Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2012:1114-1
Type: Security Advisory
Severity: Important
Issued on: 2012-07-24
Last updated on: 2012-07-24
Affected Products: Red Hat Enterprise Linux Server EUS (v. 6.0.z)
CVEs (cve.mitre.org): CVE-2012-2744

Details

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.0 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm()
function in the Linux kernel's netfilter IPv6 connection tracking
implementation. A remote attacker could use this flaw to send
specially-crafted packets to a target system that is using IPv6 and also
has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
(CVE-2012-2744, Important)

Red Hat would like to thank an anonymous contributor working with the
Beyond Security SecuriTeam Secure Disclosure program for reporting this
issue.

Users should upgrade to these updated packages, which contain a backported
patch to resolve this issue. The system must be rebooted for this update to
take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux Server EUS (v. 6.0.z)

SRPMS:
kernel-2.6.32-71.40.1.el6.src.rpm     MD5: e13aeb8878b359c4dd5661e31eaf3c71
SHA-256: f416485b9253e81dfad63c55b86927ac6eeef3b872696954fc8442b37edeee11
 
IA-32:
kernel-2.6.32-71.40.1.el6.i686.rpm     MD5: 8b2dfa44b56070a6fdc7bad4d8c419f5
SHA-256: a2d6f877d4592d54a69cfdf5560b961f33c70d01f1a5b3253b38f6b21b2e7c4e
kernel-debug-2.6.32-71.40.1.el6.i686.rpm     MD5: 7ab78b0c0941ba2b02b6fd086b85dfb8
SHA-256: 83603fb15649558b0f775bf652236529e0c1cdebb931627caaf60b72cf8f2840
kernel-debug-debuginfo-2.6.32-71.40.1.el6.i686.rpm     MD5: 91e6c494214ae7e561d15a8d1aa33766
SHA-256: e195149c8a8c011570e18ca743573fdfa1dc64182213af6857e0ae7230358e98
kernel-debug-devel-2.6.32-71.40.1.el6.i686.rpm     MD5: 6af209e72769bbeef006fe36cbf2144f
SHA-256: 677428b47d58bd4f77eafb4a97ed1e66316ed4134e9706879f4b89e443c33f73
kernel-debuginfo-2.6.32-71.40.1.el6.i686.rpm     MD5: 0365004268f458b172f74aba46cf86ac
SHA-256: 7d3e1bad6c36f64371a8be7a4ae19c3e57e30166354ce4a483b3ad66c2bffcc5
kernel-debuginfo-common-i686-2.6.32-71.40.1.el6.i686.rpm     MD5: 276dc9034a2501b4e579093d2620dcd9
SHA-256: fdef452a24a4cb5dd7c8fc1e76a10f077ba3bde4025e65b34fed45d96e2627b7
kernel-devel-2.6.32-71.40.1.el6.i686.rpm     MD5: d712c997e64f8b7227fbed04a7fcc1a6
SHA-256: 1398e103a79d3371ef4faa70518fe6699f0341d5e3ce760c85104662301e1dd1
kernel-doc-2.6.32-71.40.1.el6.noarch.rpm     MD5: f61008ff5bb6a593bccc628b10ebbb74
SHA-256: e744256a6f3b070b77dc183bfef8958d9115c9b08cd120f880d72e4ce03ebd2d
kernel-firmware-2.6.32-71.40.1.el6.noarch.rpm     MD5: 82725c265010fc3ae4b4e36118a6d642
SHA-256: 6e15fc345ac5917a9c79e6a397e4c1f00f4b42990f4483271df2f3723b0265c6
kernel-headers-2.6.32-71.40.1.el6.i686.rpm     MD5: e483210d76ce01e71c476f5d0e8a72cf
SHA-256: 7eddc6d1f05596f96887da15b0a4b7d681b3ad49678e8759ad740e0d27f5de31
perf-2.6.32-71.40.1.el6.noarch.rpm     MD5: e3545799dc3535f793af3ff78093382a
SHA-256: 4816fb395d83f64f7cffcc01a694dc231947207f909b6f2f3f5c6469b2443a5e
 
PPC:
kernel-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 3e494475d7327374c143442789c4d9ee
SHA-256: e6e73918d7d0af6ef69cd6424c9a39f14cbaaaac7deb849e5aa4c7e798444740
kernel-bootwrapper-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 6dbc71314dd5e014bbfacec1165be766
SHA-256: f34dc7636cf707daf4c10e7088b12884a645d808533d74865e635f5b59d0c560
kernel-debug-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 2bda0603781d894e3b2c2d763dd81ac8
SHA-256: fe11d8276bbddfc162303b69a072a3d5e0c01d42d7a4861927ab46367162049d
kernel-debug-debuginfo-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 0911e5da0704c1a1be07be1b503d70c1
SHA-256: e7ed43725464c190224738f27c597d20d0075f8ddfaaebed92e3a1a3bc0d3204
kernel-debug-devel-2.6.32-71.40.1.el6.ppc64.rpm     MD5: c2162014bfba199daeeba7cf2bbe24c5
SHA-256: f30f70a0b7a05907f9c697c2500fcedb09ecf3be3c007b24869d3307307aa8a2
kernel-debuginfo-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 4b4c9c2e1e28222413c6867d2e9fc881
SHA-256: 6d838dfeb549e2b197d6aa1d2eae343aab4569966a6632354ee8e91b736ed7ca
kernel-debuginfo-common-ppc64-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 33ee44f06125a054ed9f563e26cf9405
SHA-256: 13732f6b350eba1ec76618a31ce55cd4086a89ddd016500884868c3c6d9b61cd
kernel-devel-2.6.32-71.40.1.el6.ppc64.rpm     MD5: 283a4687193e80bc5e01119f2f6026e1
SHA-256: b469daa8af8ab4495c223d6c1e3b5b0c7679ceffde7d49f3a5a84bdc6368da53
kernel-doc-2.6.32-71.40.1.el6.noarch.rpm     MD5: f61008ff5bb6a593bccc628b10ebbb74
SHA-256: e744256a6f3b070b77dc183bfef8958d9115c9b08cd120f880d72e4ce03ebd2d
kernel-firmware-2.6.32-71.40.1.el6.noarch.rpm     MD5: 82725c265010fc3ae4b4e36118a6d642
SHA-256: 6e15fc345ac5917a9c79e6a397e4c1f00f4b42990f4483271df2f3723b0265c6
kernel-headers-2.6.32-71.40.1.el6.ppc64.rpm     MD5: ee16055f38bb260ca95b14852c2bfd21
SHA-256: b3dbdca0ce7ea77acda859655e07f3b465ce67349bb224e5e4207c55480c540d
perf-2.6.32-71.40.1.el6.noarch.rpm     MD5: e3545799dc3535f793af3ff78093382a
SHA-256: 4816fb395d83f64f7cffcc01a694dc231947207f909b6f2f3f5c6469b2443a5e
 
s390x:
kernel-2.6.32-71.40.1.el6.s390x.rpm     MD5: 6a712736c42cb721d1f3c894b882a02e
SHA-256: 8e71baefd9860a8338ba327af19666668dfc04d4cb76af44259908d9d4f6e5aa
kernel-debug-2.6.32-71.40.1.el6.s390x.rpm     MD5: 9bf3e85730782908f772152baebea912
SHA-256: ccb411a028b1c4f3d56cd13893236b959aa36f99ac0fb6f107b7154baba9ace1
kernel-debug-debuginfo-2.6.32-71.40.1.el6.s390x.rpm     MD5: 7d0b48950438c67d8acf23c30c0f6e12
SHA-256: ced71b24285f6aefe019fe6d513f174e3473eec0a1c40121c95953ff53364e67
kernel-debug-devel-2.6.32-71.40.1.el6.s390x.rpm     MD5: f317c273c2b8babc70aeb9f6a1634111
SHA-256: f06c54526089e9aacbd722b629f7fba5af036d7b4b9a453294fc309d80660e39
kernel-debuginfo-2.6.32-71.40.1.el6.s390x.rpm     MD5: bfd2d1559347d3f1cbd4538afb709d62
SHA-256: c6f15bd038cadca37c61f6a255d7b80d0cf036293529c67f61680f6e8c20db29
kernel-debuginfo-common-s390x-2.6.32-71.40.1.el6.s390x.rpm     MD5: 84336d4e661e6bba792355d58be73715
SHA-256: 63046877a662d61bf24755f98f1f81996f994a507cb1dbc80b124dc892b77b35
kernel-devel-2.6.32-71.40.1.el6.s390x.rpm     MD5: 574fd50323a2391b51024d1bea83bf21
SHA-256: c3bbc1a472fc190e68ea7a599c293716bfcfdaa3761a04b0e54d9c0ee6f0d45d
kernel-doc-2.6.32-71.40.1.el6.noarch.rpm     MD5: f61008ff5bb6a593bccc628b10ebbb74
SHA-256: e744256a6f3b070b77dc183bfef8958d9115c9b08cd120f880d72e4ce03ebd2d
kernel-firmware-2.6.32-71.40.1.el6.noarch.rpm     MD5: 82725c265010fc3ae4b4e36118a6d642
SHA-256: 6e15fc345ac5917a9c79e6a397e4c1f00f4b42990f4483271df2f3723b0265c6
kernel-headers-2.6.32-71.40.1.el6.s390x.rpm     MD5: 44f8b9d15d13deadda29b24b8dc07b2d
SHA-256: 9b62d44a757b7d00dcef83005c30c690fa4b617b4314861ae7e5de30e667849d
kernel-kdump-2.6.32-71.40.1.el6.s390x.rpm     MD5: 424b2f23b146925fda119d94ceca9f29
SHA-256: 337eca35dbd262383a241912d5801ad7d8d53ca2e969cffae50b81f823cda27e
kernel-kdump-debuginfo-2.6.32-71.40.1.el6.s390x.rpm     MD5: 96aff9a6eecf36c6b94966bec7537abd
SHA-256: b1ebabdacac62bf66cb0574881fd5ac29357f07ed28cec485254225c3dbc8a24
kernel-kdump-devel-2.6.32-71.40.1.el6.s390x.rpm     MD5: d19222f8c5ab3022b4dba6c480b0350c
SHA-256: 84089c59626ad07f29c25c16b937d060b57dc05faa075391e241934331aca441
perf-2.6.32-71.40.1.el6.noarch.rpm     MD5: e3545799dc3535f793af3ff78093382a
SHA-256: 4816fb395d83f64f7cffcc01a694dc231947207f909b6f2f3f5c6469b2443a5e
 
x86_64:
kernel-2.6.32-71.40.1.el6.x86_64.rpm     MD5: 5b1b0cd2ed21bb4050f5c12a575b73ad
SHA-256: 711c6fc9a432edeb41ab05745292b9278fab7b8cfb3f382306abdd9f03780df5
kernel-debug-2.6.32-71.40.1.el6.x86_64.rpm     MD5: 61addb50e028e9773fd6cb28fb468cb2
SHA-256: 0c3cac8b0d33674e0e647aa02432de1943587558e05209e5b0baae769470e190
kernel-debug-debuginfo-2.6.32-71.40.1.el6.x86_64.rpm     MD5: 66cc2b18fa68984337bde30c9dc21673
SHA-256: 6999e0938775e9d839546e4bdb5f3e0dbc3be2a3afe7b83e18029f5ab38e035e
kernel-debug-devel-2.6.32-71.40.1.el6.x86_64.rpm     MD5: fc282d8a44ecc23e5bce8ef80dbf298b
SHA-256: 1acbf022cb61b47957605def2dd84969033083a5323236364f2b14c1474462e0
kernel-debuginfo-2.6.32-71.40.1.el6.x86_64.rpm     MD5: ef4d09ad1b2da5e6e34babf44001e997
SHA-256: 8669781e3aa148d383d7a9a1f79cc5b8660e7692356202204e330e1d160641e0
kernel-debuginfo-common-x86_64-2.6.32-71.40.1.el6.x86_64.rpm     MD5: a32aa5f6d8b545a16a7e5518debd859a
SHA-256: 91ce12c2af911a33bba7b93bec8055dc6ade832d72a249dc0ba82a317cd92949
kernel-devel-2.6.32-71.40.1.el6.x86_64.rpm     MD5: 4237fea5d843773492e177bb2be9b7e7
SHA-256: cf84af5205b47473e2cd8f4ae8705838379cb24b3daa48e8c139e52543ec2fb0
kernel-doc-2.6.32-71.40.1.el6.noarch.rpm     MD5: f61008ff5bb6a593bccc628b10ebbb74
SHA-256: e744256a6f3b070b77dc183bfef8958d9115c9b08cd120f880d72e4ce03ebd2d
kernel-firmware-2.6.32-71.40.1.el6.noarch.rpm     MD5: 82725c265010fc3ae4b4e36118a6d642
SHA-256: 6e15fc345ac5917a9c79e6a397e4c1f00f4b42990f4483271df2f3723b0265c6
kernel-headers-2.6.32-71.40.1.el6.x86_64.rpm     MD5: 7fb514106b61f7447c016057185ff502
SHA-256: 6dcf117022a15c986a611a6aa32dd545dd4dec9e2cd95b65d7562cd6d755139b
perf-2.6.32-71.40.1.el6.noarch.rpm     MD5: e3545799dc3535f793af3ff78093382a
SHA-256: 4816fb395d83f64f7cffcc01a694dc231947207f909b6f2f3f5c6469b2443a5e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

833402 - CVE-2012-2744 kernel: netfilter: null pointer dereference in nf_ct_frag6_reasm()


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/