Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871343
Category:Red Hat Local Security Checks
Title:RedHat Update for kernel RHSA-2015:0726-01
Summary:The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* It was found that the Linux kernel's Infiniband subsystem did not
properly sanitize input parameters while registering memory regions from
user space via the (u)verbs API. A local user with access to a
/dev/infiniband/uverbsX device could use this flaw to crash the system or,
potentially, escalate their privileges on the system. (CVE-2014-8159,
Important)

* A use-after-free flaw was found in the way the Linux kernel's SCTP
implementation handled authentication key reference counting during INIT
collisions. A remote attacker could use this flaw to crash the system or,
potentially, escalate their privileges on the system. (CVE-2015-1421,
Important)

Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue.
The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat.

This update also fixes the following bugs:

* In certain systems with multiple CPUs, when a crash was triggered on one
CPU with an interrupt handler and this CPU sent Non-Maskable Interrupt
(NMI) to another CPU, and, at the same time, ioapic_lock had already been
acquired, a deadlock occurred in ioapic_lock. As a consequence, the kdump
service could become unresponsive. This bug has been fixed and kdump now
works as expected. (BZ#1197742)

* On Lenovo X1 Carbon 3rd Gen, X250, and T550 laptops, the thinkpad_acpi
module was not properly loaded, and thus the function keys and radio
switches did not work. This update applies a new string pattern of BIOS
version, which fixes this bug, and function keys and radio switches now
work as intended. (BZ#1197743)

* During a heavy file system load involving many worker threads, all worker
threads in the pool became blocked on a resource, and no manager thread
existed to create more workers. As a consequence, the running processes
became unresponsive. With this update, the logic around manager creation
has been changed to assure that the last worker thread becomes a manager
thread and does not start executing work items. Now, a manager thread
exists, spawns new workers as needed, and processes no longer hang.
(BZ#1197744)

* If a thin-pool's metadata enters read-only or fail mode, for example, due
to thin-pool running out of metadata or data space, any attempt to make
metadata changes such as creating a thin device or snapshot thin device
should error out cleanly. However, previously, the kernel code returned
verbose and alarming error messages to the user. With this update, due to
early trapping of attempt to make metadata changes, informative errors are
dis ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
kernel on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-8159
BugTraq ID: 73060
http://www.securityfocus.com/bid/73060
Debian Security Information: DSA-3237 (Google Search)
http://www.debian.org/security/2015/dsa-3237
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html
RedHat Security Advisories: RHSA-2015:0674
http://rhn.redhat.com/errata/RHSA-2015-0674.html
RedHat Security Advisories: RHSA-2015:0695
http://rhn.redhat.com/errata/RHSA-2015-0695.html
RedHat Security Advisories: RHSA-2015:0726
http://rhn.redhat.com/errata/RHSA-2015-0726.html
RedHat Security Advisories: RHSA-2015:0751
http://rhn.redhat.com/errata/RHSA-2015-0751.html
RedHat Security Advisories: RHSA-2015:0782
http://rhn.redhat.com/errata/RHSA-2015-0782.html
RedHat Security Advisories: RHSA-2015:0783
http://rhn.redhat.com/errata/RHSA-2015-0783.html
RedHat Security Advisories: RHSA-2015:0803
http://rhn.redhat.com/errata/RHSA-2015-0803.html
RedHat Security Advisories: RHSA-2015:0870
http://rhn.redhat.com/errata/RHSA-2015-0870.html
RedHat Security Advisories: RHSA-2015:0919
http://rhn.redhat.com/errata/RHSA-2015-0919.html
http://www.securitytracker.com/id/1032224
SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
SuSE Security Announcement: SUSE-SU-2015:1487 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:1491 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
http://www.ubuntu.com/usn/USN-2525-1
http://www.ubuntu.com/usn/USN-2526-1
http://www.ubuntu.com/usn/USN-2527-1
http://www.ubuntu.com/usn/USN-2528-1
http://www.ubuntu.com/usn/USN-2529-1
http://www.ubuntu.com/usn/USN-2530-1
http://www.ubuntu.com/usn/USN-2561-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1421
BugTraq ID: 72356
http://www.securityfocus.com/bid/72356
Debian Security Information: DSA-3170 (Google Search)
http://www.debian.org/security/2015/dsa-3170
http://www.openwall.com/lists/oss-security/2015/01/29/15
RedHat Security Advisories: RHSA-2015:0864
http://rhn.redhat.com/errata/RHSA-2015-0864.html
RedHat Security Advisories: RHSA-2015:1082
http://rhn.redhat.com/errata/RHSA-2015-1082.html
http://www.securitytracker.com/id/1032172
SuSE Security Announcement: SUSE-SU-2015:0832 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00001.html
http://www.ubuntu.com/usn/USN-2541-1
http://www.ubuntu.com/usn/USN-2542-1
http://www.ubuntu.com/usn/USN-2545-1
http://www.ubuntu.com/usn/USN-2546-1
http://www.ubuntu.com/usn/USN-2562-1
http://www.ubuntu.com/usn/USN-2563-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.