Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.0274 Important: kernel-alt security and bug fix update 29 January 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel-alt Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Impact/Access: Root Compromise -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2017-1000405 CVE-2016-5195 Reference: ASB-2018.0011 ASB-2016.0103 ESB-2017.2575 ESB-2017.1513 ESB-2017.1232 ESB-2016.2480 ESB-2016.2473 ESB-2016.2469 ESB-2016.2447 Original Bulletin: https://access.redhat.com/errata/RHSA-2018:0180 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-alt security and bug fix update Advisory ID: RHSA-2018:0180-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0180 Issue date: 2018-01-25 CVE Names: CVE-2017-1000405 ===================================================================== 1. Summary: An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le 3. Description: The kernel-alt packages provide the Linux kernel version 4.x. Security Fix(es): * A flaw was found in the patches used to fix the 'dirtycow' vulnerability (CVE-2016-5195). An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages. (CVE-2017-1000405) Red Hat would like to thank Eylon Ben Yaakov and Daniel Shapiro for reporting this issue. Bug Fix(es): * Previously, Red Hat Enterprise Linux 7.4 with the kernel version provided by the kernel-alt package, did not support turning off transactional memory (TM) on the POWER9 systems. With this update it is now possible to turn off TM on the POWER9 systems. (BZ#1509974) * Due to a bug in the ixgbe and i40e drivers, the socket buffer list (skb list) in some cases got corrupted when running Red Hat Enterprise Linux 7.4 with the kernel version provided by the kernel-alt package on the POWER9 systems. Consequently, a kernel panic occurred. This update fixes ixgbe and i40e, and the kernel no longer panics due to this behavior. (BZ#1518412) * Users can lower the max_sectors_kb setting in the sysfs file system to accommodate certain workloads. Previously, users needed to set the maximum I/O size to either the block layer default or the optional preferred I/O size reported by the device. This update fixes the scsi driver to keep the current heuristic function for the initial setting of max_sectors_kb. As a result, for subsequent invocations, the driver now only updates the current queue limit if it exceeds the capabilities of the hardware. (BZ#1518432) * When performing full-bootme tests on Boston ESS systems running Red Hat Enterprise Linux 7.4 with the kernel version provided in the kernel-alt package, a kernel panic occurred and the operating system dropped into the XMON software. This update fixes the Multi-Queue Block IO Queueing Mechanism (blk-mq), and the kernel no longer panics in these circumstances. (BZ#1518433) * When running the stress test on the file system with the gssstress command, and pulling one disk from one recovery group, "kernel I/O error" was reported, and gssstress became unresponsive. Gssstress now works as expected under the described circumstances. (BZ#1522645) * When using the fwupdate_xl710 utility to apply updates for NVM Intel Ethernet Converged Network Adapter XL710 on machines running Red Hat Enterpise Linux 7.4 with the kernel version provided in the kernel-alt package, a deadlock sometimes occurred when the i40e driver was acquiring access to the Non-Volatile Memory (NVM) of the device. Consequently, NVM acquire timeouts occurred, the firmware update failed with the following error message: "Failed Acquiring NVM resource for read err=-53 status=0xa", and left the device's memory in a corrupted state. This update fixes the i40e driver, and the firmware updates no longer fail due to this behavior. (BZ#1522843) * Previously, on POWER9 systems with more than 100 Pstates, the cpufreq driver did not handle the cases when the NxN matrix denominated transition table (trans_table) overflowed beyond the PAGE_SIZE boundary correctly. Consequently, reading trans_table for any of the CPUs failed with the following error: "fill_read_buffer: show+0x0/0xa0 returned bad count" With this update reading trans_table for any of the CPUs now proceeds as expected under the described circumstances. (BZ#1522844) * Previously, the /sys/firmware/opal/exports directory did not contain an export node. Consequently, a range of memory in the Open Power Abstraction Layer (OPAL) that the operating system attempted to export to user space for debugging purposes was not available. With this update the sysfs file under /sys/firmware/opal/exports is now available for each property found there, and this file can be used for debugging purposes. (BZ#1522845) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1516514 - CVE-2017-1000405 kernel: pmd can become dirty without going through a COW cycle 6. Package List: Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: kernel-alt-4.11.0-44.4.1.el7a.src.rpm aarch64: kernel-debug-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debug-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debug-devel-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.11.0-44.4.1.el7a.aarch64.rpm kernel-devel-4.11.0-44.4.1.el7a.aarch64.rpm kernel-headers-4.11.0-44.4.1.el7a.aarch64.rpm kernel-tools-4.11.0-44.4.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm kernel-tools-libs-4.11.0-44.4.1.el7a.aarch64.rpm perf-4.11.0-44.4.1.el7a.aarch64.rpm perf-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm python-perf-4.11.0-44.4.1.el7a.aarch64.rpm python-perf-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm noarch: kernel-abi-whitelists-4.11.0-44.4.1.el7a.noarch.rpm kernel-doc-4.11.0-44.4.1.el7a.noarch.rpm ppc64le: kernel-bootwrapper-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debug-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debug-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debug-devel-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-devel-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-headers-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-tools-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-tools-libs-4.11.0-44.4.1.el7a.ppc64le.rpm perf-4.11.0-44.4.1.el7a.ppc64le.rpm perf-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm python-perf-4.11.0-44.4.1.el7a.ppc64le.rpm python-perf-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: kernel-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debug-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.11.0-44.4.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm kernel-tools-libs-devel-4.11.0-44.4.1.el7a.aarch64.rpm perf-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm python-perf-debuginfo-4.11.0-44.4.1.el7a.aarch64.rpm noarch: kernel-abi-whitelists-4.11.0-44.4.1.el7a.noarch.rpm kernel-doc-4.11.0-44.4.1.el7a.noarch.rpm ppc64le: kernel-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debug-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm kernel-tools-libs-devel-4.11.0-44.4.1.el7a.ppc64le.rpm perf-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm python-perf-debuginfo-4.11.0-44.4.1.el7a.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-1000405 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFaabkOXlSAg2UNWIIRArAGAJ9fUzct/j40OFP7ZR+PK14Uobw58gCgt6es W55J3Gj30QEoRadSMvBj+eE= =zkL/ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWm6AHYx+lLeg9Ub1AQj5RA/9HURbG0mm8xHzQwam9qLNaJ0xholfYBW9 +5ixyLRALU3+WQDbTKINwZLTz62+T4b4ic7o8JerBtmQoJ1f+6KkqPSSLm7HlfBX gID7HcW7/GBO23DGqKMWrmbUxhBjFsFn1Pgaq93hJMxXiezIORHpCNKTnDTMeUOb wknxAvZXydGXz8K2euic6wX4fhL263fcX9FPzrq2QeSAONzvKudOFZZ4X6DX9z5n pJtQvS3GU+rSTHNE+JAG2MhbtgcXl0KCU62JwvcMYygFjFWWjU30BHlRdiaoUkyt eQDz1y0/EWC7EJNmeELHPfejh5wB2JtxqyY/gu34Zcphdu51FzSIk7+heY8qIGfI +cF618TxI9t6TvfRikijUU7MlksTuXhh04uHlJ3+BFXUb8qh7j0TnSGhjIWGbTa4 nMTfCUJRR3momDl6dbI5W0+s8niFw13qxR9DxfMkiXNeWiJW84OQCX1NGD0iWQ3O As7ThNA3H3CbN95K9I4ry15QQApd6mkvAAfJWYDRNsmMbzREerMovrl08dT7ruMv ejFQtT7Za8/9EDr1MUrIOuW24Wub89oPsTAR3YiDUeEo9sT1YBqefFgImlVfHTeV bArFK/mK8wHSU4Onn0j5jOjvIEIACrLSr2m3d82kBiPSwop1ucfe5dZ7IDbjm/Jq 1JxVn0DAlvg= =Q+po -----END PGP SIGNATURE-----