神刀安全网

CVE-2016-0774 Linux Kernel moderate vulnerability

Back in June of 2015, CVE-2015-1805 a kernel patch was released to implement a fix for vectored pipe read and write functionality which could potentially result in memory corruption. A local, unprivileged user could use the flaw in an unpatched kernel to crash the system or escalate their privileges on the system.

Recently it was found that the fix for this issue incorrectly kept buffer offset/length in sync on a failed atomic read. This could result in a pipe buffer state corruption – and a local, unprivileged user could use this to crash the system / leak kernel memory to the user space.

This affects Red Hat / CentOS 6. Red Hat / CentOS 7 is not affected.

How to update

You can run the following command to see if an updated kernel package is available for you:

yuminfokernel 

It should show that there is a new update available. You can then install the update with this command:

yumupdatekernel 

Once updated, you should verify that the update you performed fixed this flaw by running the following command:

rpm -qa --changelogkernel|grep -i CVE-2016-0774 

You should see this in the output:

- [fs] pipe: fixoffsetand lenmismatchonpipe_iov_copy_to_userfailure (SethJennings) [1310148 1302223] {CVE-2016-0774} 

Important:After verifying that your kernel is patched for this vulnerability, you need to reboot your machine so that it comes up under the new kernel. This patch will not benefit you until you do.

More information

Here are the packages that are out there for this update:

i386: 017fef95ff3500570ac154d6f45fdc65647e3b4de5652553166a3e3edb331435  kernel-2.6.32-573.22.1.el6.i686.rpm 4483aa600ec1c1f105b1e45980835881e950b683e06458ae497021c91204c2fc  kernel-abi-whitelists-2.6.32-573.22.1.el6.noarch.rpm 714807a6369064aa725de1d945f434e4bb12906c1684aa4ba155ae47bcc99075  kernel-debug-2.6.32-573.22.1.el6.i686.rpm 5bef167c0e655bd35c36a4695bcaf6c3fc18f500f18b9920da9dacdc86138647  kernel-debug-devel-2.6.32-573.22.1.el6.i686.rpm 5b0397b95e8bf0c5215c5477a932bf53ae6325c99a43f671f24e6d27db2828dd  kernel-devel-2.6.32-573.22.1.el6.i686.rpm 8e7f84b2fec3ff4a8fe050494b9a1bb7c85d0da371cb5702849ba7329722fb4c  kernel-doc-2.6.32-573.22.1.el6.noarch.rpm bca504a4e5ce58b5bfceeccedb8c80a29a5e8a59e8816bbadec51e819cf4f7d2  kernel-firmware-2.6.32-573.22.1.el6.noarch.rpm 1d8bd830eb8ecfffefc0fb965909ef658cda6e8520646d3786bc924a4b3016b1  kernel-headers-2.6.32-573.22.1.el6.i686.rpm 0e6d7600436836674be8ea1dc8f0f0e4fbd4335a43d4c116f79019103df2f644  perf-2.6.32-573.22.1.el6.i686.rpm f76f572c24bbdf124e943183ac3d5527a43bf50ea5d7e9804c1ba7965805c86f  python-perf-2.6.32-573.22.1.el6.i686.rpm   x86_64: ed27297a1d0d1c622e13e6dd5776be6e57e49f26a3970896403aa033a3e44a18  kernel-2.6.32-573.22.1.el6.x86_64.rpm 4483aa600ec1c1f105b1e45980835881e950b683e06458ae497021c91204c2fc  kernel-abi-whitelists-2.6.32-573.22.1.el6.noarch.rpm 26dea12181fd0a7ed1ce63f5411859bcdd23013abbf6ae5e382a3dda547a8ce6  kernel-debug-2.6.32-573.22.1.el6.x86_64.rpm 5bef167c0e655bd35c36a4695bcaf6c3fc18f500f18b9920da9dacdc86138647  kernel-debug-devel-2.6.32-573.22.1.el6.i686.rpm c6181146fc54e88a039e52129e5a87da39d69d60baa1d9e4ff488a4e9824148f  kernel-debug-devel-2.6.32-573.22.1.el6.x86_64.rpm ce8cb773ef1d920226ca21357a99e5047189a10818c4e534668963d3b0c5b45b  kernel-devel-2.6.32-573.22.1.el6.x86_64.rpm 8e7f84b2fec3ff4a8fe050494b9a1bb7c85d0da371cb5702849ba7329722fb4c  kernel-doc-2.6.32-573.22.1.el6.noarch.rpm bca504a4e5ce58b5bfceeccedb8c80a29a5e8a59e8816bbadec51e819cf4f7d2  kernel-firmware-2.6.32-573.22.1.el6.noarch.rpm 1576e4fc10350ec5027eb0ec9b8f8201dda72393bbd3bc1dd0b2514b781fee29  kernel-headers-2.6.32-573.22.1.el6.x86_64.rpm a602b2d9616c86028ab1994981371415ac93321942245f8b9cb72ec127a3f567  perf-2.6.32-573.22.1.el6.x86_64.rpm 0d9f73e09d92777adefe895e44988e2fe377654d7b55f4822fd845c220121635  python-perf-2.6.32-573.22.1.el6.x86_64.rpm   Source: c773bc6fb5f553a200efc0f4ddd2c36ec5ae6879bee3707ab2c1939fae7781bf  kernel-2.6.32-573.22.1.el6.src.rpm 

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » CVE-2016-0774 Linux Kernel moderate vulnerability

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
分享按钮