Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Important: Red Hat Enterprise Linux 6 kernel update

Related Vulnerabilities: CVE-2012-4508   CVE-2013-0311   CVE-2012-4542   CVE-2013-0190   CVE-2013-0309   CVE-2013-0310   CVE-2012-4508   CVE-2012-4542   CVE-2013-0190   CVE-2013-0309   CVE-2013-0310   CVE-2013-0311   CVE-2012-4508   CVE-2013-0190   CVE-2013-0311   CVE-2013-0310   CVE-2012-4542   CVE-2013-0309  

Source

Synopsis

Important: Red Hat Enterprise Linux 6 kernel update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages that fix multiple security issues, address several
hundred bugs, and add numerous enhancements are now available as part of
the ongoing support and maintenance of Red Hat Enterprise Linux version 6.
This is the fourth regular update.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

  • A race condition was found in the way asynchronous I/O and fallocate()
    interacted when using the ext4 file system. A local, unprivileged user
    could use this flaw to expose random data from an extent whose data blocks
    have not yet been written, and thus contain data from a deleted file.
    (CVE-2012-4508, Important)
  • A flaw was found in the way the vhost kernel module handled descriptors
    that spanned multiple regions. A privileged guest user in a KVM guest could
    use this flaw to crash the host or, potentially, escalate their privileges
    on the host. (CVE-2013-0311, Important)
  • It was found that the default SCSI command filter does not accommodate
    commands that overlap across device classes. A privileged guest user could
    potentially use this flaw to write arbitrary data to a LUN that is
    passed-through as read-only. (CVE-2012-4542, Moderate)
  • A flaw was found in the way the xen_failsafe_callback() function in the
    Linux kernel handled the failed iret (interrupt return) instruction
    notification from the Xen hypervisor. An unprivileged user in a 32-bit
    para-virtualized guest could use this flaw to crash the guest.
    (CVE-2013-0190, Moderate)
  • A flaw was found in the way pmd_present() interacted with PROT_NONE
    memory ranges when transparent hugepages were in use. A local, unprivileged
    user could use this flaw to crash the system. (CVE-2013-0309, Moderate)
  • A flaw was found in the way CIPSO (Common IP Security Option) IP options
    were validated when set from user mode. A local user able to set CIPSO IP
    options on the socket could use this flaw to crash the system.
    (CVE-2013-0310, Moderate)

Red Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508, and
Andrew Cooper of Citrix for reporting CVE-2013-0190. Upstream acknowledges
Dmitry Monakhov as the original reporter of CVE-2012-4508. The
CVE-2012-4542 issue was discovered by Paolo Bonzini of Red Hat.

This update also fixes several hundred bugs and adds enhancements. Refer to
the Red Hat Enterprise Linux 6.4 Release Notes for information on the most
significant of these changes, and the Technical Notes for further
information, both linked to in the References.

All Red Hat Enterprise Linux 6 users are advised to install these updated
packages, which correct these issues, and fix the bugs and add the
enhancements noted in the Red Hat Enterprise Linux 6.4 Release Notes and
Technical Notes. The system must be rebooted for this update to take
effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386

Fixes

  • BZ - 664586 - ALSA - backport the recent USB audio driver from upstream (to fix low audio volume issue, new hw enablement)
  • BZ - 700324 - RFE: add online discard support to XFS
  • BZ - 734051 - rhel6.1 guest hang when unplug is using virtio disk from monitor
  • BZ - 735768 - kernel BUG at fs/jbd2/commit.c:353 or fs/jbd/commit.c:319 hitting J_ASSERT(journal->j_running_transaction != NULL) in journal_commit_transaction
  • BZ - 749273 - Failure to resume from suspend (nVidia Quadro NVS 400)
  • BZ - 758202 - pNFS read crashes when mounting with rsize < 4096
  • BZ - 767886 - ATS capability is disabled when NIC is assigned to a guest
  • BZ - 784174 - SECINFO support in the NFS v4 client in RHEL 6
  • BZ - 796352 - NFS mounts fail against Windows 8 servers
  • BZ - 796992 - krb5p mounts fail against a Microsoft 8 server.
  • BZ - 807503 - xfs contention problem
  • BZ - 808112 - [nfsv4] open(O_CREAT) returns EEXISTS on symbolic link created on another system until stat()ed
  • BZ - 813137 - [xfs/xfstests 273] heavy cp workload hang
  • BZ - 813227 - Balloon value reported doesn't get updated after guest driver is removed and re-inserted.
  • BZ - 816059 - can not Install guest(RHEL6.3 32) using scsi-hd and scsi-cd
  • BZ - 816308 - kvm: 9480: cpu0 unimplemented perfctr wrmsr: 0x186 data 0x130079
  • BZ - 816880 - ALSA: Update the snd-oxygen and snd-virtuoso (CMI87xx based) drivers for RHEL 6.4
  • BZ - 816888 - kernel panic in qfq_dequeue
  • BZ - 817243 - Guest failed to resume from S4 after migration with kvmclock
  • BZ - 821060 - dlm: make dlm_recv single threaded
  • BZ - 821463 - SEP CPU flag is disabled on Intel 64 bit when exec_shield is on
  • BZ - 822075 - Console complain about "Unable to load target_core_stgt"
  • BZ - 823018 - link of a delegated file fails (due to server returning NOENT instead of DELAY)
  • BZ - 823625 - cifs: fix handling of scopeid in cifs_convert_address
  • BZ - 823630 - cifs: simplify open code
  • BZ - 823842 - cifs: Cleanup TCP_SERVER_Info
  • BZ - 823843 - cifs: Fix oplock break handling
  • BZ - 823878 - cifs: Simplify cache invalidation
  • BZ - 823902 - cifs: Add rwpidforward mount option [kernel]
  • BZ - 823934 - cifs: Cleanup cifs mount code.
  • BZ - 824065 - cifs: Introduce code required for cifs idmap and ACL support
  • BZ - 824964 - dlm: deadlock between dlm_send and dlm_controld
  • BZ - 825009 - NFSv4.1: Add LAYOUTRETURN support
  • BZ - 826067 - Use-after-free on CPU hotplug
  • BZ - 826650 - pNFS: Page Infrastructure Upgrades.
  • BZ - 827474 - [RHEL 6.4] Sync up perf tool with upstream 3.4 [perf-tool]
  • BZ - 829031 - Fix KVM device assignment bridge test
  • BZ - 830977 - [RHEL6 kernel] crypto: sha512 - Fix byte counter overflow in SHA-512
  • BZ - 832252 - cifs_async_writev blocked by limited kmap on i386 with high-mem
  • BZ - 832301 - windows 8 32bit can not be installed on qemu-kvm
  • BZ - 832434 - nfs: rpciod is blocked in nfs_release_page waiting for nfs_commit_inode to complete
  • BZ - 832486 - KVM: make GET_SUPPORTED_CPUID whitelist-based
  • BZ - 834097 - Performance regression between kernels 2.6.32-131.0.15 and 2.6.32-220
  • BZ - 836803 - RHEL6: Potential fix for leapsecond caused futex related load spikes
  • BZ - 837871 - pNFS: General Client Infrastructure
  • BZ - 839266 - Change network with netconsole loaded cause kernel panic
  • BZ - 839984 - [PATCH sysfs] kernel cannot rename network interfaces
  • BZ - 840458 - RFE - Virtio-scsi should support block_resize
  • BZ - 841578 - Update wireless LAN subsystem
  • BZ - 841604 - Add support for modern Ralink wireless devices (28xx/3xxx/53xx chips)
  • BZ - 841622 - add virtio-scsi unlocked kick patches
  • BZ - 841983 - VLAN configured on top of a bonded interface (active-backup) does not failover
  • BZ - 842312 - nfs_attr_use_mounted_on_file() returns wrong value
  • BZ - 842435 - NFSv4 Handle a bad or revoked delegation
  • BZ - 844542 - virtio: Use ida to allocate virtio index
  • BZ - 844579 - virtio-rng: 'cat' process hangs when ^C pressed when there's no input
  • BZ - 844582 - virtio-rng: module removal doesn't succeed till input from host received
  • BZ - 844583 - s3/s4 support for virtio-rng driver
  • BZ - 845233 - XFS regularly truncating files after crash/reboot
  • BZ - 846585 - [qemu-kvm] [hot-plug] qemu-process (RHEL6.3 guest) goes into D state during nic hot unplug (netdev_del hostnet1)
  • BZ - 846702 - [RHEL 6.4] Sync up perf tool with upstream 3.5 [perf-tool]
  • BZ - 847722 - backport: KVM: fix race with level interrupts
  • BZ - 849223 - RHEL5 Xen SR-IOV VF PCI passthru does not work to RHEL6 HVM guest; no interrupts received on the guest VF
  • BZ - 850642 - Fuse: backport FUSE_AUTO_INVAL_DATA flag support and related patches
  • BZ - 851312 - pNFS client fails to select correct DS from multipath
  • BZ - 854066 - [rhel6] lvs: issues with GRO / icmp fragmentation needed
  • BZ - 854584 - mmu_notifier: updates for RHEL6.4
  • BZ - 855436 - Spurious LVDS detected on HP T5740
  • BZ - 855448 - DM RAID: Bad table argument could cause kernel panic
  • BZ - 857555 - nfs: fix potential slabcache leaks when cache allocations fail
  • BZ - 857792 - drm rebase bug for 6.4
  • BZ - 857956 - hpsa: fix handling of protocol error
  • BZ - 858292 - cciss: fix handling of protocol error
  • BZ - 858850 - fuse: backport scatter-gather direct IO
  • BZ - 859242 - [6.4] Backport upstream XFS fixes
  • BZ - 859259 - parallel perf build fails
  • BZ - 859355 - wireless: crash in crypto_destroy_tfm
  • BZ - 860404 - [RHEL 6.4] Sync up perf tool with upstream latest 3.6 [perf-tool]
  • BZ - 862025 - wl1251_sdio driver missed in RHEL6.4
  • BZ - 863077 - Soft lockup on reboot with an active VG
  • BZ - 863212 - SUNRPC: Patch inclusion request
  • BZ - 865380 - Kernel oops/crash when running perf on a SandyBridge host
  • BZ - 865666 - host boot fail and when system boots with kernel parameter intel_iommu=on
  • BZ - 865929 - xfs: report projid32bit feature in geometry call
  • BZ - 866271 - When browse option is used, failed mounts by AutoFS leave broken directories
  • BZ - 866417 - iwlwifi rmmod crash after roaming
  • BZ - 867169 - nouveau in optimus configuration oops on load
  • BZ - 867688 - sysctl table check failed: /net/ipv6/nf_conntrack_frag6_low_thresh Unknown sysctl binary path
  • BZ - 868233 - [xfs/md] NULL pointer dereference - xfs_alloc_ioend_bio
  • BZ - 869856 - [Arrandale] Text disappearing in Firefox and Terminal
  • BZ - 869904 - CVE-2012-4508 kernel: ext4: AIO vs fallocate stale data exposure
  • BZ - 870246 - LVM RAID: Images that are reintroduced into an array are not synced
  • BZ - 870297 - storvsc: Account for in-transit packets in the RESET path
  • BZ - 871350 - Add minimal hyper-v support to kvm in order to support relaxed timing feature
  • BZ - 871630 - DM RAID: kernel panic when attempting to activate partial RAID LV (i.e. an array that has missing devices)
  • BZ - 871968 - RPC tasks can deadlock during rpc_shutdown
  • BZ - 872229 - export the symbol nfs_fs_type
  • BZ - 872232 - export the symbol nfs_fhget
  • BZ - 872799 - net: WARN if struct ip_options was allocated directly by kmalloc [rhel-6.4]
  • BZ - 873226 - attaching a dummy interface to bonding device causes a crash
  • BZ - 873462 - PCIe SRIOV VFs may not configure on PCIe port with no ARI support
  • BZ - 873816 - NFSv4 referrals fail if NFS server returns hostnames rather than IP addresses (Kernel part)
  • BZ - 874322 - [6.4] XFS log recovery failure leads to loss of data
  • BZ - 874539 - [xfs] Bug on invaliding page that is not locked
  • BZ - 875309 - An Hyper-V RHEL6.3 Guest is unreachable from the network after live migration
  • BZ - 875360 - CVE-2012-4542 kernel: block: default SCSI command filter does not accomodate commands overlap across device classes
  • BZ - 896038 - CVE-2013-0190 kernel: stack corruption in xen_failsafe_callback()
  • BZ - 912898 - CVE-2013-0309 kernel: mm: thp: pmd_present and PROT_NONE local DoS
  • BZ - 912900 - CVE-2013-0310 kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference
  • BZ - 912905 - CVE-2013-0311 kernel: vhost: fix length for cross region descriptor

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started