First published: Tue Mar 17 2015(Updated: )
The kernel-rt packages contain the Linux kernel, the core of any Linux<br>operating system.<br><li> A flaw was found in the way the Linux kernel's XFS file system handled</li> replacing of remote attributes under certain conditions. A local user with<br>access to XFS file system mount could potentially use this flaw to escalate<br>their privileges on the system. (CVE-2015-0274, Important)<br><li> A flaw was found in the way the Linux kernel's splice() system call</li> validated its parameters. On certain file systems, a local, unprivileged<br>user could use this flaw to write past the maximum file size, and thus<br>crash the system. (CVE-2014-7822, Moderate)<br><li> A race condition flaw was found in the Linux kernel's ext4 file system</li> implementation that allowed a local, unprivileged user to crash the system<br>by simultaneously writing to a file and toggling the O_DIRECT flag using<br>fcntl(F_SETFL) on that file. (CVE-2014-8086, Moderate)<br><li> It was found that due to excessive files_lock locking, a soft lockup</li> could be triggered in the Linux kernel when performing asynchronous I/O<br>operations. A local, unprivileged user could use this flaw to crash the<br>system. (CVE-2014-8172, Moderate)<br><li> A NULL pointer dereference flaw was found in the way the Linux kernel's</li> madvise MADV_WILLNEED functionality handled page table locking. A local,<br>unprivileged user could use this flaw to crash the system. (CVE-2014-8173,<br>Moderate)<br>Red Hat would like to thank Eric Windisch of the Docker project for<br>reporting CVE-2015-0274, and Akira Fujita of NEC for reporting<br>CVE-2014-7822.<br>Bug fixes:<br><li> A patch removing the xt_connlimit revision zero ABI was not reverted in</li> the kernel-rt package, which caused problems because the iptables package<br>requires this revision. A patch to remove the xt_connlimit revision 0 was<br>reverted from the kernel-rt sources to allow the iptables command to<br>execute correctly. (BZ#1169755)<br><li> With an older Mellanox Connect-IB (mlx4) driver present in the MRG</li> Realtime kernel, a race condition could occur that would cause a loss of<br>connection. The mlx4 driver was updated, resolving the race condition and<br>allowing proper connectivity. (BZ#1182246)<br><li> The MRG Realtime kernel did not contain the appropriate code to resume</li> after a device failed, causing the volume status after a repair to not be<br>properly updated. A "refresh needed" was still listed in the "lvs" output<br>after executing the "lvchange --refresh" command. A patch was added that<br>adds the ability to correctly restore a transiently failed device upon<br>resume. (BZ#1159803)<br><li> The sosreport executable would hang when reading</li> /proc/net/rpc/use-gss-proxy because of faulty wait_queue logic in the proc<br>handler. This wait_queue logic was removed from the proc handler, allowing<br>the reads to correctly return the current state. (BZ#1169900)<br>Enhancements:<br><li> The MRG Realtime kernel-rt sources have been modified to take advantage</li> of the updated 3.10 kernel sources that are available with the Red Hat<br>Enterprise Linux 7 releases. (BZ#1172844)<br><li> The MRG Realtime version of the e1000e driver has been updated to provide</li> support for the Intel I218-LM network adapter. (BZ#1191767)<br><li> The MRG Realtime kernel was updated to provide support for the</li> Mellanox Connect-IB (mlx5). (BZ#1171363)<br><li> The rt-firmware package has been updated to provide additional firmware</li> files required by the new version of the Red Hat Enterprise MRG 2.5 kernel<br>(BZ#1184251)<br>All kernel-rt users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues and add these<br>enhancements. The system must be rebooted for this update to take effect.<br>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-debug | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-debug-debuginfo | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-debug-devel | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-debuginfo | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-devel | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-doc | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-firmware | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-trace | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-trace-debuginfo | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-trace-devel | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-vanilla | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-vanilla-debuginfo | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
redhat/kernel-rt-vanilla-devel | <3.10.0-229.rt56.144.el6 | 3.10.0-229.rt56.144.el6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.