Skip to navigation

Security Advisory Important: kernel-rt security update

Advisory: RHSA-2012:0061-1
Type: Security Advisory
Severity: Important
Issued on: 2012-01-24
Last updated on: 2012-01-24
Affected Products: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6)
CVEs (cve.mitre.org): CVE-2012-0056

Details

Updated kernel-rt packages that fix one security issue are now available
for Red Hat Enterprise MRG 2.1.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* It was found that permissions were not checked properly in the Linux
kernel when handling the /proc/[pid]/mem writing functionality. A local,
unprivileged user could use this flaw to escalate their privileges. Refer
to Red Hat Knowledgebase article DOC-69129, linked to in the References,
for further information. (CVE-2012-0056, Important)

Red Hat would like to thank Jüri Aedla for reporting this issue.

Users should upgrade to these updated packages, which correct this issue.
The system must be rebooted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6)

SRPMS:
kernel-rt-3.0.9-rt26.46.el6rt.src.rpm
File outdated by:  RHBA-2014:0381
    MD5: 5698f8acd8bf14a7237ff606145ea377
SHA-256: c4b23d4ad2a6f066255da6d6f518f3b1fa614ab5ccd4e730c7ac2f1dfc9456b6
 
x86_64:
kernel-rt-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 5f676f4751397652539de973a985812b
SHA-256: 7822ebb2ca17cd8f29e166b7c0ca4a600f68409fa6f5ca7b4cbfb20c74aad150
kernel-rt-debug-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 47aa6145714658cbbc9407b570d6112c
SHA-256: 24795e769cbf425a35ce7e791c9699dfdac304e09bc6da3f2de502c5a1b87f1a
kernel-rt-debug-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 83597ffab54e703ba2286c285288622d
SHA-256: 0d9dcfee56b5dde31472efb296bfb6f9c886ab7dde0f5dd5685c041986780703
kernel-rt-debug-devel-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 54cabd5aa6b005a13fffb02dcfba7c92
SHA-256: e9e8a452bb0f2135403474abc18ed0074b7945bab41034f3d718857dcdfe68ee
kernel-rt-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 3e83d8883e5338719cca740cd9f9cf68
SHA-256: bd7ae1b405252f56ed6d7e6745a4ac3fbf06325a7102f910a984c05472e822ea
kernel-rt-debuginfo-common-x86_64-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 9981d44b683fadd7057607d359a8e24c
SHA-256: c21a91793f56e8014673073ec4d6065e5fcba61361df6403e9282288241bdd8a
kernel-rt-devel-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 9f47b2c4b219bbbc421ae1a6efe109a5
SHA-256: 93e9c577e8b14fe81877a6b6e6cc7442fe1f1f8fd13ca12e6842e43395f2dfb9
kernel-rt-doc-3.0.9-rt26.46.el6rt.noarch.rpm
File outdated by:  RHBA-2014:0381
    MD5: 367ae5515a64b6c94546083701014913
SHA-256: 0a7dc860b42e1ca868e210dace944f03c8d3129d475df35033a865f601f7bf11
kernel-rt-firmware-3.0.9-rt26.46.el6rt.noarch.rpm
File outdated by:  RHBA-2014:0381
    MD5: 08b43a77c466ecdb85b6002c2d8355fd
SHA-256: 9972ecd834d801d59280e28d1bdba79bc73b55ab2d9b250589b01fad63be1232
kernel-rt-trace-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: ee7f492de1579c12073e39ea71ad27eb
SHA-256: f1e64951ee9d4b3d45b3fc3df7772e5b3c90dd026b9608d2199200778202fced
kernel-rt-trace-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 8cdc029cb3cf97c684314a017d8001a0
SHA-256: 87c6fcac7c1d1e0521149100c2fa2f27d4edeecb10d4b68ef87e950e0b6585c2
kernel-rt-trace-devel-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: c76b0fcbbe6d5a16e34ca48cc809d5bd
SHA-256: 91a4c319f11eea0ed0f76ab556bcced327d56469df9100d1f5200fb5528a2813
kernel-rt-vanilla-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: aeb97178e9f384d9d80237f3344ae5b8
SHA-256: bf7e8b2fffee5a6a25c20e4c3e8c2333c88f1243663d8077ec062bfbb8d21cee
kernel-rt-vanilla-debuginfo-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 5f0f81032650267e9b1b72f12729b36f
SHA-256: d9a329ce6cca12fdf499244063450a71d6352d03cc669e537e963915b1f65864
kernel-rt-vanilla-devel-3.0.9-rt26.46.el6rt.x86_64.rpm
File outdated by:  RHBA-2014:0381
    MD5: 44f4376b3fd0713f7d6cbb88abdf5d99
SHA-256: 623218dd7adf8914544959fcdfd8f662240442e8a9c534dc4f950b8f0c8aea71
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

782642 - CVE-2012-0056 kernel: proc: /proc/<pid>/mem mem_write insufficient permission checking


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/