RHEL 6 : kernel (RHSA-2015:0285)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated kernel packages that fix one security issue and three bugs are
now available for Red Hat Enterprise Linux 6.4 Extended Update
Support.

Red Hat Product Security has rated this update as having Important
security impact. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* A flaw was found in the way the Linux kernel's SCTP implementation
validated INIT chunks when performing Address Configuration Change
(ASCONF). A remote attacker could use this flaw to crash the system by
sending a specially crafted SCTP packet to trigger a NULL pointer
dereference on the system. (CVE-2014-7841, Important)

This issue was discovered by Liu Wei of Red Hat.

This update also fixes the following bugs :

* Due to several bugs in the network console logging, a race condition
between the network console send operation and the driver's IRQ
handler could occur, or the network console could access invalid
memory content. As a consequence, the respective driver, such as
vmxnet3, triggered a BUG_ON() assertion and the system terminated
unexpectedly. A patch addressing these bugs has been applied so that
driver's IRQs are disabled before processing the send operation and
the network console now accesses the RCU-protected (read-copy update)
data properly. Systems using the network console logging no longer
crashes due to the aforementioned conditions. (BZ#1165983)

* A bug in the vmxnet3 driver allowed potential race conditions to be
triggered when the driver was used with the netconsole module. The
race conditions allowed the driver's internal New API (NAPI) poll
routine to run concurrently with the netpoll controller routine, which
resulted in data corruption and a subsequent kernel panic. To fix this
problem, the vmxnet3 driver has been modified to call the appropriate
interrupt handler to schedule NAPI poll requests properly.
(BZ#1179594)

* Prior to this update, nfs_mark_return_delegation() was called
without any locking, resulting in unsafe dereferencing of
delegation->inode. Because the inode is only used to discover the
nfs_client, the callers now pass a valid pointer to the nfs_server as
a parameter. (BZ#1187637)

All kernel users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. The system
must be rebooted for this update to take effect.

See also :

https://www.redhat.com/security/data/cve/CVE-2014-7841.html
http://rhn.redhat.com/errata/RHSA-2015-0285.html

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Red Hat Local Security Checks

Nessus Plugin ID: 81625 ()

Bugtraq ID:

CVE ID: CVE-2014-7841

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now