rhsa-2015_1643
Vulnerability from csaf_redhat
Published
2015-08-18 18:38
Modified
2024-09-13 10:37
Summary
Red Hat Security Advisory: kernel security and bug fix update
Notes
Topic
Updated kernel packages that fix one security issue and two bugs are now
available for Red Hat Enterprise Linux 6.4 Advanced Update Support.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
* It was found that the Linux kernel's ping socket implementation did not
properly handle socket unhashing during spurious disconnects, which could
lead to a use-after-free flaw. On x86-64 architecture systems, a local user
able to create ping sockets could use this flaw to crash the system.
On non-x86-64 architecture systems, a local user able to create ping
sockets could use this flaw to escalate their privileges on the system.
(CVE-2015-3636, Moderate)
This update also fixes the following bugs:
* Due to bad memory or memory corruption, an isolated BUG_ON(mm->nr_ptes)
was sometimes reported, indicating that not all the page tables allocated
could be found and freed when the exit_mmap() function cleared the user
address space. As a consequence, a kernel panic occurred. To fix this bug,
the BUG_ON() function has been replaced by WARN_ON(), which prevents the
kernel from panicking in the aforementioned situation. (BZ#1235929)
* Previously, it was for the ext4 driver to read a metadata block and use
it without a verification. If the metadata block was corrupted, a kernel
panic could occur. With this update, verification is forced on every buffer
before it is used, which uncovers possible corruption and prevents further
use of the corrupted metadata buffer. (BZ#1242930)
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel packages that fix one security issue and two bugs are now\navailable for Red Hat Enterprise Linux 6.4 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* It was found that the Linux kernel\u0027s ping socket implementation did not\nproperly handle socket unhashing during spurious disconnects, which could\nlead to a use-after-free flaw. On x86-64 architecture systems, a local user\nable to create ping sockets could use this flaw to crash the system.\nOn non-x86-64 architecture systems, a local user able to create ping\nsockets could use this flaw to escalate their privileges on the system.\n(CVE-2015-3636, Moderate)\n\nThis update also fixes the following bugs:\n\n* Due to bad memory or memory corruption, an isolated BUG_ON(mm-\u003enr_ptes)\nwas sometimes reported, indicating that not all the page tables allocated\ncould be found and freed when the exit_mmap() function cleared the user\naddress space. As a consequence, a kernel panic occurred. To fix this bug,\nthe BUG_ON() function has been replaced by WARN_ON(), which prevents the\nkernel from panicking in the aforementioned situation. (BZ#1235929)\n\n* Previously, it was for the ext4 driver to read a metadata block and use\nit without a verification. If the metadata block was corrupted, a kernel\npanic could occur. With this update, verification is forced on every buffer\nbefore it is used, which uncovers possible corruption and prevents further\nuse of the corrupted metadata buffer. (BZ#1242930)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1643",
"url": "https://access.redhat.com/errata/RHSA-2015:1643"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1218074",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2015/rhsa-2015_1643.json"
}
],
"title": "Red Hat Security Advisory: kernel security and bug fix update",
"tracking": {
"current_release_date": "2024-09-13T10:37:21+00:00",
"generator": {
"date": "2024-09-13T10:37:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2015:1643",
"initial_release_date": "2015-08-18T18:38:21+00:00",
"revision_history": [
{
"date": "2015-08-18T18:38:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-18T18:38:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T10:37:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:6.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:6.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "perf-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "perf-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-358.65.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:2.6.32-358.65.1.el6.x86_64",
"product": {
"name": "python-perf-0:2.6.32-358.65.1.el6.x86_64",
"product_id": "python-perf-0:2.6.32-358.65.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@2.6.32-358.65.1.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"product": {
"name": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"product_id": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-firmware@2.6.32-358.65.1.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"product": {
"name": "kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"product_id": "kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.6.32-358.65.1.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.32-358.65.1.el6.src",
"product": {
"name": "kernel-0:2.6.32-358.65.1.el6.src",
"product_id": "kernel-0:2.6.32-358.65.1.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-358.65.1.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.65.1.el6.src as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src"
},
"product_reference": "kernel-0:2.6.32-358.65.1.el6.src",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-358.65.1.el6.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.65.1.el6.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src"
},
"product_reference": "kernel-0:2.6.32-358.65.1.el6.src",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-358.65.1.el6.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3636",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2015-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1218074"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Linux kernel\u0027s ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ping sockets: use-after-free leading to local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5. This issue does affect the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for the respective releases will address this issue.\n\nPlease note that on x86-64 architecture systems the impact is limited to local Denial of Service and that the ping sockets functionality is disabled by default (net.ipv4.ping_group_range sysctl is \"1\t0\").",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3636"
},
{
"category": "external",
"summary": "RHBZ#1218074",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218074"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3636"
}
],
"release_date": "2015-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1643"
},
{
"category": "workaround",
"details": "You can check whether ping socket functionality is enabled by examining the net.ipv4.ping_group_range sysctl value:\n\n~]# sysctl net.ipv4.ping_group_range\nnet.ipv4.ping_group_range = 1\t0\n\n\"1 0\" is the default value and disables the ping socket functionality even for root user. Any other value means that the ping socket functionality might be enabled for certain users on the system.\n\nTo mitigate this vulnerability make sure that you either allow the functionality to trusted local users (groups) only or set the net.ipv4.ping_group_range sysctl to the default and disabled state:\n\n~]# sysctl net.ipv4.ping_group_range=\"1 0\"\n\nPlease note that this might prevent some programs relying on this functionality from functioning properly.",
"product_ids": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.65.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.65.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.65.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ping sockets: use-after-free leading to local privilege escalation"
}
]
}
Loading...