[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Download | Alert*

RHSA-2016:2766-01 -- Redhat kernel, perf

ID: oval:org.secpod.oval:def:501933Date: (C)2016-11-16   (M)2020-03-27
Class: PATCHFamily: unix

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system. * It was reported that on s390x, the fork of a process with four page table levels will cause memory corruption with a variety of symptoms. All processes are created with three level page table and a limit of 4TB for the address space. If the parent process has four page table levels with a limit of 8PB, the function that duplicates the address space will try to copy memory areas outside of the address space limit for the child process. Bug Fix: * Use of a multi-threaded workload with high memory mappings sometiems caused a kernel panic, due to a race condition between the context switch and the pagetable upgrade. This update fixes the switch_mm by using the complete asce parameter instead of the asce_bits parameter. As a result, the kernel no longer panics in the described scenario. * When iptables created the Transmission Control Protocol reset packet, a kernel crash could occur due to uninitialized pointer to the TCP header within the Socket Buffer . This update fixes the transport header pointer in TCP reset for both IPv4 and IPv6, and the kernel no longer crashes in the described situation. * Previously, when the Enhanced Error Handling mechanism did not block the PCI configuration space access and an error was detected, a kernel panic occurred. This update fixes EEH to fix this problem. As a result, the kernel no longer panics in the described scenario. * When the lockd service failed to start up completely, the notifier blocks were in some cases registered on a notification chain multiple times, which caused the occurrence of a circular list on the notification chain. Consequently, a soft lock-up or a kernel oops occurred. With this update, the notifier blocks are unregistered if lockd fails to start up completely, and the soft lock-ups or the kernel oopses no longer occur under the described circumstances. * When the Fibre Channel over Ethernet was configured, the FCoE MaxFrameSize parameter was incorrectly restricted to 1452. With this update, the NETIF_F_ALL_FCOE symbol is no longer ignored, which fixes this bug. MaxFrameSize is now restricted to 2112, which is the correct value. * When the fnic driver was installed on Cisco UCS Blade Server, the discs were under certain circumstances put into the offline state with the following error message: "Medium access timeout failure. Offlining disk!". This update fixes fnic to set the Small Computer System Interface status as DID_ABORT after a successful abort operation. As a result, the discs are no longer put into the offlined state in the described situation

Red Hat Enterprise Linux 6
CVE    2
CPE    5

© SecPod Technologies