RedHatRHSA-2012:1064(RHSA-2012:1064) Important: kernel security and bug fix update
EPSS
Percentile
92.4%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
-
A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm()
function in the Linux kernelβs netfilter IPv6 connection tracking
implementation. A remote attacker could use this flaw to send
specially-crafted packets to a target system that is using IPv6 and also
has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
(CVE-2012-2744, Important) -
A flaw was found in the way the Linux kernelβs key management facility
handled replacement session keyrings on process forks. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2012-2745, Moderate)
Red Hat would like to thank an anonymous contributor working with the
Beyond Security SecuriTeam Secure Disclosure program for reporting
CVE-2012-2744.
This update also fixes the following bugs:
-
Previously introduced firmware files required for new Realtek chipsets
contained an invalid prefix (βrtl_nic_β) in the file names, for example
β/lib/firmware/rtl_nic/rtl_nic_rtl8168d-1.fwβ. This update corrects these
file names. For example, the aforementioned file is now correctly named
β/lib/firmware/rtl_nic/rtl8168d-1.fwβ. (BZ#832359) -
This update blacklists the ADMA428M revision of the 2GB ATA Flash Disk
device. This is due to data corruption occurring on the said device when
the Ultra-DMA 66 transfer mode is used. When the
βlibata.force=5:pio0,6:pio0β kernel parameter is set, the aforementioned
device works as expected. (BZ#832363) -
On Red Hat Enterprise Linux 6, mounting an NFS export from a Windows 2012
server failed due to the fact that the Windows server contains support for
the minor version 1 (v4.1) of the NFS version 4 protocol only, along with
support for versions 2 and 3. The lack of the minor version 0 (v4.0)
support caused Red Hat Enterprise Linux 6 clients to fail instead of
rolling back to version 3 as expected. This update fixes this bug and
mounting an NFS export works as expected. (BZ#832365) -
On ext4 file systems, when fallocate() failed to allocate blocks due to
the ENOSPC condition (no space left on device) for a file larger than 4 GB,
the size of the file became corrupted and, consequently, caused file system
corruption. This was due to a missing cast operator in the
βext4_fallocate()β function. With this update, the underlying source code
has been modified to address this issue, and file system corruption no
longer occurs. (BZ#833034)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | perf-debuginfo | <Β 2.6.32-279.1.1.el6 | perf-debuginfo-2.6.32-279.1.1.el6.i686.rpm |
| RedHat | 6 | s390x | kernel-headers | <Β 2.6.32-279.1.1.el6 | kernel-headers-2.6.32-279.1.1.el6.s390x.rpm |
| RedHat | 6 | i686 | kernel-debug-debuginfo | <Β 2.6.32-279.1.1.el6 | kernel-debug-debuginfo-2.6.32-279.1.1.el6.i686.rpm |
| RedHat | 6 | x86_64 | kernel-devel | <Β 2.6.32-279.1.1.el6 | kernel-devel-2.6.32-279.1.1.el6.x86_64.rpm |
| RedHat | 6 | s390x | kernel-kdump | <Β 2.6.32-279.1.1.el6 | kernel-kdump-2.6.32-279.1.1.el6.s390x.rpm |
| RedHat | 6 | s390x | python-perf | <Β 2.6.32-279.1.1.el6 | python-perf-2.6.32-279.1.1.el6.s390x.rpm |
| RedHat | 6 | ppc64 | perf-debuginfo | <Β 2.6.32-279.1.1.el6 | perf-debuginfo-2.6.32-279.1.1.el6.ppc64.rpm |
| RedHat | 6 | s390x | kernel-kdump-devel | <Β 2.6.32-279.1.1.el6 | kernel-kdump-devel-2.6.32-279.1.1.el6.s390x.rpm |
| RedHat | 6 | ppc64 | kernel-debuginfo | <Β 2.6.32-279.1.1.el6 | kernel-debuginfo-2.6.32-279.1.1.el6.ppc64.rpm |
| RedHat | 6 | ppc64 | python-perf-debuginfo | <Β 2.6.32-279.1.1.el6 | python-perf-debuginfo-2.6.32-279.1.1.el6.ppc64.rpm |
Related
