Skip to navigation

Security Advisory Moderate: ipmitool security update

Advisory: RHSA-2011:1814-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-12-13
Last updated on: 2011-12-13
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.2)
Red Hat Enterprise Linux Server EUS (v. 6.2.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-4339

Details

An updated ipmitool package that fixes one security issue is now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

The ipmitool package contains a command line utility for interfacing with
devices that support the Intelligent Platform Management Interface (IPMI)
specification. IPMI is an open standard for machine health, inventory, and
remote power control.

It was discovered that the IPMI event daemon (ipmievd) created its process
ID (PID) file with world-writable permissions. A local user could use this
flaw to make the ipmievd init script kill an arbitrary process when the
ipmievd daemon is stopped or restarted. (CVE-2011-4339)

All users of ipmitool are advised to upgrade to this updated package, which
contains a backported patch to correct this issue. After installing this
update, the IPMI event daemon (ipmievd) will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
ipmitool-1.8.11-12.el6_2.1.src.rpm
File outdated by:  RHBA-2013:1259
    MD5: 2e9f46ea9ab9852cf20b7288078eade4
SHA-256: 59451e7bb318133fdfe5748f1161ceb4a0eabc1858a642523ae5cdc2edc07b20
 
IA-32:
ipmitool-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1259
    MD5: 27b16266ae904a065d0b5b30f0582f03
SHA-256: f8909a2cec7b2f5a42277f66020e69e9de8f730b0371d21b884130169aa34b7f
ipmitool-debuginfo-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1259
    MD5: ec07c6bdb45d69b4e83641949b30369d
SHA-256: b924bee8793705c0e1fc68bda53ab3d1ed3350b6691de23ee1ff4a63a8622c0a
 
x86_64:
ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: a1ec8afb285327008a1f736dea3db98e
SHA-256: 9c57ba9081fc390924429c5b9ab2fd765f3c1054c12fac1533c42047b3fba09d
ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: 1a86a5428795beb209a6d61bfd90099e
SHA-256: 5979056bbfd6876cc77d7796305c70d24219154ee60698ba5d414ec6cef859f8
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
ipmitool-1.8.11-12.el6_2.1.src.rpm
File outdated by:  RHBA-2013:1259
    MD5: 2e9f46ea9ab9852cf20b7288078eade4
SHA-256: 59451e7bb318133fdfe5748f1161ceb4a0eabc1858a642523ae5cdc2edc07b20
 
x86_64:
ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: a1ec8afb285327008a1f736dea3db98e
SHA-256: 9c57ba9081fc390924429c5b9ab2fd765f3c1054c12fac1533c42047b3fba09d
ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: 1a86a5428795beb209a6d61bfd90099e
SHA-256: 5979056bbfd6876cc77d7796305c70d24219154ee60698ba5d414ec6cef859f8
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
ipmitool-1.8.11-12.el6_2.1.src.rpm
File outdated by:  RHBA-2013:1259
    MD5: 2e9f46ea9ab9852cf20b7288078eade4
SHA-256: 59451e7bb318133fdfe5748f1161ceb4a0eabc1858a642523ae5cdc2edc07b20
 
IA-32:
ipmitool-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1259
    MD5: 27b16266ae904a065d0b5b30f0582f03
SHA-256: f8909a2cec7b2f5a42277f66020e69e9de8f730b0371d21b884130169aa34b7f
ipmitool-debuginfo-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1259
    MD5: ec07c6bdb45d69b4e83641949b30369d
SHA-256: b924bee8793705c0e1fc68bda53ab3d1ed3350b6691de23ee1ff4a63a8622c0a
 
PPC:
ipmitool-1.8.11-12.el6_2.1.ppc64.rpm
File outdated by:  RHBA-2013:1259
    MD5: 8b8d481e9009a5803f586903564cc075
SHA-256: a2c02370cbd16d93185380e6fcd58a4da2255a85f42b2b6600322ba0654fd250
ipmitool-debuginfo-1.8.11-12.el6_2.1.ppc64.rpm
File outdated by:  RHBA-2013:1259
    MD5: b5aa7f3876f5bab9a564d8987f9eb3a9
SHA-256: b38b98688c6158cf3c8099ae08e2fa57b28f07e629ec86a988f0e322844c94fe
 
s390x:
ipmitool-1.8.11-12.el6_2.1.s390x.rpm
File outdated by:  RHBA-2013:1259
    MD5: 94de6a7d565a6392f87a73028080fda8
SHA-256: 96f6825782b9295ee0c1fe9be04177b796ab849e8a72d6bf2529247cba3a565a
ipmitool-debuginfo-1.8.11-12.el6_2.1.s390x.rpm
File outdated by:  RHBA-2013:1259
    MD5: dea64bd8e3ab198a2f4128abb6dc7959
SHA-256: 9f022062a652b8087543a778cc3ac4edb467757ea1521ea74108a1ded421c4f1
 
x86_64:
ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: a1ec8afb285327008a1f736dea3db98e
SHA-256: 9c57ba9081fc390924429c5b9ab2fd765f3c1054c12fac1533c42047b3fba09d
ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: 1a86a5428795beb209a6d61bfd90099e
SHA-256: 5979056bbfd6876cc77d7796305c70d24219154ee60698ba5d414ec6cef859f8
 
Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
ipmitool-1.8.11-12.el6_2.1.src.rpm
File outdated by:  RHBA-2013:1259
    MD5: 2e9f46ea9ab9852cf20b7288078eade4
SHA-256: 59451e7bb318133fdfe5748f1161ceb4a0eabc1858a642523ae5cdc2edc07b20
 
x86_64:
ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1164
    MD5: a1ec8afb285327008a1f736dea3db98e
SHA-256: 9c57ba9081fc390924429c5b9ab2fd765f3c1054c12fac1533c42047b3fba09d
ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1164
    MD5: 1a86a5428795beb209a6d61bfd90099e
SHA-256: 5979056bbfd6876cc77d7796305c70d24219154ee60698ba5d414ec6cef859f8
 
Red Hat Enterprise Linux Server EUS (v. 6.2.z)

SRPMS:
ipmitool-1.8.11-12.el6_2.1.src.rpm
File outdated by:  RHBA-2013:1259
    MD5: 2e9f46ea9ab9852cf20b7288078eade4
SHA-256: 59451e7bb318133fdfe5748f1161ceb4a0eabc1858a642523ae5cdc2edc07b20
 
IA-32:
ipmitool-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1164
    MD5: 27b16266ae904a065d0b5b30f0582f03
SHA-256: f8909a2cec7b2f5a42277f66020e69e9de8f730b0371d21b884130169aa34b7f
ipmitool-debuginfo-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1164
    MD5: ec07c6bdb45d69b4e83641949b30369d
SHA-256: b924bee8793705c0e1fc68bda53ab3d1ed3350b6691de23ee1ff4a63a8622c0a
 
PPC:
ipmitool-1.8.11-12.el6_2.1.ppc64.rpm
File outdated by:  RHBA-2013:1164
    MD5: 8b8d481e9009a5803f586903564cc075
SHA-256: a2c02370cbd16d93185380e6fcd58a4da2255a85f42b2b6600322ba0654fd250
ipmitool-debuginfo-1.8.11-12.el6_2.1.ppc64.rpm
File outdated by:  RHBA-2013:1164
    MD5: b5aa7f3876f5bab9a564d8987f9eb3a9
SHA-256: b38b98688c6158cf3c8099ae08e2fa57b28f07e629ec86a988f0e322844c94fe
 
s390x:
ipmitool-1.8.11-12.el6_2.1.s390x.rpm
File outdated by:  RHBA-2013:1164
    MD5: 94de6a7d565a6392f87a73028080fda8
SHA-256: 96f6825782b9295ee0c1fe9be04177b796ab849e8a72d6bf2529247cba3a565a
ipmitool-debuginfo-1.8.11-12.el6_2.1.s390x.rpm
File outdated by:  RHBA-2013:1164
    MD5: dea64bd8e3ab198a2f4128abb6dc7959
SHA-256: 9f022062a652b8087543a778cc3ac4edb467757ea1521ea74108a1ded421c4f1
 
x86_64:
ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1164
    MD5: a1ec8afb285327008a1f736dea3db98e
SHA-256: 9c57ba9081fc390924429c5b9ab2fd765f3c1054c12fac1533c42047b3fba09d
ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1164
    MD5: 1a86a5428795beb209a6d61bfd90099e
SHA-256: 5979056bbfd6876cc77d7796305c70d24219154ee60698ba5d414ec6cef859f8
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
ipmitool-1.8.11-12.el6_2.1.src.rpm
File outdated by:  RHBA-2013:1259
    MD5: 2e9f46ea9ab9852cf20b7288078eade4
SHA-256: 59451e7bb318133fdfe5748f1161ceb4a0eabc1858a642523ae5cdc2edc07b20
 
IA-32:
ipmitool-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1259
    MD5: 27b16266ae904a065d0b5b30f0582f03
SHA-256: f8909a2cec7b2f5a42277f66020e69e9de8f730b0371d21b884130169aa34b7f
ipmitool-debuginfo-1.8.11-12.el6_2.1.i686.rpm
File outdated by:  RHBA-2013:1259
    MD5: ec07c6bdb45d69b4e83641949b30369d
SHA-256: b924bee8793705c0e1fc68bda53ab3d1ed3350b6691de23ee1ff4a63a8622c0a
 
x86_64:
ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: a1ec8afb285327008a1f736dea3db98e
SHA-256: 9c57ba9081fc390924429c5b9ab2fd765f3c1054c12fac1533c42047b3fba09d
ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm
File outdated by:  RHBA-2013:1259
    MD5: 1a86a5428795beb209a6d61bfd90099e
SHA-256: 5979056bbfd6876cc77d7796305c70d24219154ee60698ba5d414ec6cef859f8
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

742837 - CVE-2011-4339 OpenIPMI: IPMI event daemon creates PID file with world writeable permissions


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/