Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2013:0841-1
Type: Security Advisory
Severity: Important
Issued on: 2013-05-20
Last updated on: 2013-05-20
Affected Products: Red Hat Enterprise Linux Server EUS (v. 6.1.z)
CVEs (cve.mitre.org): CVE-2013-2094

Details

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.1 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* It was found that the Red Hat Enterprise Linux 6.1 kernel update
(RHSA-2011:0542) introduced an integer conversion issue in the Linux
kernel's Performance Events implementation. This led to a user-supplied
index into the perf_swevent_enabled array not being validated properly,
resulting in out-of-bounds kernel memory access. A local, unprivileged user
could use this flaw to escalate their privileges. (CVE-2013-2094,
Important)

A public exploit that affects Red Hat Enterprise Linux 6 is available.

Refer to Red Hat Knowledge Solution 373743, linked to in the References,
for further information and mitigation instructions for users who are
unable to immediately apply this update.

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux Server EUS (v. 6.1.z)

SRPMS:
kernel-2.6.32-131.39.1.el6.src.rpm     MD5: b97a63c39a87ee0b49c57c7b7a59d514
SHA-256: 5098a8ae90a0a93a57c4ccfec2276c87edaced73b063c82ca8a8f7bdb3d89ebe
 
IA-32:
kernel-2.6.32-131.39.1.el6.i686.rpm     MD5: e3cd030f7f9ef9aeb3b8491748ea3ead
SHA-256: b066073ebdc30f6b734704b7ebf2c24e722461aa44735a30235ca3c58f29785d
kernel-debug-2.6.32-131.39.1.el6.i686.rpm     MD5: defb1c2a4bc28399328b9e8445925b3a
SHA-256: 20b7e08e0525f7f1f00449a450c5030aa14cb84babdbc914a84ff47819ff5b0c
kernel-debug-debuginfo-2.6.32-131.39.1.el6.i686.rpm     MD5: f24b27d957ecba86defc2bb21604057d
SHA-256: 3fef2347172e3c1964150005e3b35afd7bb559d6c9dec4335fb7ff29def58195
kernel-debug-devel-2.6.32-131.39.1.el6.i686.rpm     MD5: e77d1c76ec15413fe263d1efcc74d599
SHA-256: f578f539f7c2dcf6b8b4076c68b9d16d1a839dd6f0420305b25f0205e6b713e2
kernel-debuginfo-2.6.32-131.39.1.el6.i686.rpm     MD5: be4b2cf9a51bb5d45a9fb11ab39f9985
SHA-256: 7208461ab11abaa8e175e16636a76ad5171dd2c51aba4ef2ae53592b389729ee
kernel-debuginfo-common-i686-2.6.32-131.39.1.el6.i686.rpm     MD5: 4b570f147d04ead5d5c7570e7da969cf
SHA-256: c409a1e577af6815f92174cec877f2d56d80d62eb2b036be6ecf6681fac2c6e2
kernel-devel-2.6.32-131.39.1.el6.i686.rpm     MD5: 2ae4d8c904da3c3af0bf00e59ce694d1
SHA-256: 7e878de7b2be336fed62217e2ec404b61fcd9f014d02b14e8ba03b103e4d63fe
kernel-doc-2.6.32-131.39.1.el6.noarch.rpm     MD5: 8a851a66abf4ff11239ccdde8f8421bc
SHA-256: 787fca24d65e5cece244a6a77d61bf1943160fb349b03d86a0b10718f9835d28
kernel-firmware-2.6.32-131.39.1.el6.noarch.rpm     MD5: e37f4daf27ca3b69c2f3ebfec0a3f205
SHA-256: d1d02dd6539f17543239834ceb160804676880648c872d847684089f74306028
kernel-headers-2.6.32-131.39.1.el6.i686.rpm     MD5: 011747ec1bdfd7f7cc621eb0be54e881
SHA-256: aab1d0fa19ac54b4fcebc120649295fcbdf042563e267374d2a0eca4af1c84d7
perf-2.6.32-131.39.1.el6.i686.rpm     MD5: 8ab1d0f86259dd0fad53fda84e8e4340
SHA-256: 7f18b260bf40eac838eb0228a1e6fd1cd794a84cc23a887170dcf0d10dc16fcc
perf-debuginfo-2.6.32-131.39.1.el6.i686.rpm     MD5: aa80fb561226b38cb78d75207106e8b2
SHA-256: 9e727042f23a5e8f98beaa88e8d0d05b7d2b9e005495f83aaaa9a44c88bbd656
 
PPC:
kernel-2.6.32-131.39.1.el6.ppc64.rpm     MD5: 25f767f3a5feb2b063fccc2eb0bfbfc3
SHA-256: 501605906ef5f52c65e76cb95df7442084e5d960603a0da1c9a6386831004bf3
kernel-bootwrapper-2.6.32-131.39.1.el6.ppc64.rpm     MD5: d8e3747cefdb66c28c3a77115d2b9077
SHA-256: 2aa099023a15490b3ce527d05126a81d6f4c64a0f4e9ec57395a6248b10dd03d
kernel-debug-2.6.32-131.39.1.el6.ppc64.rpm     MD5: d24325b5f153bf8f41b8c7b53ddc98de
SHA-256: 9ec85b60a27ae7c88e0e640d6edd995283792e147da80c42b164401b7e1b0c1c
kernel-debug-debuginfo-2.6.32-131.39.1.el6.ppc64.rpm     MD5: 2e3f7aa58ea98ca117445804003c93e9
SHA-256: 1e43e95d3025c65e93ae35897a1ebd91048bd1b4eedd7386d8200b8815e93567
kernel-debug-devel-2.6.32-131.39.1.el6.ppc64.rpm     MD5: d098731b19473820ec27cb3260701b29
SHA-256: 3a2b8e0febf4ceec908f3c252798f4ce936cdadcca3a9c2aa27f923d7a16d80c
kernel-debuginfo-2.6.32-131.39.1.el6.ppc64.rpm     MD5: c7e000e51387c2304336132c01d18153
SHA-256: 41527d7d79f99811e5fa07c45ff3a11bdab1bcb5d3caa3a22cc37b46b9d96178
kernel-debuginfo-common-ppc64-2.6.32-131.39.1.el6.ppc64.rpm     MD5: db81fd4c4fb8098059c4bac73ebdb85c
SHA-256: dfb88a4745fe1a3a0bb0901e5ebbae45b08863612853d0affe2ecb6695c3b60c
kernel-devel-2.6.32-131.39.1.el6.ppc64.rpm     MD5: b8bf0b4fe584967f159bbc5f0268a7f7
SHA-256: 6004338aa90e69b6a35b186b672f4f3edc8b7cc1f9437b277b72c20bc96b87b3
kernel-doc-2.6.32-131.39.1.el6.noarch.rpm     MD5: 8a851a66abf4ff11239ccdde8f8421bc
SHA-256: 787fca24d65e5cece244a6a77d61bf1943160fb349b03d86a0b10718f9835d28
kernel-firmware-2.6.32-131.39.1.el6.noarch.rpm     MD5: e37f4daf27ca3b69c2f3ebfec0a3f205
SHA-256: d1d02dd6539f17543239834ceb160804676880648c872d847684089f74306028
kernel-headers-2.6.32-131.39.1.el6.ppc64.rpm     MD5: fc262ed496204dae26024405407ac456
SHA-256: 95d9aa666edd4209e7acf40453ff2b2da8e9ee2c5c2330736887d1a6b202c884
perf-2.6.32-131.39.1.el6.ppc64.rpm     MD5: f0638a2d8dc247d6c4a2e3747c65ebcc
SHA-256: 5549327fb2f72e36bbca3534e63defd68af16a6170523e37bd860bfa0fd278eb
perf-debuginfo-2.6.32-131.39.1.el6.ppc64.rpm     MD5: dd9f697538bfcaaf1d57711b03c888c9
SHA-256: 9939085ce6bc4f9387af38452b6d36b3df8546b074977207ac0e16eb44be9ffb
 
s390x:
kernel-2.6.32-131.39.1.el6.s390x.rpm     MD5: 8dfc1b57df92c37fae997f4b59b3baed
SHA-256: 2e43cb8e7571d34548e9f3bfaf1db00952ba281914e352be17c1bda969e7e552
kernel-debug-2.6.32-131.39.1.el6.s390x.rpm     MD5: ba59a010accb2faa420cb20ddf171ed7
SHA-256: 8bb58e8753919c29da39a0f0525f839143e9ff2e58296d2603daeb001238c06c
kernel-debug-debuginfo-2.6.32-131.39.1.el6.s390x.rpm     MD5: 346af253960959df300252d7e1d8823d
SHA-256: 6224b9683253520636b478a7d9697d153b79f0ef5845ae6eef26289e23c15ec1
kernel-debug-devel-2.6.32-131.39.1.el6.s390x.rpm     MD5: aab418a7b2df8f1bb50a9bb9ed3a46bd
SHA-256: b21162cbd35892d5d9d2cfb63e7521b33922781827d7dfa75885babf0562b666
kernel-debuginfo-2.6.32-131.39.1.el6.s390x.rpm     MD5: cf71a60d27171deb2751a31d1dc508b8
SHA-256: adb03b93074a37e28d112a88440952faebdb1bd1c9e9cfa46120b63f0b32768f
kernel-debuginfo-common-s390x-2.6.32-131.39.1.el6.s390x.rpm     MD5: 1140e4a07c55255aaed8c1883fba6dd9
SHA-256: 29a9fc55e38c43d0522104c3ae6b5a4ee7b760bce93c09c80071e61ad303da65
kernel-devel-2.6.32-131.39.1.el6.s390x.rpm     MD5: e2b04ca54482055238f43abf94eb6196
SHA-256: 566defe02d74f13186419de0568883cf3aad057d49c81e8b6a59955dbdf72d93
kernel-doc-2.6.32-131.39.1.el6.noarch.rpm     MD5: 8a851a66abf4ff11239ccdde8f8421bc
SHA-256: 787fca24d65e5cece244a6a77d61bf1943160fb349b03d86a0b10718f9835d28
kernel-firmware-2.6.32-131.39.1.el6.noarch.rpm     MD5: e37f4daf27ca3b69c2f3ebfec0a3f205
SHA-256: d1d02dd6539f17543239834ceb160804676880648c872d847684089f74306028
kernel-headers-2.6.32-131.39.1.el6.s390x.rpm     MD5: 878dfdb0dcda1a5bce6d04e5c0063042
SHA-256: 28239eaa82d07d37ec8ed2721099ad0f4e792d66f723725d6bfc6913faea01f4
kernel-kdump-2.6.32-131.39.1.el6.s390x.rpm     MD5: 3352ea49ddaefba556f7f4fddfb2003a
SHA-256: a30baceedd42a71ed318cd14d9d9801a5ffb5731b1438564b6d6941d4bb43db0
kernel-kdump-debuginfo-2.6.32-131.39.1.el6.s390x.rpm     MD5: 79b9d01d1907508e119e8d946e23ee01
SHA-256: a78df482c8085a20b61374acacf878d6c10858b2b7fc6e2bffdd2c244bf0f93d
kernel-kdump-devel-2.6.32-131.39.1.el6.s390x.rpm     MD5: d605eb8132f5f5231817f87c783daf9f
SHA-256: 79d9446830aa1e9fc5eadbffa8de40b4077c7b62c9eed611a86c402395aae980
perf-2.6.32-131.39.1.el6.s390x.rpm     MD5: 386204650d3588b7540aaf87296ea5f3
SHA-256: decf6611388e13988d1b30d486fb62bd7c5cadfd6d917428e2d59e4774da6631
perf-debuginfo-2.6.32-131.39.1.el6.s390x.rpm     MD5: 274ee39b1b452deda7d07295efb36993
SHA-256: c1ee7ca63e9561280310f7a7bbd03b436a389e766afc080a26e031946e6d97d2
 
x86_64:
kernel-2.6.32-131.39.1.el6.x86_64.rpm     MD5: bb2febf4c3900e6a7e0e4784a542f5ee
SHA-256: 1854b10511abba281482748d72b59f6dfea5e0a0999ee9d275ddd9c592fbcdc2
kernel-debug-2.6.32-131.39.1.el6.x86_64.rpm     MD5: c6d1b363de126e91e765136f9696bbc4
SHA-256: cbf180e52034b6c4df2d63574e8c40f6aedb996a785b203b1bbe62ef556caeb0
kernel-debug-debuginfo-2.6.32-131.39.1.el6.x86_64.rpm     MD5: a73d352f29dfd394ad9b12f6837728dc
SHA-256: 98a1913f150dd33e7754b4f8d28e6acc8fe1b6e92dc9fb472b188c54dadc72d1
kernel-debug-devel-2.6.32-131.39.1.el6.x86_64.rpm     MD5: 0c42df9209bebcceabd833a82238ba33
SHA-256: 2cf285ed0c98114f264a97f31312c0f14182004959900d69a24b034d33f10886
kernel-debuginfo-2.6.32-131.39.1.el6.x86_64.rpm     MD5: adea9b17465a181887daea96a3dabef2
SHA-256: ca864fafd05f5490b2a0498a2040fe02bb23a0e22f6db80fd379130a540ed674
kernel-debuginfo-common-x86_64-2.6.32-131.39.1.el6.x86_64.rpm     MD5: a700d6b3814b5004f54404bfb8ff98ca
SHA-256: 570fd60506af823638e607a35cf723e2d5d8162977ff0f84b3d6dfd79c7d0da7
kernel-devel-2.6.32-131.39.1.el6.x86_64.rpm     MD5: c0db48145e7a1854a75606db57d3cf45
SHA-256: 8eb4cda334b92fe48949e2a5fafe50a3350804eeb826a7c93904fecbd15cf8e4
kernel-doc-2.6.32-131.39.1.el6.noarch.rpm     MD5: 8a851a66abf4ff11239ccdde8f8421bc
SHA-256: 787fca24d65e5cece244a6a77d61bf1943160fb349b03d86a0b10718f9835d28
kernel-firmware-2.6.32-131.39.1.el6.noarch.rpm     MD5: e37f4daf27ca3b69c2f3ebfec0a3f205
SHA-256: d1d02dd6539f17543239834ceb160804676880648c872d847684089f74306028
kernel-headers-2.6.32-131.39.1.el6.x86_64.rpm     MD5: f135c079b2b3f9d41a199dfe2b90d0a0
SHA-256: 533b0fd213dedb7e9f4e6920c6e89b1fa5ab3c8761f27e9932e1b5daf732e01a
perf-2.6.32-131.39.1.el6.x86_64.rpm     MD5: c2cec785d74742875a27e245b571036f
SHA-256: ba6c0993f373161d6daec2d5d9c397a643bde6f31b3dde160afc47bceaf6d519
perf-debuginfo-2.6.32-131.39.1.el6.x86_64.rpm     MD5: d5cfdcd81a117158fc1a922f63f73257
SHA-256: 9bed10c1fcfd6ff7f7b11d7209585250c0d7d31fe8c4a5d028320daee3d4aef5
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

962792 - CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/