RHSA-2015:1137: Important: kernel security and bug fix update

First published: Tue Jun 23 2015(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br><li> It was found that the Linux kernel's implementation of vectored pipe read</li> and write functionality did not take into account the I/O vectors that were<br>already processed when retrying after a failed atomic access operation,<br>potentially resulting in memory corruption due to an I/O vector array<br>overrun. A local, unprivileged user could use this flaw to crash the system<br>or, potentially, escalate their privileges on the system. (CVE-2015-1805,<br>Important)<br><li> A race condition flaw was found in the way the Linux kernel keys</li> management subsystem performed key garbage collection. A local attacker<br>could attempt accessing a key while it was being garbage collected, which<br>would cause the system to crash. (CVE-2014-9529, Moderate)<br><li> A flaw was found in the way the Linux kernel's 32-bit emulation</li> implementation handled forking or closing of a task with an 'int80' entry.<br>A local user could potentially use this flaw to escalate their privileges<br>on the system. (CVE-2015-2830, Low)<br><li> It was found that the Linux kernel's ISO file system implementation did</li> not correctly limit the traversal of Rock Ridge extension Continuation<br>Entries (CE). An attacker with physical access to the system could use this<br>flaw to trigger an infinite loop in the kernel, resulting in a denial of<br>service. (CVE-2014-9420, Low)<br><li> An information leak flaw was found in the way the Linux kernel's ISO9660</li> file system implementation accessed data on an ISO9660 image with RockRidge<br>Extension Reference (ER) records. An attacker with physical access to the<br>system could use this flaw to disclose up to 255 bytes of kernel memory.<br>(CVE-2014-9584, Low)<br><li> A flaw was found in the way the nft_flush_table() function of the Linux</li> kernel's netfilter tables implementation flushed rules that were<br>referencing deleted chains. A local user who has the CAP_NET_ADMIN<br>capability could use this flaw to crash the system. (CVE-2015-1573, Low)<br><li> An integer overflow flaw was found in the way the Linux kernel randomized</li> the stack for processes on certain 64-bit architecture systems, such as<br>x86-64, causing the stack entropy to be reduced by four. (CVE-2015-1593,<br>Low)<br>Red Hat would like to thank Carl Henrik Lunde for reporting CVE-2014-9420<br>and CVE-2014-9584. The security impact of the CVE-2015-1805 issue was<br>discovered by Red Hat.<br>This update also fixes several bugs. Documentation for these changes is<br>available from the following Knowledgebase article:<br><a href="https://access.redhat.com/articles/1469163" target="_blank">https://access.redhat.com/articles/1469163</a> All kernel users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues. The system must be<br>rebooted for this update to take effect.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2015:1137
• agent/weakness
• agent/severity
• agent/title
• agent/references
• agent/tags
• agent/type
• agent/description
• agent/event
• agent/first-publish-date
• agent/softwarecombine
• agent/last-modified-date
• agent/remedy
• package-manager/redhat