kernel-2.6.32-642.13.1.el6
エラータID: AXSA:2017-1275:01
リリース日:
2017/01/24 Tuesday - 17:23
題名:
kernel-2.6.32-642.13.1.el6
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- include/net/tcp.h の tcp_check_send_head 関数は、データコピーの失
敗後、特定の SACK 状態を適切に維持しないため、ローカルユーザにより、巧
妙に細工された SACK オプションを介して、サービス運用妨害
(tcp_xmit_retransmit_queue の解放済みメモリの使用およびシステムクラッ
シュ) 状態にされる脆弱性が存在します。(CVE-2016-6828)
- net/socket.c の __sys_recvmmsg 関数には、recvmmsg システムコールの
エラー処理が不適切に扱われる問題によって、リモートの攻撃者により、解放済
みメモリの使用 (Use-after-free) により任意のコードを実行される脆弱性が
存在します。(CVE-2016-7117)
- net/sctp/sm_statefuns.c の sctp_sf_ootb 関数は、最初のチャンクの
長さの確認が不足しているため、リモートの攻撃者により、巧妙に細工された
SCTP データを介して、サービス運用妨害 (境界外の slab アクセス) 状態
にされる、もしくは不特定の影響を受ける脆弱性が存在します。
(CVE-2016-9555)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-4998
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
CVE-2016-6828
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
CVE-2016-7117
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
追加情報:
N/A
ダウンロード:
SRPMS
- kernel-2.6.32-642.13.1.el6.src.rpm
MD5: 0eb6eba32cddf2147fbaf5872b70923b
SHA-256: 7cfe49ddefaf34ee1315f1aef0a6625f48fb6d2db01b1aa28973680fe55b5bee
Size: 127.29 MB
Asianux Server 4 for x86
- kernel-2.6.32-642.13.1.el6.i686.rpm
MD5: 886802dd616628be13e944088f383257
SHA-256: 2fde5f9b23b57fab22bc6225c5d36955289325056ff4e526a49d9641627d9369
Size: 29.55 MB - kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpm
MD5: 9ec9e52511103d81e0ab311c8c71e158
SHA-256: e49e380327d9adaab0072605b321dc8389ef65a2fd1c151d01cef6307537eb90
Size: 3.63 MB - kernel-debug-2.6.32-642.13.1.el6.i686.rpm
MD5: 46bfd9c16409cef55e0a7da5c001f7d6
SHA-256: 5870267305c36c177781ba1556d4524688dbe3b9123b5d1450657a655edf9ce1
Size: 30.33 MB - kernel-debug-devel-2.6.32-642.13.1.el6.i686.rpm
MD5: e8bb4728b61b4185906b6c15f44780db
SHA-256: 8c67c381a7ca894169dbab3c8c83488725e3961b5b9e5c54a356d38ea582b61e
Size: 10.59 MB - kernel-devel-2.6.32-642.13.1.el6.i686.rpm
MD5: 4db1a195041e17bcca22f63ec3211b4e
SHA-256: 8b2bb160931ca9ace1d6e7ca6fa60e71dfda459858698e8dc6ca15cb43c4c96f
Size: 10.55 MB - kernel-doc-2.6.32-642.13.1.el6.noarch.rpm
MD5: f538183a25b64c730dd22148d4543d05
SHA-256: be07d031c2f040bcd963447e47f93855bca7e918f1b5fe9aa371ab3e719662bf
Size: 12.20 MB - kernel-firmware-2.6.32-642.13.1.el6.noarch.rpm
MD5: fd55c654cd8dd28f5711ced670a984e4
SHA-256: 8bf322b08bbba9d5a80f0406c055bc5dccb125f19aa9668b947b90b719e72341
Size: 28.07 MB - kernel-headers-2.6.32-642.13.1.el6.i686.rpm
MD5: 628f8e7c32c87c8e6f1cc20275240100
SHA-256: 758f1c94cd9ab2701dd1880b36eff07a43094a5b0d4a05e08ec6f932576fb4f6
Size: 4.36 MB - perf-2.6.32-642.13.1.el6.i686.rpm
MD5: f0b9fdaadd3d790528f776ca4d60ffb4
SHA-256: 9eed4a5c77cf92d65d0e88b816c4b887871f119ff0e9b26ca80ca1f1c002e2e6
Size: 4.58 MB
Asianux Server 4 for x86_64
- kernel-2.6.32-642.13.1.el6.x86_64.rpm
MD5: b111d24efbbfb0aad08bf0e60fae1c1b
SHA-256: 828ad024b5484a7a976beb9814260c1bd34b6b99d935be3dcbce0806936a95ba
Size: 31.85 MB - kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpm
MD5: 6bc3bbbab8226a567320a5ef15b8cd25
SHA-256: 2095c71b66948587b625b68e305efe6b43e0ec885d250aefcac9553d0b973520
Size: 3.63 MB - kernel-debug-2.6.32-642.13.1.el6.x86_64.rpm
MD5: 18a321facdc6eae0bdeb89c79ae23851
SHA-256: 329deabd537d3cc57641c56230f4db9a2ad1f5a0d6f444fa4b2a7334acb09125
Size: 32.73 MB - kernel-debug-devel-2.6.32-642.13.1.el6.x86_64.rpm
MD5: 6b8b2152b39dd8de08107a431ffab6f8
SHA-256: 6e51bf65cdc922c4caddc0926961bc562a5194ac2d83c1881b2a26eff7de60e3
Size: 10.64 MB - kernel-devel-2.6.32-642.13.1.el6.x86_64.rpm
MD5: b6f5800ba4aacda1b7bf04491e9b2ca9
SHA-256: 9432163ffb4d8f3dbf9115897b66da0537b24ae15ecc71007b1f0f41fe22464a
Size: 10.59 MB - kernel-doc-2.6.32-642.13.1.el6.noarch.rpm
MD5: 025c412e47d6115aa29b8228d3ff0991
SHA-256: fffcd0e6d8afd2226cd472c89a5e267ba16fa9f5303356368d04e66316889d20
Size: 12.20 MB - kernel-firmware-2.6.32-642.13.1.el6.noarch.rpm
MD5: ba9fe0e151271aac0be909b9cd33da0b
SHA-256: b96190d3db6ce45a56489cdf19cc152695069e23c1473cc6e95ca7c8cac5baa9
Size: 28.07 MB - kernel-headers-2.6.32-642.13.1.el6.x86_64.rpm
MD5: 75968a9b278b026ff6785c7f8e4b085b
SHA-256: 7b3a81430cf9cff9ead5e2b095f174195d81902620a7a428e380998eb741ddb0
Size: 4.36 MB - perf-2.6.32-642.13.1.el6.x86_64.rpm
MD5: 1885e1903adbe17378d34713726a2883
SHA-256: 5b4d02e7b4509a73362b899c023793f7756374c3f85de026d58f99da7a9dad12
Size: 4.56 MB