RHSA-2015:0783: Important: kernel security and bug fix update

First published: Tue Apr 07 2015(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br><li> It was found that the Linux kernel's Infiniband subsystem did not</li> properly sanitize input parameters while registering memory regions from<br>user space via the (u)verbs API. A local user with access to a<br>/dev/infiniband/uverbsX device could use this flaw to crash the system or,<br>potentially, escalate their privileges on the system. (CVE-2014-8159,<br>Important)<br><li> An insufficient bound checking flaw was found in the Xen hypervisor's</li> implementation of acceleration support for the "REP MOVS" instructions.<br>A privileged HVM guest user could potentially use this flaw to crash the<br>host. (CVE-2014-8867, Important)<br>Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and the<br>Xen project for reporting CVE-2014-8867.<br>This update also fixes the following bugs:<br><li> Under memory pressure, cached data was previously flushed to the backing</li> server using the PID of the thread responsible for flushing the data in the<br>Server Message Block (SMB) headers instead of the PID of the thread which<br>actually wrote the data. As a consequence, when a file was locked by the<br>writing thread prior to writing, the server considered writes by the thread<br>flushing the pagecache as being a separate process from writing to a locked<br>file, and thus rejected the writes. In addition, the data to be written was<br>discarded. This update ensures that the correct PID is sent to the server,<br>and data corruption is avoided when data is being written from a client<br>under memory pressure. (BZ#1169304)<br><li> This update adds support for new cryptographic hardware in toleration</li> mode for IBM System z. (BZ#1182522)<br>All kernel users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues. The system must be<br>rebooted for this update to take effect.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• collector/redhat-errata
• anchor-id/RHSA-2015:0783
• package-manager/redhat