AXSA:2019-3892:03

Release date: 
Thursday, May 23, 2019 - 09:02
Subject: 
kernel-2.6.32-754.14.2.el6
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130)

* Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126)

* Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127)

* Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* aio O_DIRECT writes to non-page-aligned file locations on ext4 can result in the overlapped portion of the page containing zeros (BZ#1686170)

* Tolerate new s390x crypto hardware for migration (BZ#1695496)

CVE-2018-12126
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2018-12127
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2018-12130
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2019-11091
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. kernel-2.6.32-754.14.2.el6.src.rpm
    MD5: d8f859c49619047f33d80b5958ab386c
    SHA-256: 3e449bfb624d76043ef001e65f7df926c7e4398003262a083cb84ca20af3d5c2
    Size: 127.55 MB

Asianux Server 4 for x86
  1. kernel-2.6.32-754.14.2.el6.i686.rpm
    MD5: 180ae7f7af86c3340fb6617058e2f3f7
    SHA-256: 45b5108cf3bcb5b1bf7b53815605b24db9851efffcfc8b9025af8c169671f1b8
    Size: 30.09 MB
  2. kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm
    MD5: 59346602a606f27e5b7a2d83258b7f8f
    SHA-256: f40dbe27a8fc2a1741cab013b705524b9691159c552a689f651f377d8b76267b
    Size: 3.83 MB
  3. kernel-debug-2.6.32-754.14.2.el6.i686.rpm
    MD5: 4fa549dc39fa8df9e1af24cab747ce7f
    SHA-256: 4152676fbe1f16dd12715ff94a481bdc08ebf7172e5f5f19502501ae5344e946
    Size: 30.88 MB
  4. kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm
    MD5: 6b47e188bf3407d4045d95bd1c5bf0b2
    SHA-256: 8ad1abfa8707196fb4c292c70d73de4aa0d02ddc61d5a55f7a3ec15a918f5ad9
    Size: 10.82 MB
  5. kernel-devel-2.6.32-754.14.2.el6.i686.rpm
    MD5: d889c024f3747773f21530b59cfc2923
    SHA-256: 99a6a7acd3e19211f2bc9d96d4bef42dfbf7bd7c993fd909db1e8eba091e5a9d
    Size: 10.78 MB
  6. kernel-doc-2.6.32-754.14.2.el6.noarch.rpm
    MD5: 29547e9ccd0a51f9f5ea8bd1bb9c6ed4
    SHA-256: 573fc8fcc5be0a476598c921ca0013f417c499e3e78844c971b7659d5265023a
    Size: 12.42 MB
  7. kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
    MD5: 4c1616421133a2827afef9318a15427e
    SHA-256: fbe9098d18fc8cd8f7b568bd7e12d7fde77f1edfec477fa0603312fe3e2a294b
    Size: 28.90 MB
  8. kernel-headers-2.6.32-754.14.2.el6.i686.rpm
    MD5: b87d40070ffba37055dda5c2ea1c07da
    SHA-256: 781522624be81fcc5308946e5f0e49fb6c94ec4e89dea2b86fbcdbfbfb55ef1d
    Size: 4.56 MB
  9. perf-2.6.32-754.14.2.el6.i686.rpm
    MD5: 76b51fd1c14bda524785adbad5e06962
    SHA-256: aebcf80aebd8b65d675127270746846177b82b445be65d5c8c5f5e793ce27250
    Size: 4.78 MB

Asianux Server 4 for x86_64
  1. kernel-2.6.32-754.14.2.el6.x86_64.rpm
    MD5: 40689bab71c30a7a1719da80e924e6c0
    SHA-256: 09eba7ecfe574b97f852444fe2f28b94532668c088f1b84033f304657db363c4
    Size: 32.39 MB
  2. kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm
    MD5: d62a1eeba68021ba76a5ae03d47e4f1e
    SHA-256: 2c8bcda1ad3f7cfcc1a175f486d8af360de2bfe9a4715eb14c5466e3acf64819
    Size: 3.83 MB
  3. kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm
    MD5: 6243c925f17059b777a36002869b475e
    SHA-256: 8b0c97208c69df58512101bdfb4cbf0bfdfa1f66189370cbd6dcefe7c43f487b
    Size: 33.27 MB
  4. kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm
    MD5: 4833b9a89907fe1f29f8b5eea6c038e2
    SHA-256: 5ab7bd0eb795049db6c4776d00879d850112b8a4152585177693702816134df5
    Size: 10.87 MB
  5. kernel-devel-2.6.32-754.14.2.el6.x86_64.rpm
    MD5: 26832a9e91dd84caa877ab1dfd6ee665
    SHA-256: 83b1635144bab80345c7e0430808a1f31402e8240342a79a360670bf21cf1d88
    Size: 10.83 MB
  6. kernel-doc-2.6.32-754.14.2.el6.noarch.rpm
    MD5: b8ca7dd83ecdbd499fbc6f46df29099c
    SHA-256: 44e40b7f5d11955a983ed3e8f97088186011386ea7076a8da44744a88699db70
    Size: 12.42 MB
  7. kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
    MD5: 82753e6bd45460c4fe8a239e8a7ba91c
    SHA-256: 1383ab23e21d5b17d512fbdd70f4dcc33ef987f132a626d094a75ce9c9727c09
    Size: 28.90 MB
  8. kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm
    MD5: bf7c33de2c1ec5c607e65ab5ab8ba53b
    SHA-256: 94773a68db72d894a339d8630c3dac997487cf66a63b27e8d0da3fe1f5ef6b4f
    Size: 4.55 MB
  9. perf-2.6.32-754.14.2.el6.x86_64.rpm
    MD5: f761c3f68e3fb1ffb94c7cf14779d211
    SHA-256: ada7bef00d59de57cd6a98db8751dc1eeec3ecdfd4cefc5b1e826caa5013e9aa
    Size: 4.76 MB
Copyright© 2007-2015 Asianux. All rights reserved.