Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 441
Alerts This Week
Warning Icon 1 441

Scientific Linux SL6 SLSA-2015:1272-1 Kernel Moderate Security Update

Scientific Large Esm H446
Moderate: kernel security, bug fix, and enhancement update
Date: Mon, 3 Aug 2015 19:39:30 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Connie Sieh 
Subject: Security ERRATA Moderate: kernel on SL6.x i386/x86_64
MIME-Version: 1.0
Message-ID: <20150803193930.32716.92170@slpackages.fnal.gov>

Synopsis: Moderate: kernel security, bug fix, and enhancement update
Advisory ID: SLSA-2015:1272-1
Issue Date: 2015-07-22
CVE Numbers: CVE-2014-3940
 CVE-2014-4652
 CVE-2014-3184
 CVE-2014-8709
 CVE-2014-8133
 CVE-2015-0239
 CVE-2014-9683
 CVE-2015-3339
--

* A flaw was found in the way Linux kernel's Transparent Huge Pages (THP)
implementation handled non-huge page migration. A local, unprivileged user
could use this flaw to crash the kernel by migrating transparent
hugepages. (CVE-2014-3940, Moderate)

* A buffer overflow flaw was found in the way the Linux kernel's eCryptfs
implementation decoded encrypted file names. A local, unprivileged user
could use this flaw to crash the system or, potentially, escalate their
privileges on the system. (CVE-2014-9683, Moderate)

* A race condition flaw was found between the chown and execve system
calls. When changing the owner of a setuid user binary to root, the race
condition could momentarily make the binary setuid root. A local,
unprivileged user could potentially use this flaw to escalate their
privileges on the system. (CVE-2015-3339, Moderate)

* Multiple out-of-bounds write flaws were found in the way the Cherry
Cymotion keyboard driver, KYE/Genius device drivers, Logitech device
drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote
control driver, and Sunplus wireless desktop driver handled HID reports
with an invalid report descriptor size. An attacker with physical access
to the system could use either of these flaws to write data past an
allocated memory buffer. (CVE-2014-3184, Low)

* An information leak flaw was found in the way the Linux kernel's
Advanced Linux Sound Architecture (ALSA) implementation handled access of
the user control's state. A local, privileged user could use this flaw to
leak kernel memory to user space. (CVE-2014-4652, Low)

* It was found that the espfix functionality could be bypassed by
installing a 16-bit RW data segment into GDT instead of LDT (which espfix
checks), and using that segment on the stack. A local, unprivileged user
could potentially use this flaw to leak kernel stack addresses.
(CVE-2014-8133, Low)

* An information leak flaw was found in the Linux kernel's IEEE 802.11
wireless networking implementation. When software encryption was used, a
remote attacker could use this flaw to leak up to 8 bytes of plaintext.
(CVE-2014-8709, Low)

* It was found that the Linux kernel KVM subsystem's sysenter instruction
emulation was not sufficient. An unprivileged guest user could use this
flaw to escalate their privileges by tricking the hypervisor to emulate a
SYSENTER instruction in 16-bit mode, if the guest OS did not initialize
the SYSENTER model-specific registers (MSRs). Note: Certified guest
operating systems for Scientific Linux with KVM do initialize the SYSENTER
MSRs and are thus not vulnerable to this issue when running on a KVM
hypervisor. (CVE-2015-0239, Low)

The system must be rebooted for this update to take effect.
--

SL6
 x86_64
 kernel-2.6.32-573.el6.x86_64.rpm
 kernel-debug-2.6.32-573.el6.x86_64.rpm
 kernel-debug-debuginfo-2.6.32-573.el6.x86_64.rpm
 kernel-debug-devel-2.6.32-573.el6.x86_64.rpm
 kernel-debuginfo-2.6.32-573.el6.x86_64.rpm
 kernel-debuginfo-common-x86_64-2.6.32-573.el6.x86_64.rpm
 kernel-devel-2.6.32-573.el6.x86_64.rpm
 kernel-headers-2.6.32-573.el6.x86_64.rpm
 perf-2.6.32-573.el6.x86_64.rpm
 perf-debuginfo-2.6.32-573.el6.x86_64.rpm
 python-perf-debuginfo-2.6.32-573.el6.x86_64.rpm
 python-perf-2.6.32-573.el6.x86_64.rpm
 i386
 kernel-2.6.32-573.el6.i686.rpm
 kernel-debug-2.6.32-573.el6.i686.rpm
 kernel-debug-debuginfo-2.6.32-573.el6.i686.rpm
 kernel-debug-devel-2.6.32-573.el6.i686.rpm
 kernel-debuginfo-2.6.32-573.el6.i686.rpm
 kernel-debuginfo-common-i686-2.6.32-573.el6.i686.rpm
 kernel-devel-2.6.32-573.el6.i686.rpm
 kernel-headers-2.6.32-573.el6.i686.rpm
 perf-2.6.32-573.el6.i686.rpm
 perf-debuginfo-2.6.32-573.el6.i686.rpm
 python-perf-debuginfo-2.6.32-573.el6.i686.rpm
 python-perf-2.6.32-573.el6.i686.rpm
 noarch
 kernel-abi-whitelists-2.6.32-573.el6.noarch.rpm
 kernel-doc-2.6.32-573.el6.noarch.rpm
 kernel-firmware-2.6.32-573.el6.noarch.rpm

- Scientific Linux Development Team