Security Advisory Moderate: kernel security and enhancement update

Advisory: RHSA-2017:0869-1
Type: Security Advisory
Severity: Moderate
Issued on: 2017-04-04
Last updated on: 2017-04-04
Affected Products: Red Hat Enterprise Linux Server EUS (v. 6.7.z)
CVEs (cve.mitre.org): CVE-2016-8399

Details

An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended
Update Support.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

* A flaw was found in the Linux networking subsystem where a local attacker with
CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by
creating a smaller-than-expected ICMP header and sending to its destination via
sendto(). (CVE-2016-8399, Moderate)

Enhancement(s):

* Previously, the mpt3sas driver incorrectly checked the Transport Layer Retries
(TLR) state even on Redundant Array Of Independent Discs (RAID) devices.
Consequently, a kernel panic occurred when mpt3sas attempted to read from the
RAID devices. With this update, mpt3sas has been fixed to check the TLR state
only for non-RAID devices, and the kernel no longer panics under the described
circumstances. (BZ#1427459)


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Updated packages

Red Hat Enterprise Linux Server EUS (v. 6.7.z)

SRPMS:
kernel-2.6.32-573.41.1.el6.src.rpm     MD5: c2bf7e55a5c98760aa8db471079e58ac
SHA-256: 029a8513a21e6928078e71bbb7ecb6aba691077e336776e2bc8988483b606f6f
 
IA-32:
kernel-2.6.32-573.41.1.el6.i686.rpm     MD5: 07f99bc0b318a1846c243b9d3584fdb5
SHA-256: 28a6ff228b941c1fd084b3ddb088303413f5a815f1976c4dfe472a349deed9ec
kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm     MD5: 2e9e421ba785ee593982a035b5a0fdeb
SHA-256: 5eb41175cefca2122010c8f020622f88ba547be007cdbc47e6a93f1eb201aad4
kernel-debug-2.6.32-573.41.1.el6.i686.rpm     MD5: 3f5b697ff5c31bf0e861298183999f4d
SHA-256: 2744240a8be2aaaca1408f772b91383311f5aeca113fc771f771dff4350c730c
kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: ac209eb1aa2cb41775465ec04bb63143
SHA-256: d0d881da5a1834012b517f2d4b132d6a6c09898f084d43fc133a49ae2cea6de2
kernel-debug-devel-2.6.32-573.41.1.el6.i686.rpm     MD5: 9d3e7877d24b69c796d7efb67f7fcef3
SHA-256: e879a6755d12b2e7be84f2938a2e3d9230f27709b563f59cf3b29f9a2f3990d0
kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: 47913b35703d6e369ecb111ffbe4bfc1
SHA-256: cb482a1c327764b6805cfe03420e0fdfe665efa4329c21a1d9f391485ccd7aa2
kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm     MD5: 9c07ecff029c22386e7ef147ecacf4bc
SHA-256: 92c493b23ef706f2f967fc0fbea8f4d511a2ab0f0151e01768018e68bba109b2
kernel-devel-2.6.32-573.41.1.el6.i686.rpm     MD5: 518b432e797d41da21c49e3a4baf2ddf
SHA-256: c7c6334cfe4f34dd6de661cee3329be1677f3e7940d0483136fd503f7e4f0f4c
kernel-doc-2.6.32-573.41.1.el6.noarch.rpm     MD5: dfe254e6fb047fb40ce755f40130f630
SHA-256: 5754f99b38f11ddc9c694af56ee0f444bdcd16a6ddc489132ade7175ea4cbaa6
kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm     MD5: 55b450c9ce3735fe78abaf70c446c0e7
SHA-256: d2bdb1bb989ec01209e9faa3019877755e611036bae88201252dd7ccdae4b398
kernel-headers-2.6.32-573.41.1.el6.i686.rpm     MD5: 55d86f9ca19618dc789e848d936b0832
SHA-256: 150b78c5c6671e26a3f29a3945a30e2310563a4745a47e57a6340611f19742c5
perf-2.6.32-573.41.1.el6.i686.rpm     MD5: 645a6cb2fe716726892887df31330434
SHA-256: f567657cda1393b4a787e8a9ec90509f7fd6dbd6fa26d8d73b8bdae3359d38ef
perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: 0dc2eb34fc2c97277d97e41377e913c5
SHA-256: c5034f855d12a5aba94f41305915efe4900c2b8ada98ff198c4be0e69ba56d52
python-perf-2.6.32-573.41.1.el6.i686.rpm     MD5: 02356b5a77f7c6ccb40693ce46d4b443
SHA-256: 1ae9acc7b0ade43be2451a235b42d3f0ce51b513632e89533b913846e43e7b95
python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: bf6e7e60b769101080a3d72be9363f8d
SHA-256: 455ab71892c5eca48c2aad83ddaf3f5da2344c6cf4af471829e40d57a656df8b
 
PPC:
kernel-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 45d5310c9010f58541cda77a5eeae7e1
SHA-256: 23036b91107e397410bc6c8cb0fe474a94eaf22413f2b5000c67980f29c5ea45
kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm     MD5: 2e9e421ba785ee593982a035b5a0fdeb
SHA-256: 5eb41175cefca2122010c8f020622f88ba547be007cdbc47e6a93f1eb201aad4
kernel-bootwrapper-2.6.32-573.41.1.el6.ppc64.rpm     MD5: a6097907cf8f451d666dbc5a05fe5c07
SHA-256: ca74419ae0795dc780849bd9c5c66a401492533a2ff690c850b6ce65b6339f84
kernel-debug-2.6.32-573.41.1.el6.ppc64.rpm     MD5: f823a19c148af56168eda585e1d222a3
SHA-256: afd61d4011887d8607c40a02895410c05df812a111085a1efda72a73a557cf6c
kernel-debug-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 4da2a2d9166b7817c14e351d3aeea123
SHA-256: 5c2b3f5f5836eca4b41b4969f36cd49bb1cf191a4e9e22ffa23f6a51357b2870
kernel-debug-devel-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 717ec62487944cd25537b3e881a6e715
SHA-256: aabba31a2df3df251a717f0b1b42c0c653f2fe6376fe0bbcf395863f663d25d5
kernel-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 43706d684ff04ebddf5e90f6bb5fdabd
SHA-256: b516a6236595ae2c0b5bbbbf6b85c9a3000cd7b5b2d33ac8812da637424be6de
kernel-debuginfo-common-ppc64-2.6.32-573.41.1.el6.ppc64.rpm     MD5: ffa50b4471b5b7b41778575061eb5616
SHA-256: 7759d32d4e4947f77154b269ecfabf286251f18fe5d06bd7745456c3fda76581
kernel-devel-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 61f9e04dc5eceb8fe6bc9853e1bb3c94
SHA-256: bf76931bda709238633dee28195efa4909a2f2a9cb8acc9c3e6620547eb591c3
kernel-doc-2.6.32-573.41.1.el6.noarch.rpm     MD5: dfe254e6fb047fb40ce755f40130f630
SHA-256: 5754f99b38f11ddc9c694af56ee0f444bdcd16a6ddc489132ade7175ea4cbaa6
kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm     MD5: 55b450c9ce3735fe78abaf70c446c0e7
SHA-256: d2bdb1bb989ec01209e9faa3019877755e611036bae88201252dd7ccdae4b398
kernel-headers-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 8cf6d19f164b13870244e04346db0c9c
SHA-256: 97ffeee789924aedaf6229979e5d9d12fa52a7c0564ffc191f193381a6293947
perf-2.6.32-573.41.1.el6.ppc64.rpm     MD5: d40d85008a7a827a37be784014ea69ab
SHA-256: d762e47597623231cfdade06b4abb80b7355baa5186d9dbe67553311d915aadc
perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 366efafad1e4bda6ae370bfe6630541f
SHA-256: ec2d11b1578f077de0bf750e86b1c5f18d3d09edbcbce7e1734bf8f10d73ebe4
python-perf-2.6.32-573.41.1.el6.ppc64.rpm     MD5: 98df846cbda0623eaa631c6230ee4f4f
SHA-256: d9cce5ca4be0c165ad190f78198660d5f2b6527b6e65a2938e6402ca9746435e
python-perf-debuginfo-2.6.32-573.41.1.el6.ppc64.rpm     MD5: b781fca06ca39ac453d4e71c2ee41a5f
SHA-256: 07a31697d00b568077565eb866df87b2db2d8c5eb86d11267676e747acfa9fc4
 
s390x:
kernel-2.6.32-573.41.1.el6.s390x.rpm     MD5: 08402a3319019c4cf50934dd7a3268cd
SHA-256: 37c7e5ff103157f172e6d9d24eba38f582b7e5fc39814da40c5bc841a764bf54
kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm     MD5: 2e9e421ba785ee593982a035b5a0fdeb
SHA-256: 5eb41175cefca2122010c8f020622f88ba547be007cdbc47e6a93f1eb201aad4
kernel-debug-2.6.32-573.41.1.el6.s390x.rpm     MD5: 1a4f960fb7bb9cf07ff69a9d2f627e28
SHA-256: a712ad5169f37314466abc84ad1533c24c8c3afe46ddcc8d54764a1dd0e8688a
kernel-debug-debuginfo-2.6.32-573.41.1.el6.s390x.rpm     MD5: 52ae012fd056b09972ec51416ab64514
SHA-256: 9b7242e6cdacf10d4a1a239fc334952244f434b2965fadc07be633c4255dd1a5
kernel-debug-devel-2.6.32-573.41.1.el6.s390x.rpm     MD5: 9e7695883197d723419caaa2392a0e5c
SHA-256: 96cc9596ec0c714340db3fe78179c6d75b4c281cfbe03bea91d2ee68fdedc479
kernel-debuginfo-2.6.32-573.41.1.el6.s390x.rpm     MD5: a4d0c7f14ebd863d537ce81718c0c9b9
SHA-256: c5c2d5a757e8de3e0a7321e77ecc71461b1fa4213e273a2adf8a64471cfa17a7
kernel-debuginfo-common-s390x-2.6.32-573.41.1.el6.s390x.rpm     MD5: d7f6243b7451fe05bb0f924a9cc0f0ef
SHA-256: 95ec30bcaca938e43e73dc2c42adbc64963713ab176604d40181c0081594867a
kernel-devel-2.6.32-573.41.1.el6.s390x.rpm     MD5: a6ba9f0433630c78c173dbb1f94ef18b
SHA-256: 98c1c1e94372c985e45aa0441214d0272b27baedcb462737eaa92e8b6fe3ad96
kernel-doc-2.6.32-573.41.1.el6.noarch.rpm     MD5: dfe254e6fb047fb40ce755f40130f630
SHA-256: 5754f99b38f11ddc9c694af56ee0f444bdcd16a6ddc489132ade7175ea4cbaa6
kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm     MD5: 55b450c9ce3735fe78abaf70c446c0e7
SHA-256: d2bdb1bb989ec01209e9faa3019877755e611036bae88201252dd7ccdae4b398
kernel-headers-2.6.32-573.41.1.el6.s390x.rpm     MD5: 5526d519fa6dd679c2154b1a427d891a
SHA-256: 6e51456679db25daaee4d61568a5b895d641a8b8e7a17505a455ebf43812577c
kernel-kdump-2.6.32-573.41.1.el6.s390x.rpm     MD5: 79a1873c750b247042a4668bf62991a7
SHA-256: 8eaf76b2dcf1ad3602188d90e8d631ae5a311f463ca0e31cfd9a9a0551bd3ec9
kernel-kdump-debuginfo-2.6.32-573.41.1.el6.s390x.rpm     MD5: 0e3bc78317a233dfea3b7abf88d072a9
SHA-256: d9e14a2f446e5036cf990bb975cdf6725dfc3cdb0317b41e4c59039595ab4b3b
kernel-kdump-devel-2.6.32-573.41.1.el6.s390x.rpm     MD5: 7bb15540239adf46f1a71c62111f91b2
SHA-256: 1c48d766f10da29e4a89543af5332c160bd802fb15769bf63023ec71f7b64026
perf-2.6.32-573.41.1.el6.s390x.rpm     MD5: feae4197e349c2aa95b077a82f50a5dc
SHA-256: c6f06d04acfa6da4fd477bf75e96bfe1a95eede7cf5cd56e2b36662f8c2e6017
perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm     MD5: d995b5729efe4cdbb76b391d2b89352d
SHA-256: b38a483393a2375dcbb706692c304c28d853081642fbfd1c113a3ce6f3871624
python-perf-2.6.32-573.41.1.el6.s390x.rpm     MD5: e3176611755ce5f2d8c601b6f4f19eef
SHA-256: bb24f26d28acd5a1e5b1e7575334064c6af0778517524dfddfca625346b51348
python-perf-debuginfo-2.6.32-573.41.1.el6.s390x.rpm     MD5: edf67cf03da860943fa804d1c7e95c8a
SHA-256: 4ff5d8a98974a77bbd944b5d162487208481ee9226bd0d1d7fbd464255ebe515
 
x86_64:
kernel-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 6575c66402a9460c73680337e3c25fac
SHA-256: 00c5857179c7488a4bcf79f97208619daf41415c344b3e5e6180d4d24aed91bd
kernel-abi-whitelists-2.6.32-573.41.1.el6.noarch.rpm     MD5: 2e9e421ba785ee593982a035b5a0fdeb
SHA-256: 5eb41175cefca2122010c8f020622f88ba547be007cdbc47e6a93f1eb201aad4
kernel-debug-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 44d1c59d646de401d0ec570bc2494918
SHA-256: 345b570f54725add42f53091264e6b62cd0448f21d8d4f10d0213fbf2ee65335
kernel-debug-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: ac209eb1aa2cb41775465ec04bb63143
SHA-256: d0d881da5a1834012b517f2d4b132d6a6c09898f084d43fc133a49ae2cea6de2
kernel-debug-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 93048a65a72b14c726f91062706f17e3
SHA-256: 431fdb6955647baa93cbbcabd4762296201f3b73cbe8897c04c0ab4f4dd6eaf9
kernel-debug-devel-2.6.32-573.41.1.el6.i686.rpm     MD5: 9d3e7877d24b69c796d7efb67f7fcef3
SHA-256: e879a6755d12b2e7be84f2938a2e3d9230f27709b563f59cf3b29f9a2f3990d0
kernel-debug-devel-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 1bc234334235e5ebe61d5ae43f904e4b
SHA-256: a167cd048cc224dd40a25b172c12ad91b6b37c51c6ec1c893b602304c5f53e3a
kernel-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: 47913b35703d6e369ecb111ffbe4bfc1
SHA-256: cb482a1c327764b6805cfe03420e0fdfe665efa4329c21a1d9f391485ccd7aa2
kernel-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 08b3c6a1459184f213604d6f48aa554c
SHA-256: 67c7fbd41b417c62e10d7eb3b37bb0dbd2e62d3229683f6bcfa32731f29bc39b
kernel-debuginfo-common-i686-2.6.32-573.41.1.el6.i686.rpm     MD5: 9c07ecff029c22386e7ef147ecacf4bc
SHA-256: 92c493b23ef706f2f967fc0fbea8f4d511a2ab0f0151e01768018e68bba109b2
kernel-debuginfo-common-x86_64-2.6.32-573.41.1.el6.x86_64.rpm     MD5: ba007b7e18fb54a92c707ca1ab2851f1
SHA-256: d8fd01fe040d82578ab065bb31b76deec48090803e24e68ba9264ff1a77dea33
kernel-devel-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 450393d58a82ce714ee1d8139b9741d6
SHA-256: 0f9bfe93e924b9fc55f0088df1b2ab834a9551c59b80e2a52ec8dff96b6ca49d
kernel-doc-2.6.32-573.41.1.el6.noarch.rpm     MD5: dfe254e6fb047fb40ce755f40130f630
SHA-256: 5754f99b38f11ddc9c694af56ee0f444bdcd16a6ddc489132ade7175ea4cbaa6
kernel-firmware-2.6.32-573.41.1.el6.noarch.rpm     MD5: 55b450c9ce3735fe78abaf70c446c0e7
SHA-256: d2bdb1bb989ec01209e9faa3019877755e611036bae88201252dd7ccdae4b398
kernel-headers-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 6150120b0608fb7457f44562f1e3272b
SHA-256: 9a89bc8969b02b8cef1110bfa4d2a178fea1017e5069c0f2293c417d477a0bc3
perf-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 98c2c5b71f1393cf9a840e74ea489c9e
SHA-256: 9b933da53ac663c0afa7bf352081fbb8fb36b08c79ffc7e1bf858b543cecd609
perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: 0dc2eb34fc2c97277d97e41377e913c5
SHA-256: c5034f855d12a5aba94f41305915efe4900c2b8ada98ff198c4be0e69ba56d52
perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm     MD5: edbe76155cf4ca42134e2ad52adb0a2a
SHA-256: c7925ca189c9053ef699911f164d0f33a867ab2a0f7ad20df5c22cfe5e68550a
python-perf-2.6.32-573.41.1.el6.x86_64.rpm     MD5: 9e9e6ab11d8e354119b3b587ed7b6307
SHA-256: aa442e528decc17470e368e403d2d9efca660a75b20ad683b74e65008533a32b
python-perf-debuginfo-2.6.32-573.41.1.el6.i686.rpm     MD5: bf6e7e60b769101080a3d72be9363f8d
SHA-256: 455ab71892c5eca48c2aad83ddaf3f5da2344c6cf4af471829e40d57a656df8b
python-perf-debuginfo-2.6.32-573.41.1.el6.x86_64.rpm     MD5: aa5857270af402fcafc63f3ea384f21d
SHA-256: 8ee11535589e91ea8dee09462dd61cad357c6cea9fac6f1f7d3235d2d392ed71
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1403833 - CVE-2016-8399 kernel: net: Out of bounds stack read in memcpy_fromiovec


References


Keywords

reboot_suggested


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/