RHSA-2015:0727

Affecting kernel-rt-trace package, versions centos:7: <0:3.10.0-229.1.2.rt56.141.2.el7_1

high severity
Do your applications use this vulnerable package? Test your applications

Overview

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. * It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1421, Important) Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue. The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat. The kernel-rt packages have been upgraded to version 3.10.0-229.1.2, which provides a number of bug fixes over the previous version, including: - The kdump service could become unresponsive due to a deadlock in the kernel call ioapic_lock. - Attempt to make metadata changes such as creating a thin device or snapshot thin device did not error out cleanly. (BZ#1203359) All kernel-rt users are advised to upgrade to these updated packages, which correct these issues. The system must be rebooted for this update to take effect.

CVE
RHSA-2015:0727
Snyk ID
SNYK-LINUX-KERNELRTTRACE-167384
Published
27 Jun, 2018