logo
DATABASE RESOURCES PRICING ABOUT US

Medium: kernel

Description

**Issue Overview:** When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes (Denial of Service), or in-guest information leaks. (CVE-2016-3157) In some cases, the kernel did not correctly fix backward jumps in a new eBPF program, which could allow arbitrary reads. (CVE-2016-2383) The kernel incorrectly accounted for the number of in-flight fds over a unix domain socket to the original opener of the file descriptor. Another process could arbitrarily deplete the original file opener's maximum open files resource limit. (CVE-2016-2550) A resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). (CVE-2016-2847) **Affected Packages:** kernel **Issue Correction:** Run _yum update kernel_ to update your system. **New Packages:** i686:     perf-debuginfo-4.1.19-24.31.amzn1.i686     kernel-headers-4.1.19-24.31.amzn1.i686     kernel-devel-4.1.19-24.31.amzn1.i686     kernel-debuginfo-common-i686-4.1.19-24.31.amzn1.i686     kernel-tools-devel-4.1.19-24.31.amzn1.i686     kernel-tools-debuginfo-4.1.19-24.31.amzn1.i686     kernel-tools-4.1.19-24.31.amzn1.i686     kernel-4.1.19-24.31.amzn1.i686     kernel-debuginfo-4.1.19-24.31.amzn1.i686     perf-4.1.19-24.31.amzn1.i686 noarch:     kernel-doc-4.1.19-24.31.amzn1.noarch src:     kernel-4.1.19-24.31.amzn1.src x86_64:     kernel-tools-debuginfo-4.1.19-24.31.amzn1.x86_64     kernel-tools-devel-4.1.19-24.31.amzn1.x86_64     kernel-devel-4.1.19-24.31.amzn1.x86_64     kernel-headers-4.1.19-24.31.amzn1.x86_64     kernel-debuginfo-common-x86_64-4.1.19-24.31.amzn1.x86_64     kernel-tools-4.1.19-24.31.amzn1.x86_64     kernel-4.1.19-24.31.amzn1.x86_64     perf-4.1.19-24.31.amzn1.x86_64     perf-debuginfo-4.1.19-24.31.amzn1.x86_64     kernel-debuginfo-4.1.19-24.31.amzn1.x86_64 ### Additional References Red Hat: [CVE-2016-2383](<https://access.redhat.com/security/cve/CVE-2016-2383>), [CVE-2016-2550](<https://access.redhat.com/security/cve/CVE-2016-2550>), [CVE-2016-2847](<https://access.redhat.com/security/cve/CVE-2016-2847>), [CVE-2016-3157](<https://access.redhat.com/security/cve/CVE-2016-3157>) Mitre: [CVE-2016-2383](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2383>), [CVE-2016-2550](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2550>), [CVE-2016-2847](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2847>), [CVE-2016-3157](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3157>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 perf-debuginfo 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-headers 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-devel 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-debuginfo-common-i686 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-tools-devel 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-tools-debuginfo 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-tools 4.1.19-24.31.amzn1
Amazon Linux 1 kernel 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-debuginfo 4.1.19-24.31.amzn1
Amazon Linux 1 perf 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-doc 4.1.19-24.31.amzn1
Amazon Linux 1 kernel 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-tools-debuginfo 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-tools-devel 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-devel 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-headers 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-debuginfo-common-x86_64 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-tools 4.1.19-24.31.amzn1
Amazon Linux 1 kernel 4.1.19-24.31.amzn1
Amazon Linux 1 perf 4.1.19-24.31.amzn1
Amazon Linux 1 perf-debuginfo 4.1.19-24.31.amzn1
Amazon Linux 1 kernel-debuginfo 4.1.19-24.31.amzn1

Related