SB2019120308 - Red Hat update for kernel-rt

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Race condition (CVE-ID: CVE-2017-10661)

The vulnerability allows a local attacker to gain elevated privileges or cause DoS condition on the target system.

The weakness exists due to race condition in fs/timerfd.c in the Linux kernel. A local attacker can use simultaneous file-descriptor operations, leverage improper might_cancel queueing, trigger list corruption or use-after-free and cause the service to crash or execute arbitrary code with root privileges.

2) Infinite loop (CVE-ID: CVE-2017-18208)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists in the madvise_willneed function due to infinite loop. A local attacker can trigger use of MADVISE_WILLNEED for a DAX mapping and cause the service to crash.

3) Use-after-free (CVE-ID: CVE-2019-11811)

The vulnerability allows a local usre to elevate privileges on the system.

The vulnerability exists due to a use-after-free error when trying to read data from /proc/ioports after the ipmi_si module is removed (related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c). A local user can exploit this issue to elevate privileges on the system.

4) Information disclosure (CVE-ID: CVE-2019-5489)

The vulnerability allows a local attacker to gain access to potentially sensitive information.

The vulnerability exists due to a flaw in the mincore() implementation in mm/mincore.c. A local attacker can observe page cache access patterns of other processes on the same system and sniff secret information.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2019:4057