+the+Linux+kernel%27s+netfilter+connection+tracking+implementation+loaded+extensions.+An+attacker+on+a+local+network+could+potentially+send+a+sequence+of+specially+crafted+packets+that+would+initiate+the+loading+of+a+large+number+of+extensions%2C+causing+the+targeted+system+in+that+network+to+crash.+%28CVE-2014-9715%2C+Moderate%29%0A%0A%2A+It+was+found+that+the+Linux+kernel%27s+ping+socket+implementation+did+not+properly+handle+socket+unhashing+during+spurious+disconnects%2C+which+could+lead+to+a+use-after-free+flaw.+On+x86-64+architecture+systems%2C+a+local+user+able+to+create+ping+sockets+could+use+this+flaw+to+crash+the+system.+On+non-x86-64+architecture+systems%2C+a+local+user+able+to+create+ping+sockets+could+use+this+flaw+to+escalate+their+privileges+on+the+system.+%28CVE-2015-3636%2C+Moderate%29%0A%0A%2A+It+was+found+that+the+Linux+kernel%27s+TCP%2FIP+protocol+suite+implementation+for+IPv6+allowed+the+Hop+Limit+value+to+be+set+to+a+smaller+value+than+the+default+one.+An+attacker+on+a+local+network+could+use+this+flaw+to+prevent+systems+on+that+network+from+sending+or+receiving+network+packets.+%28CVE-2015-2922%2C+Low%29%0A%0ARed+Hat+would+like+to+thank+Nathan+Hoad+for+reporting+the+CVE-2014-9715+issue.%0A%0AThis+update+provides+a+build+of+the+kernel-rt+package+for+Red+Hat+Enterprise+MRG+2.5+that+is+layered+on+Red+Hat+Enterprise+Linux+6%2C+and+fixes+the+following+issues+%3A%0A%0A%2A+drbg%3A+Add+stdrng+alias+and+increase+priority%0A%0A%2A+seqiv+%2F+eseqiv+%2F+chainiv%3A+Move+IV+seeding+into+init+function%0A%0A%2A+ipv4%3A+kABI+fix+for+0bbf87d+backport%0A%0A%2A+ipv4%3A+Convert+ipv4.ip_local_port_range+to+be+per+netns%0A%0A%2A+libceph%3A+tcp_nodelay+support%0A%0A%2A+ipr%3A+Increase+default+adapter+init+stage+change+timeout%0A%0A%2A+fix+use-after-free+bug+in+usb_hcd_unlink_urb%28%29%0A%0A%2A+libceph%3A+fix+double+__remove_osd%28%29+problem%0A%0A%2A+ext4%3A+fix+data+corruption+caused+by+unwritten+and+delayed+extents%0A%0A%2A+sunrpc%3A+Add+missing+support+for+RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT%0A%0A%2A+nfs%3A+Fixing+lease+renewal+%28Benjamin+Coddington%29%0A%0A%2A+control+hard+lockup+detection+default%0A%0A%2A+Fix+print-once+on+enable%0A%0A%2A+watchdog%3A+update+watchdog_thresh+properly+and+watchdog+attributes+atomically%0A%0A%2A+module%3A+Call+module+notifier+on+failure+after+complete_formation%28%29%0A%0A%28BZ%231230403%29%0A%0AThis+update+also+fixes+the+following+bugs+%3A%0A%0A%2A+Non-standard+usage+of+the+functions+write_seqcount_%7Bbegin%2Cend%7D%28%29+were+used+in+NFSv4%2C+which+caused+the+realtime+code+to+try+to+sleep+while+locks+were+held+and+produced+the+%27scheduling+while+atomic%27+messages.+The+code+was+modified+to+use+the+functions%0A__write_seqcount_%7Bbegin%2Cend%7D%28%29+that+do+not+hold+any+locks+removing+the+message+and+allowing+correct+execution.+%28BZ%231225642%29%0A%0A%2A+Dracut+in+Red+Hat+Enterprise+Linux+6+has+a+dependency+on+a+module+called+scsi_wait_scan+that+no+longer+exists+on+3.x+kernels.+This+caused+the+system+to+display+misleading+messages+at+start-up+when+the+obsoleted+scsi_wait_scan+module+was+not+found.+To+address+this+issue%2C+MRG+Realtime+provides+a+dummy+scsi_wait_scan+module+so+that+the+requirements+for+the+initramfs+created+by+dracut+are+met+and+the+boot+messages+are+no+longer+displayed.+%28BZ%231230403%29%0A%0AAll+kernel-rt+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+correct+these+issues+and+add+these+enhancements.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top