7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
61.5%
CentOS Errata and Security Advisory CESA-2016:1539
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
These updated kernel packages include several security issues and numerous
bug fixes, some of which you can see below. Space precludes documenting
all of these bug fixes in this advisory. To see the complete list of bug
fixes, users are directed to the related Knowledge Article:
https://access.redhat.com/articles/2460971.
Security Fix(es):
A flaw was found in the Linux kernel’s keyring handling code, where in
key_reject_and_link() an uninitialised variable would eventually lead to
arbitrary free address which could allow attacker to use a use-after-free
style attack. (CVE-2016-4470, Important)
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel
through 4.3.3 attempts to merge distinct setattr operations, which allows
local users to bypass intended access restrictions and modify the
attributes of arbitrary overlay files via a crafted application.
(CVE-2015-8660, Moderate)
It was reported that on s390x, the fork of a process with four page table
levels will cause memory corruption with a variety of symptoms. All
processes are created with three level page table and a limit of 4TB for
the address space. If the parent process has four page table levels with a
limit of 8PB, the function that duplicates the address space will try to
copy memory areas outside of the address space limit for the child process.
(CVE-2016-2143, Moderate)
Red Hat would like to thank Nathan Williams for reporting CVE-2015-8660.
The CVE-2016-4470 issue was discovered by David Howells (Red Hat Inc.).
Bug Fix(es):
The glibc headers and the Linux headers share certain definitions of
key structures that are required to be defined in kernel and in userspace.
In some instances both userspace and sanitized kernel headers have to be
included in order to get the structure definitions required by the user
program. Unfortunately because the glibc and Linux headers don’t
coordinate this can result in compilation errors. The glibc headers have
therefore been fixed to coordinate with Linux UAPI-based headers. With
the header coordination compilation errors no longer occur. (BZ#1331285)
When running the TCP/IPv6 traffic over the mlx4_en networking interface
on the big endian architectures, call traces reporting about a “hw csum
failure” could occur. With this update, the mlx4_en driver has been fixed
by correction of the checksum calculation for the big endian
architectures. As a result, the call trace error no longer appears
in the log messages. (BZ#1337431)
Under significant load, some applications such as logshifter could
generate bursts of log messages too large for the system logger to spool.
Due to a race condition, log messages from that application could then be
lost even after the log volume dropped to manageable levels. This update
fixes the kernel mechanism used to notify the transmitter end of the
socket used by the system logger that more space is available on the
receiver side, removing a race condition which previously caused the
sender to stop transmitting new messages and allowing all log messages
to be processed correctly. (BZ#1337513)
Previously, after heavy open or close of the Accelerator Function Unit
(AFU) contexts, the interrupt packet went out and the AFU context did not
see any interrupts. Consequently, a kernel panic could occur. The provided
patch set fixes handling of the interrupt requests, and kernel panic no
longer occurs in the described situation. (BZ#1338886)
net: recvfrom would fail on short buffer. (BZ#1339115)
Backport rhashtable changes from upstream. (BZ#1343639)
Server Crashing after starting Glusterd & creating volumes. (BZ#1344234)
RAID5 reshape deadlock fix. (BZ#1344313)
BDX perf uncore support fix. (BZ#1347374)
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-August/084187.html
Affected packages:
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-tools
kernel-tools-libs
kernel-tools-libs-devel
perf
python-perf
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:1539
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | x86_64 | kernel | < 3.10.0-327.28.2.el7 | kernel-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | noarch | kernel-abi-whitelists | < 3.10.0-327.28.2.el7 | kernel-abi-whitelists-3.10.0-327.28.2.el7.noarch.rpm |
CentOS | 7 | x86_64 | kernel-debug | < 3.10.0-327.28.2.el7 | kernel-debug-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-debug-devel | < 3.10.0-327.28.2.el7 | kernel-debug-devel-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-devel | < 3.10.0-327.28.2.el7 | kernel-devel-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | noarch | kernel-doc | < 3.10.0-327.28.2.el7 | kernel-doc-3.10.0-327.28.2.el7.noarch.rpm |
CentOS | 7 | x86_64 | kernel-headers | < 3.10.0-327.28.2.el7 | kernel-headers-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools | < 3.10.0-327.28.2.el7 | kernel-tools-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools-libs | < 3.10.0-327.28.2.el7 | kernel-tools-libs-3.10.0-327.28.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools-libs-devel | < 3.10.0-327.28.2.el7 | kernel-tools-libs-devel-3.10.0-327.28.2.el7.x86_64.rpm |
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
61.5%