[RHSA-2016:0065] kernel-rt security update
Severity
Important
Affected Packages
7
CVEs
1
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
- A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2016-0728, Important)
Red Hat would like to thank the Perception Point research team for
reporting this issue.
All kernel-rt users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. The system must be
rebooted for this update to take effect.
| Package | Affected Version |
|---|---|
 pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
|
pkg:rpm/redhat/kernel-rt-trace?arch=x86_64&distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
|
pkg:rpm/redhat/kernel-rt-trace-devel?arch=x86_64&distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
|
pkg:rpm/redhat/kernel-rt-doc?distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
|
pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
|
pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
|
pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-7.2
|
< 3.10.0-327.4.5.rt56.206.el7_2 |
- ID
- RHSA-2016:0065
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2016:0065
- Published
-
2016-01-25T00:00:00
(8 years ago) - Modified
-
2016-01-25T00:00:00
(8 years ago) - Rights
- Copyright 2016 Red Hat, Inc.
- Other Advisories
-
-
ALAS-2016-642
-
DSA-3448-1
-
ELSA-2016-0064
-
ELSA-2016-3509
-
ELSA-2016-3510
-
FEDORA-2016-5d43766e33
-
FEDORA-2016-b59fd603be
-
RHSA-2016:0064
-
SUSE-SU-2016:0186-1
-
SUSE-SU-2016:0205-1
-
SUSE-SU-2016:0341-1
-
SUSE-SU-2016:0745-1
-
SUSE-SU-2016:0746-1
-
SUSE-SU-2016:0747-1
-
SUSE-SU-2016:0750-1
-
SUSE-SU-2016:0751-1
-
SUSE-SU-2016:0752-1
-
SUSE-SU-2016:0753-1
-
SUSE-SU-2016:0755-1
-
SUSE-SU-2016:0756-1
-
SUSE-SU-2016:0757-1
-
USN-2870-1
-
USN-2870-2
-
USN-2871-1
-
USN-2871-2
-
USN-2872-1
-
USN-2872-2
-
USN-2872-3
-
USN-2873-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 1297475 |
|
|
| RHSA | RHSA-2016:0065 |
|
|
| CVE | CVE-2016-0728 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-7.2 | redhat |
kernel-rt
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-rt-trace?arch=x86_64&distro=redhat-7.2 | redhat |
kernel-rt-trace
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-rt-trace-devel?arch=x86_64&distro=redhat-7.2 | redhat |
kernel-rt-trace-devel
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-rt-doc?distro=redhat-7.2 | redhat |
kernel-rt-doc
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | ||
| Affected | pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-7.2 | redhat |
kernel-rt-devel
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-7.2 | redhat |
kernel-rt-debug
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-7.2 | redhat |
kernel-rt-debug-devel
|
< 3.10.0-327.4.5.rt56.206.el7_2 | redhat-7.2 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |