kernel-3.10.0-229.14.1.el7
エラータID: AXSA:2015-504:03
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
Security issues fixed with this release:
CVE-2014-9585
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel
through 3.18.2 does not properly choose memory locations for the vDSO
area, which makes it easier for local users to bypass the ASLR
protection mechanism by guessing a location at the end of a PMD.
CVE-2015-0275
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-1333
Memory leak in the __key_link_end function in security/keys/keyring.c
in the Linux kernel before 4.1.4 allows local users to cause a denial
of service (memory consumption) via many add_key system calls that
refer to existing keys.
CVE-2015-3212
Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2
allows local users to cause a denial of service (list corruption and
panic) via a rapid series of system calls related to sockets, as
demonstrated by setsockopt calls.
CVE-2015-4700
The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the
Linux kernel before 4.0.6 allows local users to cause a denial of
service (system crash) by creating a packet filter and then loading
crafted BPF instructions that trigger late convergence by the JIT
compiler.
CVE-2015-5364
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux
kernel before 4.0.6 do not properly consider yielding a processor,
which allows remote attackers to cause a denial of service (system
hang) via incorrect checksums within a UDP packet flood.
CVE-2015-5366
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux
kernel before 4.0.6 provide inappropriate -EAGAIN return values, which
allows remote attackers to cause a denial of service (EPOLLET epoll
application read outage) via an incorrect checksum in a UDP packet, a
different vulnerability than CVE-2015-5364.
Fixed bugs:
Update packages.
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys.
Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls.
The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler.
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.
The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.
N/A
SRPMS
- kernel-3.10.0-229.14.1.el7.src.rpm
MD5: 33108810de131de8c39649ef90c6a75b
SHA-256: bd57fc4edb30e1b20d1932843c48285bfded95dc08a10547dbc9de337b852d09
Size: 76.44 MB
Asianux Server 7 for x86_64
- kernel-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 402f13320bf2906a1d69cb0a623ba8f0
SHA-256: 5fc88c48a555a41ad797b15285697028b2a5fd2ee82e94d1b1c5c6f6a084fdd8
Size: 30.92 MB - kernel-abi-whitelists-3.10.0-229.14.1.el7.noarch.rpm
MD5: 2f066dffe4194c1149bcb99ae95b6152
SHA-256: d7ef7224b490b1c28af9b85428d877e2129db1a402b189b84c0ad0de86d47e1f
Size: 1.44 MB - kernel-debug-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 3dbf334eb349b8e560b1041d193fe0f4
SHA-256: 4f32cb84be882430ffdeed58b96463acd444fe1758d201f764c853db2cec7374
Size: 32.47 MB - kernel-debug-devel-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 22966a33357b19560e8eba939b9a028a
SHA-256: a3903047a8ed32246bdd4d7d5ddee074c6921e7a6f632a078e1104d191bfa745
Size: 9.95 MB - kernel-devel-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 4c11f7975feacc461bc57786f2fd77c4
SHA-256: a251896afc973a34cec534c0a3001c1f3179bfc91771e7211d94e77c45b05526
Size: 9.90 MB - kernel-doc-3.10.0-229.14.1.el7.noarch.rpm
MD5: fd731e9ce56231ed467b3c689da86be5
SHA-256: 1a15cc7415f6934cd8f0ea8ba8fd9a92c672728a6ff2efe169c235d2703d771c
Size: 12.56 MB - kernel-headers-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 530a3878cddc744e19ba76c8fe7743eb
SHA-256: 7a5a39e979f7d84c9cf41a11d99635afa38906bef91a7ba1163b8118eee9843a
Size: 2.29 MB - kernel-tools-3.10.0-229.14.1.el7.x86_64.rpm
MD5: abe335b111c061fa739a7a7afda6d15a
SHA-256: e05085b0c6b06086f4bc41c90753d33c72096ecfde1e3c7cb0985f11f99297d3
Size: 1.52 MB - kernel-tools-libs-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 644641ca01637da4fff0ec1577c95379
SHA-256: d781e3c8f39d30c2048474d4afcd122f205eff2a1011f168c811504303c392ee
Size: 1.44 MB - perf-3.10.0-229.14.1.el7.x86_64.rpm
MD5: 19a62b3b19c23bf18c9930d655ed0d00
SHA-256: f81edf4c6a6a3476ceec147d6d66f0759a1dcc148eaa9ac28eeb1b6ed59e7b2a
Size: 2.37 MB
日本語