Red Hat Local Security Checks : RedHat Update for kernel RHSA-2016:0450-01

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.871575

Categoría: Red Hat Local Security Checks

Título: RedHat Update for kernel RHSA-2016:0450-01

Resumen: The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux
kernel, the core of any Linux operating system.

* An integer overflow flaw was found in the way the Linux kernel's Frame
Buffer device implementation mapped kernel memory to user space via the
mmap syscall. A local user able to access a frame buffer device file
(/dev/fb*) could possibly use this flaw to escalate their privileges on the
system. (CVE-2013-2596, Important)

* It was found that the Xen hypervisor x86 CPU emulator implementation did
not correctly handle certain instructions with segment overrides,
potentially resulting in a memory corruption. A malicious guest user could
use this flaw to read arbitrary data relating to other guests, cause a
denial of service on the host, or potentially escalate their privileges on
the host. (CVE-2015-2151, Important)

This update also fixes the following bugs:

* Previously, the CPU power of a CPU group could be zero. As a consequence,
a kernel panic occurred at 'find_busiest_group+570' with do_divide_error.
The provided patch ensures that the division is only performed if the CPU
power is not zero, and the aforementioned panic no longer occurs.
(BZ#1209728)

* Prior to this update, a bug occurred when performing an online resize of
an ext4 file system which had been previously converted from ext3. As a
consequence, the kernel crashed. The provided patch fixes online resizing
for such file systems by limiting the blockgroup search loop for non-extent
files, and the mentioned kernel crash no longer occurs. (BZ#1301100)

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.

Affected Software/OS:
kernel on Red Hat Enterprise Linux (v. 5 server)

Solution:
Please Install the Updated Packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-2596
BugTraq ID: 59264
http://www.securityfocus.com/bid/59264
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
http://forum.xda-developers.com/showthread.php?t=2255491
http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/
http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/
http://marc.info/?l=linux-kernel&m=136616837923938&w=2
RedHat Security Advisories: RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0803
http://rhn.redhat.com/errata/RHSA-2015-0803.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-2151
BugTraq ID: 73015
http://www.securityfocus.com/bid/73015
Debian Security Information: DSA-3181 (Google Search)
http://www.debian.org/security/2015/dsa-3181
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html
https://security.gentoo.org/glsa/201604-03
http://www.securitytracker.com/id/1031806
http://www.securitytracker.com/id/1031903
SuSE Security Announcement: openSUSE-SU-2015:0732 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.871575
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for kernel RHSA-2016:0450-01
Resumen:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. * An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of service on the host, or potentially escalate their privileges on the host. (CVE-2015-2151, Important) This update also fixes the following bugs: * Previously, the CPU power of a CPU group could be zero. As a consequence, a kernel panic occurred at 'find_busiest_group+570' with do_divide_error. The provided patch ensures that the division is only performed if the CPU power is not zero, and the aforementioned panic no longer occurs. (BZ#1209728) * Prior to this update, a bug occurred when performing an online resize of an ext4 file system which had been previously converted from ext3. As a consequence, the kernel crashed. The provided patch fixes online resizing for such file systems by limiting the blockgroup search loop for non-extent files, and the mentioned kernel crash no longer occurs. (BZ#1301100) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. Affected Software/OS: kernel on Red Hat Enterprise Linux (v. 5 server) Solution: Please Install the Updated Packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2596 BugTraq ID: 59264 http://www.securityfocus.com/bid/59264 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://forum.xda-developers.com/showthread.php?t=2255491 http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/ http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/ http://marc.info/?l=linux-kernel&m=136616837923938&w=2 RedHat Security Advisories: RHSA-2015:0695 http://rhn.redhat.com/errata/RHSA-2015-0695.html RedHat Security Advisories: RHSA-2015:0782 http://rhn.redhat.com/errata/RHSA-2015-0782.html RedHat Security Advisories: RHSA-2015:0803 http://rhn.redhat.com/errata/RHSA-2015-0803.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2151 BugTraq ID: 73015 http://www.securityfocus.com/bid/73015 Debian Security Information: DSA-3181 (Google Search) http://www.debian.org/security/2015/dsa-3181 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html https://security.gentoo.org/glsa/201604-03 http://www.securitytracker.com/id/1031806 http://www.securitytracker.com/id/1031903 SuSE Security Announcement: openSUSE-SU-2015:0732 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html
Copyright	Copyright (C) 2016 Greenbone AG