Lucene search

K
redhatRedHatRHSA-2011:1065
HistoryJul 21, 2011 - 12:00 a.m.

(RHSA-2011:1065) Important: Red Hat Enterprise Linux 5.7 kernel security and bug fix update

2011-07-2100:00:00
access.redhat.com
18

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

50.5%

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

  • A flaw was found in the way the Xen hypervisor implementation handled
    instruction emulation during virtual machine exits. A malicious user-space
    process running in an SMP guest could trick the emulator into reading a
    different instruction than the one that caused the virtual machine to exit.
    An unprivileged guest user could trigger this flaw to crash the host. This
    only affects systems with both an AMD x86 processor and the AMD
    Virtualization (AMD-V) extensions enabled. (CVE-2011-1780, Important)

  • A flaw allowed the tc_fill_qdisc() function in the Linux kernel’s packet
    scheduler API implementation to be called on built-in qdisc structures. A
    local, unprivileged user could use this flaw to trigger a NULL pointer
    dereference, resulting in a denial of service. (CVE-2011-2525, Moderate)

  • A flaw was found in the way space was allocated in the Linux kernel’s
    Global File System 2 (GFS2) implementation. If the file system was almost
    full, and a local, unprivileged user made an fallocate() request, it could
    result in a denial of service. Note: Setting quotas to prevent users from
    using all available disk space would prevent exploitation of this flaw.
    (CVE-2011-2689, Moderate)

These updated kernel packages include a number of bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Refer to the Red Hat Enterprise Linux 5.7 Technical Notes for
information about the most significant bug fixes and enhancements included
in this update:

https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1065

All Red Hat Enterprise Linux 5 users are advised to install these updated
packages, which correct these issues. The system must be rebooted for this
update to take effect.

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

50.5%