Executive Summary
Summary | |
---|---|
Title | kernel security, bug fix, and enhancement update |
Informations | |||
---|---|---|---|
Name | RHSA-2016:1100 | First vendor Publication | 2016-05-24 |
Vendor | RedHat | Last vendor Modification | 2016-05-24 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An update for kernel is now available for Red Hat Enterprise Linux 6.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.6) - i386, ppc64, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. (CVE-2015-5364, CVE-2015-5366, Important) Bug Fix(es): * In anon_vma data structure, the degree counts number of child anon_vmas and of VMAs that point to this anon_vma. In the unlink_anon_vma() function, when its list is empty, anon_vma is going to be freed whether the external refcount is zero or not, so the parent's degree should be decremented. However, failure to decrement the degree triggered a BUG_ON() signal in unlink_anon_vma(). The provided patch fixes this bug, and the degree is now decremented as expected. (BZ#1326027) Enhancement(s): * The ixgbe NIC driver has been upgraded to upstream version 4.2.1, which provides a number of bug fixes and enhancements over the previous version. Notably: NULL pointer crashes related to VLAN support have been fixed Two more devices from the Intel X550 Ethernet controller family are now supported: IDs 15AC and 15AD Several PHY-related problems have been addressed: link disruptions and link flapping Added PHY-related support for Intel X550 System performance has been improved (BZ#1315702) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1239029 - CVE-2015-5366 CVE-2015-5364 kernel: net: incorrect processing of checksums in UDP implementation |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2016-1100.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-03 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO |
2017-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17309.nasl - Type : ACT_GATHER_INFO |
2017-02-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17307.nasl - Type : ACT_GATHER_INFO |
2016-06-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-1225.nasl - Type : ACT_GATHER_INFO |
2016-05-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-1100.nasl - Type : ACT_GATHER_INFO |
2016-05-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-1096.nasl - Type : ACT_GATHER_INFO |
2016-03-18 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0037.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2016-124.nasl - Type : ACT_GATHER_INFO |
2016-01-21 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2016-0045.nasl - Type : ACT_GATHER_INFO |
2016-01-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2016-0045.nasl - Type : ACT_GATHER_INFO |
2016-01-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2016-0045.nasl - Type : ACT_GATHER_INFO |
2016-01-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20160119_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2015-11-16 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0147.nasl - Type : ACT_GATHER_INFO |
2015-11-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-3098.nasl - Type : ACT_GATHER_INFO |
2015-11-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1778.nasl - Type : ACT_GATHER_INFO |
2015-10-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1778.nasl - Type : ACT_GATHER_INFO |
2015-10-06 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1678-1.nasl - Type : ACT_GATHER_INFO |
2015-09-24 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1611-1.nasl - Type : ACT_GATHER_INFO |
2015-09-22 | Name : The remote Debian host is missing a security update. File : debian_DLA-310.nasl - Type : ACT_GATHER_INFO |
2015-09-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1788.nasl - Type : ACT_GATHER_INFO |
2015-09-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1787.nasl - Type : ACT_GATHER_INFO |
2015-09-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150915_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2015-09-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1778.nasl - Type : ACT_GATHER_INFO |
2015-09-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1478-1.nasl - Type : ACT_GATHER_INFO |
2015-08-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2713-1.nasl - Type : ACT_GATHER_INFO |
2015-08-18 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0114.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-543.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-3071.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-3072.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-3073.nasl - Type : ACT_GATHER_INFO |
2015-08-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-1623.nasl - Type : ACT_GATHER_INFO |
2015-08-14 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20150813_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2015-08-14 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-1623.nasl - Type : ACT_GATHER_INFO |
2015-08-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-1623.nasl - Type : ACT_GATHER_INFO |
2015-08-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3329.nasl - Type : ACT_GATHER_INFO |
2015-08-03 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1324-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2685-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2684-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2683-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2682-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2681-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2680-1.nasl - Type : ACT_GATHER_INFO |
2015-07-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3313.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-565.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-05-26 13:27:47 |
|
2016-05-24 21:25:27 |
|