kernel-3.10.0-229.7.2.el7
エラータID: AXSA:2015-216:01
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
Security issues fixed with this release:
CVE-2014-9420
The rock_continue function in fs/isofs/rock.c in the Linux kernel
through 3.18.1 does not restrict the number of Rock Ridge continuation
entries, which allows local users to cause a denial of service
(infinite loop, and system crash or hang) via a crafted iso9660 image.
CVE-2014-9529
Race condition in the key_gc_unused_keys function in
security/keys/gc.c in the Linux kernel through 3.18.2 allows local
users to cause a denial of service (memory corruption or panic) or
possibly have unspecified other impact via keyctl commands that
trigger access to a key structure member during garbage collection of
a key.
CVE-2014-9584
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the
Linux kernel before 3.18.2 does not validate a length value in the
Extensions Reference (ER) System Use Field, which allows local users
to obtain sensitive information from kernel memory via a crafted
iso9660 image.
CVE-2015-1573
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-1593
The stack randomization feature in the Linux kernel before 3.19.1 on
64-bit platforms uses incorrect data types for the results of bitwise
left-shift operations, which makes it easier for attackers to bypass
the ASLR protection mechanism by predicting the address of the top of
the stack, related to the randomize_stack_top function in
fs/binfmt_elf.c and the stack_maxrandom_size function in
arch/x86/mm/mmap.c.
CVE-2015-1805
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-2830
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not
prevent the TS_COMPAT flag from reaching a user-mode task, which might
allow local users to bypass the seccomp or audit protection mechanism
via a crafted application that uses the (1) fork or (2) close system
call, as demonstrated by an attack against seccomp before 3.16.
Version-Release number of selected component (if applicable):
Update packages.
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image.
The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability.
The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrated by an attack against seccomp before 3.16.
N/A
SRPMS
- kernel-3.10.0-229.7.2.el7.src.rpm
MD5: bccaf1672f1a2f4ffed612d05aff40ce
SHA-256: 53548947c054275337c6f197cbbdaa6d3394fdd798aa22dedfdd656344360924
Size: 76.43 MB
Asianux Server 7 for x86_64
- kernel-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 3e26345134c9703d1b2d7cc95df29714
SHA-256: a8749adb06bf89c5ed0e7175a307e5ed534080a59bda5661fb565bb1e972b771
Size: 30.91 MB - kernel-abi-whitelists-3.10.0-229.7.2.el7.noarch.rpm
MD5: 885a86bf5e89e0783c8737b8a71660d5
SHA-256: a8a3ed2df3ccbf0c847fa217b932f822c8bad43228c23bdf3aedf13a898c4a5f
Size: 1.44 MB - kernel-debug-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 760fa09f972a486e8c96819dc76414bb
SHA-256: 186ac726f61d1364d8a16e0121afd2fe8f7900114e3be58376854020ec20709a
Size: 32.46 MB - kernel-debug-devel-3.10.0-229.7.2.el7.x86_64.rpm
MD5: d02d0b18a2ab88e1a9838898a924ab54
SHA-256: 6601dbf65084a199e71d65fa19a753930b814a9e8b45c764785c799b6ff528cb
Size: 9.95 MB - kernel-devel-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 4b03a3bf506c135922c6a84392dca00f
SHA-256: cc28958d74c339441ef04a0a623d29768f73c748922c60bd18bacef83417a408
Size: 9.89 MB - kernel-doc-3.10.0-229.7.2.el7.noarch.rpm
MD5: 997c16da2777054c81fbe87f96aac5d4
SHA-256: 02bcfc047b6773a024a1d4af5a742b1a13a1a40a2267a751d9bc37e38b73dd91
Size: 12.57 MB - kernel-headers-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 245071a9dfba7c606ccfb1da0e1035ea
SHA-256: 406e06db0bdee34c1b3cb56e3b17cf4509bda0b4255675d2cda7c12c025608ef
Size: 2.28 MB - kernel-tools-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 383224eac686cb81a64d43d6fa28bea5
SHA-256: f5919ae8b8c17bf427a6e87e2b12c2d7faaf94602475e6c17b0176c9deb3d2f9
Size: 1.51 MB - kernel-tools-libs-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 3330fa8e8f7173018ac2ce6fdcb78aee
SHA-256: 42329dfb6bf2e7c021c7b2b32c44f62c8e0829de4d892571608950571f4a9abb
Size: 1.44 MB - perf-3.10.0-229.7.2.el7.x86_64.rpm
MD5: 2703ff6ba49a16496fd465d7b3e1a898
SHA-256: 81ae19a41a7b852a963d285da4f87ddf62bf3135fc0e9966a8776c32d8acc15c
Size: 2.37 MB