1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2011:0883

[RHSA-2011:0883] kernel security and bug fix update

Severity Important
Affected Packages 26
CVEs 14
Info Packages References Vulnerabilities

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update includes backported fixes for security issues. These issues,
except for CVE-2011-1182, only affected users of Red Hat Enterprise Linux
6.0 Extended Update Support as they have already been addressed for users
of Red Hat Enterprise Linux 6 in the 6.1 update, RHSA-2011:0542.

Security fixes:

  • Buffer overflow flaws were found in the Linux kernel's Management Module
    Support for Message Passing Technology (MPT) based controllers. A local,
    unprivileged user could use these flaws to cause a denial of service, an
    information leak, or escalate their privileges. (CVE-2011-1494,
    CVE-2011-1495, Important)

  • A flaw was found in the Linux kernel's networking subsystem. If the
    number of packets received exceeded the receiver's buffer limit, they were
    queued in a backlog, consuming memory, instead of being discarded. A remote
    attacker could abuse this flaw to cause a denial of service (out-of-memory
    condition). (CVE-2010-4251, CVE-2010-4805, Moderate)

  • A flaw was found in the Linux kernel's Transparent Huge Pages (THP)
    implementation. A local, unprivileged user could abuse this flaw to allow
    the user stack (when it is using huge pages) to grow and cause a denial of
    service. (CVE-2011-0999, Moderate)

  • A flaw in the Linux kernel's Event Poll (epoll) implementation could
    allow a local, unprivileged user to cause a denial of service.
    (CVE-2011-1082, Moderate)

  • An inconsistency was found in the interaction between the Linux kernel's
    method for allocating NFSv4 (Network File System version 4) ACL data and
    the method by which it was freed. This inconsistency led to a kernel panic
    which could be triggered by a local, unprivileged user with files owned by
    said user on an NFSv4 share. (CVE-2011-1090, Moderate)

  • It was found that some structure padding and reserved fields in certain
    data structures in KVM (Kernel-based Virtual Machine) were not initialized
    properly before being copied to user-space. A privileged host user with
    access to "/dev/kvm" could use this flaw to leak kernel stack memory to
    user-space. (CVE-2010-3881, Low)

  • A missing validation check was found in the Linux kernel's
    mac_partition() implementation, used for supporting file systems created on
    Mac OS operating systems. A local attacker could use this flaw to cause a
    denial of service by mounting a disk that contains specially-crafted
    partitions. (CVE-2011-1010, Low)

  • A buffer overflow flaw in the DEC Alpha OSF partition implementation in
    the Linux kernel could allow a local attacker to cause an information leak
    by mounting a disk that contains specially-crafted partition tables.
    (CVE-2011-1163, Low)

  • Missing validations of null-terminated string data structure elements in
    the do_replace(), compat_do_replace(), do_ipt_get_ctl(), do_ip6t_get_ctl(),
    and do_arpt_get_ctl() functions could allow a local user who has the
    CAP_NET_ADMIN capability to cause an information leak. (CVE-2011-1170,
    CVE-2011-1171, CVE-2011-1172, Low)

  • A missing validation check was found in the Linux kernel's signals
    implementation. A local, unprivileged user could use this flaw to send
    signals via the sigqueueinfo system call, with the si_code set to SI_TKILL
    and with spoofed process and user IDs, to other processes. Note: This flaw
    does not allow existing permission checks to be bypassed; signals can only
    be sent if your privileges allow you to already do so. (CVE-2011-1182, Low)

Red Hat would like to thank Dan Rosenberg for reporting CVE-2011-1494 and
CVE-2011-1495; Nelson Elhage for reporting CVE-2011-1082; Vasiliy
Kulikov for reporting CVE-2010-3881, CVE-2011-1170, CVE-2011-1171, and
CVE-2011-1172; Timo Warns for reporting CVE-2011-1010 and CVE-2011-1163;
and Julien Tinnes of the Google Security Team for reporting CVE-2011-1182.

This update also fixes three bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

Package Affected Version
pkg:rpm/redhat/perf?distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel?arch=i686&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-headers?arch=x86_64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-headers?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-headers?arch=ppc64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-headers?arch=i686&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-firmware?distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-doc?distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-devel?arch=i686&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug?arch=i686&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-debug-devel?arch=i686&distro=redhat-6 < 2.6.32-71.31.1.el6
pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-6 < 2.6.32-71.31.1.el6
ID
RHSA-2011:0883
Severity
important
URL
https://access.redhat.com/errata/RHSA-2011:0883
Published
2011-06-21T00:00:00
(13 years ago)
Modified
2011-06-21T00:00:00
(13 years ago)
Rights
Copyright 2011 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 649920 https://bugzilla.redhat.com/649920
Bugzilla 657303 https://bugzilla.redhat.com/657303
Bugzilla 678209 https://bugzilla.redhat.com/678209
Bugzilla 679282 https://bugzilla.redhat.com/679282
Bugzilla 681575 https://bugzilla.redhat.com/681575
Bugzilla 682641 https://bugzilla.redhat.com/682641
Bugzilla 688021 https://bugzilla.redhat.com/688021
Bugzilla 689321 https://bugzilla.redhat.com/689321
Bugzilla 689327 https://bugzilla.redhat.com/689327
Bugzilla 689345 https://bugzilla.redhat.com/689345
Bugzilla 690028 https://bugzilla.redhat.com/690028
Bugzilla 694021 https://bugzilla.redhat.com/694021
RHSA RHSA-2011:0883 https://access.redhat.com/errata/RHSA-2011:0883
CVE CVE-2010-3881 https://access.redhat.com/security/cve/CVE-2010-3881
CVE CVE-2010-4251 https://access.redhat.com/security/cve/CVE-2010-4251
CVE CVE-2010-4805 https://access.redhat.com/security/cve/CVE-2010-4805
CVE CVE-2011-0999 https://access.redhat.com/security/cve/CVE-2011-0999
CVE CVE-2011-1010 https://access.redhat.com/security/cve/CVE-2011-1010
CVE CVE-2011-1082 https://access.redhat.com/security/cve/CVE-2011-1082
CVE CVE-2011-1090 https://access.redhat.com/security/cve/CVE-2011-1090
CVE CVE-2011-1163 https://access.redhat.com/security/cve/CVE-2011-1163
CVE CVE-2011-1170 https://access.redhat.com/security/cve/CVE-2011-1170
CVE CVE-2011-1171 https://access.redhat.com/security/cve/CVE-2011-1171
CVE CVE-2011-1172 https://access.redhat.com/security/cve/CVE-2011-1172
CVE CVE-2011-1182 https://access.redhat.com/security/cve/CVE-2011-1182
CVE CVE-2011-1494 https://access.redhat.com/security/cve/CVE-2011-1494
CVE CVE-2011-1495 https://access.redhat.com/security/cve/CVE-2011-1495
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/perf?distro=redhat-6 redhat perf < 2.6.32-71.31.1.el6 redhat-6
Affected pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-6 redhat kernel < 2.6.32-71.31.1.el6 redhat-6 x86_64
Affected pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-6 redhat kernel < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-6 redhat kernel < 2.6.32-71.31.1.el6 redhat-6 ppc64
Affected pkg:rpm/redhat/kernel?arch=i686&distro=redhat-6 redhat kernel < 2.6.32-71.31.1.el6 redhat-6 i686
Affected pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-6 redhat kernel-kdump < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-6 redhat kernel-kdump-devel < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel-headers?arch=x86_64&distro=redhat-6 redhat kernel-headers < 2.6.32-71.31.1.el6 redhat-6 x86_64
Affected pkg:rpm/redhat/kernel-headers?arch=s390x&distro=redhat-6 redhat kernel-headers < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel-headers?arch=ppc64&distro=redhat-6 redhat kernel-headers < 2.6.32-71.31.1.el6 redhat-6 ppc64
Affected pkg:rpm/redhat/kernel-headers?arch=i686&distro=redhat-6 redhat kernel-headers < 2.6.32-71.31.1.el6 redhat-6 i686
Affected pkg:rpm/redhat/kernel-firmware?distro=redhat-6 redhat kernel-firmware < 2.6.32-71.31.1.el6 redhat-6
Affected pkg:rpm/redhat/kernel-doc?distro=redhat-6 redhat kernel-doc < 2.6.32-71.31.1.el6 redhat-6
Affected pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-6 redhat kernel-devel < 2.6.32-71.31.1.el6 redhat-6 x86_64
Affected pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-6 redhat kernel-devel < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-6 redhat kernel-devel < 2.6.32-71.31.1.el6 redhat-6 ppc64
Affected pkg:rpm/redhat/kernel-devel?arch=i686&distro=redhat-6 redhat kernel-devel < 2.6.32-71.31.1.el6 redhat-6 i686
Affected pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-6 redhat kernel-debug < 2.6.32-71.31.1.el6 redhat-6 x86_64
Affected pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-6 redhat kernel-debug < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-6 redhat kernel-debug < 2.6.32-71.31.1.el6 redhat-6 ppc64
Affected pkg:rpm/redhat/kernel-debug?arch=i686&distro=redhat-6 redhat kernel-debug < 2.6.32-71.31.1.el6 redhat-6 i686
Affected pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-6 redhat kernel-debug-devel < 2.6.32-71.31.1.el6 redhat-6 x86_64
Affected pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-6 redhat kernel-debug-devel < 2.6.32-71.31.1.el6 redhat-6 s390x
Affected pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-6 redhat kernel-debug-devel < 2.6.32-71.31.1.el6 redhat-6 ppc64
Affected pkg:rpm/redhat/kernel-debug-devel?arch=i686&distro=redhat-6 redhat kernel-debug-devel < 2.6.32-71.31.1.el6 redhat-6 i686
Affected pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-6 redhat kernel-bootwrapper < 2.6.32-71.31.1.el6 redhat-6 ppc64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date