Executive Summary

Summary
Title kernel security and bug fix update
Informations
Name RHSA-2016:2132 First vendor Publication 2016-11-01
Vendor RedHat Last vendor Modification 2016-11-01
Severity (Vendor) N/A Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 6.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important)

Red Hat would like to thank Phil Oester for reporting this issue.

Bug Fix(es):

* Previously, the BUG_ON() signal appeared in the fs_clear_inode() function where the nfs_have_writebacks() function reported a positive value for nfs_inode->npages. As a consequence, a kernel panic occurred. The provided patch performs a serialization by holding the inode i_lock over the check of PagePrivate and locking the request, which fixes this bug. (BZ#1365157)

4. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1384344 - CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2016-2132.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 4
Os 2
Os 2626
Os 3
Os 3
Os 3
Os 2
Os 1

SAINT Exploits

Description Link
Linux Dirty COW Local File Overwrite More info here

Snort® IPS/IDS

Date Description
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40566 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40565 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40564 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40563 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40562 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40561 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40560 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40543 - Revision : 2 - Type : OS-LINUX
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40542 - Revision : 2 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2018-04-18 Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-956.nasl - Type : ACT_GATHER_INFO
2018-02-22 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-956.nasl - Type : ACT_GATHER_INFO
2018-01-16 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZA-2018-004.nasl - Type : ACT_GATHER_INFO
2017-12-26 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-937.nasl - Type : ACT_GATHER_INFO
2017-12-12 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZA-2017-111.nasl - Type : ACT_GATHER_INFO
2017-12-12 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZA-2017-110.nasl - Type : ACT_GATHER_INFO
2017-12-12 Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZA-2017-109.nasl - Type : ACT_GATHER_INFO
2017-05-01 Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1051.nasl - Type : ACT_GATHER_INFO
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2017-02-22 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL10558632.nasl - Type : ACT_GATHER_INFO
2016-11-17 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0158.nasl - Type : ACT_GATHER_INFO
2016-11-15 Name : The remote Fedora host is missing a security update.
File : fedora_2016-c8a0c7eece.nasl - Type : ACT_GATHER_INFO
2016-11-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2133.nasl - Type : ACT_GATHER_INFO
2016-11-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2132.nasl - Type : ACT_GATHER_INFO
2016-11-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2126.nasl - Type : ACT_GATHER_INFO
2016-11-01 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-305-01.nasl - Type : ACT_GATHER_INFO
2016-11-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2128.nasl - Type : ACT_GATHER_INFO
2016-11-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2127.nasl - Type : ACT_GATHER_INFO
2016-10-31 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161028_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2016-10-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2124.nasl - Type : ACT_GATHER_INFO
2016-10-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2124.nasl - Type : ACT_GATHER_INFO
2016-10-31 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2124.nasl - Type : ACT_GATHER_INFO
2016-10-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2120.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2658-1.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2105.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1227.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2105.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2106.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2107.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2110.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2118.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2655-1.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2657-1.nasl - Type : ACT_GATHER_INFO
2016-10-27 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2659-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2636-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2633-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2098.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2105.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161025_Important__kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2585-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2592-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2593-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2596-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2614-1.nasl - Type : ACT_GATHER_INFO
2016-10-26 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2632-1.nasl - Type : ACT_GATHER_INFO
2016-10-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3107-2.nasl - Type : ACT_GATHER_INFO
2016-10-25 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161024_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2016-10-25 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2098.nasl - Type : ACT_GATHER_INFO
2016-10-25 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1211.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0149.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote Fedora host is missing a security update.
File : fedora_2016-c3558808cd.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote Fedora host is missing a security update.
File : fedora_2016-db4b75b352.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1212.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-3632.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-3633.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-3634.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0150.nasl - Type : ACT_GATHER_INFO
2016-10-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2098.nasl - Type : ACT_GATHER_INFO
2016-10-21 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-757.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Debian host is missing a security update.
File : debian_DLA-670.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3107-1.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3106-4.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3106-3.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3106-2.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3106-1.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3105-2.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3105-1.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3104-1.nasl - Type : ACT_GATHER_INFO
2016-10-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3696.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2018-01-05 09:26:24
  • Multiple Updates
2016-11-03 13:24:29
  • Multiple Updates
2016-11-01 17:23:44
  • First insertion