Skip to navigation

Security Advisory Moderate: dracut security, bug fix, and enhancement update

Advisory: RHSA-2013:1674-2
Type: Security Advisory
Severity: Moderate
Issued on: 2013-11-21
Last updated on: 2013-11-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-4453

Details

Updated dracut packages that fix one security issue, several bugs, and add
two enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The dracut packages include an event-driven initramfs generator
infrastructure based on the udev device manager. The virtual file system,
initramfs, is loaded together with the kernel at boot time and initializes
the system, so it can read and boot from the root partition.

It was discovered that dracut created initramfs images as world readable.
A local user could possibly use this flaw to obtain sensitive information
from these files, such as iSCSI authentication passwords, encrypted root
file system crypttab passwords, or other information. (CVE-2012-4453)

This issue was discovered by Peter Jones of the Red Hat Installer Team.

These updated dracut packages include numerous bug fixes and two
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical
Notes, linked to in the References, for information on the most significant
of these changes.

All dracut users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add these
enhancements.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
dracut-004-336.el6.src.rpm
File outdated by:  RHEA-2013:1774
    MD5: 45292c1995e589326acb9c9e0f993211
SHA-256: e1a58b1342bace2f9f4701d1ad77eaeb0d42c43ca19d9b5ef85f7eb68a090c94
 
IA-32:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
x86_64:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
dracut-004-336.el6.src.rpm
File outdated by:  RHEA-2013:1774
    MD5: 45292c1995e589326acb9c9e0f993211
SHA-256: e1a58b1342bace2f9f4701d1ad77eaeb0d42c43ca19d9b5ef85f7eb68a090c94
 
x86_64:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
dracut-004-336.el6.src.rpm
File outdated by:  RHEA-2013:1774
    MD5: 45292c1995e589326acb9c9e0f993211
SHA-256: e1a58b1342bace2f9f4701d1ad77eaeb0d42c43ca19d9b5ef85f7eb68a090c94
 
IA-32:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
PPC:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
s390x:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
x86_64:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
dracut-004-336.el6.src.rpm
File outdated by:  RHEA-2013:1774
    MD5: 45292c1995e589326acb9c9e0f993211
SHA-256: e1a58b1342bace2f9f4701d1ad77eaeb0d42c43ca19d9b5ef85f7eb68a090c94
 
IA-32:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
x86_64:
dracut-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 8fe8a1db7bf10295e563e42e2b3932eb
SHA-256: 024adc80fb17cbc5a76e9e68e020eebb6007e865e93937e0c3fc382b468eb058
dracut-caps-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 3b732b27230d7898b3d1a556d79bbfa6
SHA-256: 98f3eb3cfa75246af365c7efd206443828c087a621a991cb30b59b73c269cfe2
dracut-fips-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: be70978ce80811b67fd68327c2621f80
SHA-256: 52d3381cb2e0af1a2439a88afb74b5eba31b6b0086e50c2d2bddc3152c4dbc7a
dracut-fips-aesni-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: ca83a15255cba171060eda1b2f9e9f47
SHA-256: f7105643d5a38e90bf8116177f2e71b8251f2729de1798de9581b37243337776
dracut-generic-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 6083521166d93bbbd85cb4a7568eb978
SHA-256: 3c9a0902dcf4dcabd4ed2de6735de96a79d70a1cf85de341e63670bb0a7bc152
dracut-kernel-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: d311c3d3a417b5f1dc542680941d5c7c
SHA-256: 0d079084140d6a34c74354caceb418043292fc3bf68f1f21f7c1990834532722
dracut-network-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 71cecda62c29f17b7e4fb435c25297d1
SHA-256: 49f949c6d413c94cf5113bf444e6f9bb7104165c3dd6358bb2fa4ccb2f35860b
dracut-tools-004-336.el6.noarch.rpm
File outdated by:  RHEA-2013:1774
    MD5: 99ab9639bcdc3d774a806cc7d604c8b7
SHA-256: 12243381cab22b2a6e04ed46575468d3e9041e95e43e484458074d76c63e8d67
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1012626 - [FIPS140] dracut-fip updates needed for certification
1019104 - Interface renaming via ifname does not work for RHEL-6.5
610462 - mkinitrd has no man page
720684 - Booting with snapshot of / requires non user-friendly config
859448 - CVE-2012-4453 dracut: Creates initramfs images with world-readable permissions (information disclosure)
912299 - kernel installation fails if GREP_OPTIONS is set


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/