kernel-2.6.32-504.16.2.el6
エラータID: AXSA:2015-134:04
Release date:
Thursday, May 14, 2015 - 18:13
Subject:
kernel-2.6.32-504.16.2.el6
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
Security issues fixed with this release:
CVE-2014-3215
CVE-2014-3690
CVE-2014-7825
CVE-2014-7826
CVE-2014-8171
CVE-2014-8884
CVE-2014-9529
CVE-2014-9584
CVE-2015-1421
This update also fixes several bugs.
Solution:
Update package.
CVEs:
CVE-2014-3215
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.
CVE-2014-3690
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
CVE-2014-7825
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.
CVE-2014-7826
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
CVE-2014-8171
The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.
The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.
CVE-2014-8884
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.
CVE-2014-9529
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.
CVE-2014-9584
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.
CVE-2015-1421
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.
Additional Info:
N/A
Download:
SRPMS
- kernel-2.6.32-504.16.2.el6.src.rpm
MD5: 0a990b6ba9044cdc063805acc0714a28
SHA-256: fdf339aaeb99beb9f308c135d95b1a2e4e229d29ef06b3bcf44f1f45494b8b6c
Size: 94.76 MB
Asianux Server 4 for x86
- kernel-2.6.32-504.16.2.el6.i686.rpm
MD5: 1efdfd7f4f72f0d422101b5d4792079f
SHA-256: 96fde443f394cb769588169790900e50e90558eee0097c4016aff7adaf681bd3
Size: 26.93 MB - kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm
MD5: 6813313b27216330503e843864acfbd3
SHA-256: 031b8445c629e6703d3567f4fa862847d5098e4434abfa1a70d5bc0b786d17f4
Size: 2.65 MB - kernel-debug-2.6.32-504.16.2.el6.i686.rpm
MD5: a71f291d3014ccfa7148f093e0a91486
SHA-256: ab6c432217a9452da92c07869cb2fdae40db0628c7b8f9dd98157b01bd844d08
Size: 27.53 MB - kernel-debug-devel-2.6.32-504.16.2.el6.i686.rpm
MD5: 4411cb27491561944fd4b925049f9573
SHA-256: 067768ea7306647dbac3cfd3812685c21f9fd4100cabc2703ff2dda98a854353
Size: 9.37 MB - kernel-devel-2.6.32-504.16.2.el6.i686.rpm
MD5: cfaaa9322f5d83538432868076842dd7
SHA-256: 7338dc7d6028f8dcbfa9b9838efd1815c141b26b324691e3021ea6ebe2236e88
Size: 9.33 MB - kernel-doc-2.6.32-504.16.2.el6.noarch.rpm
MD5: 498d2c5bf78530c297801aa3be61d9bc
SHA-256: 1afda73e9891f73c3867666b023794bc82a0b583430252a33197c22a099858a8
Size: 11.13 MB - kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm
MD5: 59b6b0c75a39bdb03f332c6a132c3ce4
SHA-256: 15024ab474d725c4b8a704dfc30d66549abaf7976101cd35bbb8506e47c54152
Size: 14.44 MB - kernel-headers-2.6.32-504.16.2.el6.i686.rpm
MD5: c75a7fcba79cc57223321cb56fab0b22
SHA-256: d97e0ce5a91d3351d81658b579ee1b02a31de6c67f83d7e69f514393b09389f9
Size: 3.35 MB - perf-2.6.32-504.16.2.el6.i686.rpm
MD5: 6a1dc6fa5950dcd63856307f2f11c564
SHA-256: 62f0128577763127402ca5015dd08b78a70e2642ca33f0582ad217d303e4db21
Size: 3.46 MB
Asianux Server 4 for x86_64
- kernel-2.6.32-504.16.2.el6.x86_64.rpm
MD5: e0862334a5196c2c297fecebe194fe05
SHA-256: 6a61f247d4148470f1aac5c6f2744b6266a9427121588d76729310850dea7ccf
Size: 29.11 MB - kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm
MD5: c10d9ed9b4f37aa746212959ecf7f0fa
SHA-256: 22e012518c7e34d54edc071b1a826426af6ddaa409e41203b266d9f894d38c7e
Size: 2.65 MB - kernel-debug-2.6.32-504.16.2.el6.x86_64.rpm
MD5: 849320643bd8ebe35cfcdd6867900ad9
SHA-256: 563cb02993074c0d2e8b98b228069e4c455cdf4e06e745bc7b1e86b6f9eba371
Size: 29.79 MB - kernel-debug-devel-2.6.32-504.16.2.el6.x86_64.rpm
MD5: fd798567ffd75e266494f99e76da7288
SHA-256: 74d01cfe6278b1865e225320493e53ad672f51266a8e2fad4e4e925cdc817e89
Size: 9.42 MB - kernel-devel-2.6.32-504.16.2.el6.x86_64.rpm
MD5: bb725aafa7f1b9ad72053fb759dc33b8
SHA-256: b8e32ec764591c10324d0328834a9f5be7de896ab253dc166b8111335bbc2404
Size: 9.38 MB - kernel-doc-2.6.32-504.16.2.el6.noarch.rpm
MD5: 47cd7864357dc687fdbde923c251e0d5
SHA-256: c4fd6dd1424f6fe70c0c681bd466f027e8d704a52dcfce4408eabf592eb309c7
Size: 11.13 MB - kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm
MD5: 91ba8536c37565b58cc27a8fc3acda1c
SHA-256: 962e30f0f1c726562473ce53a7e082b79915f74b4b6b5cbf2b6dc04920852e2b
Size: 14.44 MB - kernel-headers-2.6.32-504.16.2.el6.x86_64.rpm
MD5: 0c8e325868f7bf7885c1a70e67982ced
SHA-256: ca1cb46c72002584eb75524ddea98d142c4cd2c83024fc840c6199c921d60591
Size: 3.35 MB - perf-2.6.32-504.16.2.el6.x86_64.rpm
MD5: 6f6371c7a9d506aa5697e8f2c791d24f
SHA-256: 11c04d5b16c37c2d016ff8eb71c66877eba0fd61ab0acd608025e7106787cb32
Size: 3.42 MB