10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.059 Low
EPSS
Percentile
92.3%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
A use-after-free flaw was found in the way the Linux kernel’s SCTP
implementation handled authentication key reference counting during INIT
collisions. A remote attacker could use this flaw to crash the system or,
potentially, escalate their privileges on the system. (CVE-2015-1421,
Important)
It was found that the Linux kernel’s implementation of vectored pipe read
and write functionality did not take into account the I/O vectors that were
already processed when retrying after a failed atomic access operation,
potentially resulting in memory corruption due to an I/O vector array
overrun. A local, unprivileged user could use this flaw to crash the system
or, potentially, escalate their privileges on the system. (CVE-2015-1805,
Important)
The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat, and the
security impact of the CVE-2015-1805 issue was discovered by Red Hat.
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | kernel-debug-devel | < 2.6.32-220.63.2.el6 | kernel-debug-devel-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | x86_64 | kernel | < 2.6.32-220.63.2.el6 | kernel-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | x86_64 | kernel-debug-debuginfo | < 2.6.32-220.63.2.el6 | kernel-debug-debuginfo-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | src | kernel | < 2.6.32-220.63.2.el6 | kernel-2.6.32-220.63.2.el6.src.rpm |
RedHat | 6 | x86_64 | python-perf | < 2.6.32-220.63.2.el6 | python-perf-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | x86_64 | kernel-debuginfo-common-x86_64 | < 2.6.32-220.63.2.el6 | kernel-debuginfo-common-x86_64-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | noarch | kernel-firmware | < 2.6.32-220.63.2.el6 | kernel-firmware-2.6.32-220.63.2.el6.noarch.rpm |
RedHat | 6 | x86_64 | perf-debuginfo | < 2.6.32-220.63.2.el6 | perf-debuginfo-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | x86_64 | python-perf-debuginfo | < 2.6.32-220.63.2.el6 | python-perf-debuginfo-2.6.32-220.63.2.el6.x86_64.rpm |
RedHat | 6 | noarch | kernel-doc | < 2.6.32-220.63.2.el6 | kernel-doc-2.6.32-220.63.2.el6.noarch.rpm |