 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 15 Jul 2015 21:48:51 +0000 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: kernel security, bug fix, and enhancement update
Advisory ID: SLSA-2015:1221-1
Issue Date: 2015-07-14
CVE Numbers: CVE-2015-1593
CVE-2015-2830
CVE-2011-5321
CVE-2015-2922
CVE-2015-3636
--
* A NULL pointer dereference flaw was found in the way the Linux kernel's
virtual console implementation handled reference counting when accessing
pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker
could use this flaw to crash the system. (CVE-2011-5321, Moderate)
* It was found that the Linux kernel's ping socket implementation did not
properly handle socket unhashing during spurious disconnects, which could
lead to a use-after-free flaw. On x86-64 architecture systems, a local
user able to create ping sockets could use this flaw to crash the system.
On non-x86-64 architecture systems, a local user able to create ping
sockets could use this flaw to escalate their privileges on the system.
(CVE-2015-3636, Moderate)
* An integer overflow flaw was found in the way the Linux kernel
randomized the stack for processes on certain 64-bit architecture systems,
such as x86-64, causing the stack entropy to be reduced by four.
(CVE-2015-1593, Low)
* A flaw was found in the way the Linux kernel's 32-bit emulation
implementation handled forking or closing of a task with an 'int80' entry.
A local user could potentially use this flaw to escalate their privileges
on the system. (CVE-2015-2830, Low)
* It was found that the Linux kernel's TCP/IP protocol suite
implementation for IPv6 allowed the Hop Limit value to be set to a smaller
value than the default one. An attacker on a local network could use this
flaw to prevent systems on that network from sending or receiving network
packets. (CVE-2015-2922, Low)
For information on the most significant of these changes, users are
directed to the following article on the Red Hat Customer Portal:
The system must be rebooted for this update to take effect.
--
SL6
x86_64
kernel-2.6.32-504.30.3.el6.x86_64.rpm
kernel-debug-2.6.32-504.30.3.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-504.30.3.el6.x86_64.rpm
kernel-debug-devel-2.6.32-504.30.3.el6.x86_64.rpm
kernel-debuginfo-2.6.32-504.30.3.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-504.30.3.el6.x86_64.rpm
kernel-devel-2.6.32-504.30.3.el6.x86_64.rpm
kernel-headers-2.6.32-504.30.3.el6.x86_64.rpm
perf-2.6.32-504.30.3.el6.x86_64.rpm
perf-debuginfo-2.6.32-504.30.3.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-504.30.3.el6.x86_64.rpm
python-perf-2.6.32-504.30.3.el6.x86_64.rpm
i386
kernel-2.6.32-504.30.3.el6.i686.rpm
kernel-debug-2.6.32-504.30.3.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-504.30.3.el6.i686.rpm
kernel-debug-devel-2.6.32-504.30.3.el6.i686.rpm
kernel-debuginfo-2.6.32-504.30.3.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-504.30.3.el6.i686.rpm
kernel-devel-2.6.32-504.30.3.el6.i686.rpm
kernel-headers-2.6.32-504.30.3.el6.i686.rpm
perf-2.6.32-504.30.3.el6.i686.rpm
perf-debuginfo-2.6.32-504.30.3.el6.i686.rpm
python-perf-debuginfo-2.6.32-504.30.3.el6.i686.rpm
python-perf-2.6.32-504.30.3.el6.i686.rpm
noarch
kernel-abi-whitelists-2.6.32-504.30.3.el6.noarch.rpm
kernel-doc-2.6.32-504.30.3.el6.noarch.rpm
kernel-firmware-2.6.32-504.30.3.el6.noarch.rpm
Included for dependencies:
noarch
dracut-004-356.el6_6.3.noarch.rpm
dracut-caps-004-356.el6_6.3.noarch.rpm
dracut-fips-004-356.el6_6.3.noarch.rpm
dracut-fips-aesni-004-356.el6_6.3.noarch.rpm
dracut-generic-004-356.el6_6.3.noarch.rpm
dracut-kernel-004-356.el6_6.3.noarch.rpm
dracut-network-004-356.el6_6.3.noarch.rpm
dracut-tools-004-356.el6_6.3.noarch.rpm
- Scientific Linux Development Team
|
|
|
