(RHSA-2012:0571) Moderate: kernel security and bug fix update

2012-05-1500:00:00

access.redhat.com

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

25.1%

JSON

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

A flaw was found in the way the Linux kernel’s journal_unmap_buffer()
function handled buffer head states. On systems that have an ext4 file
system with a journal mounted, a local, unprivileged user could use this
flaw to cause a denial of service. (CVE-2011-4086, Moderate)
A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.
Calling this ioctl when at least one virtual CPU (VCPU) already existed
could lead to a NULL pointer dereference later when the VCPU is scheduled
to run. A local, unprivileged user on a KVM host could use this flaw to
crash the host. (CVE-2012-1601, Moderate)

This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat6ppc64kernel< 2.6.32-220.17.1.el6kernel-2.6.32-220.17.1.el6.ppc64.rpm
RedHat6ppc64python-perf-debuginfo< 2.6.32-220.17.1.el6python-perf-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
RedHat6i686kernel-headers< 2.6.32-220.17.1.el6kernel-headers-2.6.32-220.17.1.el6.i686.rpm
RedHat6ppc64kernel-debuginfo-common-ppc64< 2.6.32-220.17.1.el6kernel-debuginfo-common-ppc64-2.6.32-220.17.1.el6.ppc64.rpm
RedHat6ppc64kernel-debug-devel< 2.6.32-220.17.1.el6kernel-debug-devel-2.6.32-220.17.1.el6.ppc64.rpm
RedHat6x86_64kernel-debuginfo-common-x86_64< 2.6.32-220.17.1.el6kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
RedHat6i686kernel-debuginfo< 2.6.32-220.17.1.el6kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
RedHat6x86_64kernel-debug-devel< 2.6.32-220.17.1.el6kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm
RedHat6s390xkernel-devel< 2.6.32-220.17.1.el6kernel-devel-2.6.32-220.17.1.el6.s390x.rpm
RedHat6i686kernel-devel< 2.6.32-220.17.1.el6kernel-devel-2.6.32-220.17.1.el6.i686.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	ppc64	kernel	< 2.6.32-220.17.1.el6	kernel-2.6.32-220.17.1.el6.ppc64.rpm
RedHat	6	ppc64	python-perf-debuginfo	< 2.6.32-220.17.1.el6	python-perf-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
RedHat	6	i686	kernel-headers	< 2.6.32-220.17.1.el6	kernel-headers-2.6.32-220.17.1.el6.i686.rpm
RedHat	6	ppc64	kernel-debuginfo-common-ppc64	< 2.6.32-220.17.1.el6	kernel-debuginfo-common-ppc64-2.6.32-220.17.1.el6.ppc64.rpm
RedHat	6	ppc64	kernel-debug-devel	< 2.6.32-220.17.1.el6	kernel-debug-devel-2.6.32-220.17.1.el6.ppc64.rpm
RedHat	6	x86_64	kernel-debuginfo-common-x86_64	< 2.6.32-220.17.1.el6	kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
RedHat	6	i686	kernel-debuginfo	< 2.6.32-220.17.1.el6	kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
RedHat	6	x86_64	kernel-debug-devel	< 2.6.32-220.17.1.el6	kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm
RedHat	6	s390x	kernel-devel	< 2.6.32-220.17.1.el6	kernel-devel-2.6.32-220.17.1.el6.s390x.rpm
RedHat	6	i686	kernel-devel	< 2.6.32-220.17.1.el6	kernel-devel-2.6.32-220.17.1.el6.i686.rpm