Bug 1301893 (CVE-2016-2069)
Summary: | CVE-2016-2069 kernel: race condition in the TLB flush logic | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | aquini, dhoward, fhrbata, joelsmith, kernel-mgr, kstutsma, nmurray, plougher, rvrbovsk, slawomir, vdronov |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user could use a thread running with a stale cached virtual->physical translation to potentially escalate their privileges if the translation in question were writable and the physical page got reused for something critical (for example, a page table).
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-08 02:47:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1332601, 1332602, 1332603, 1332604 | ||
Bug Blocks: | 1301883 |
Description
Andrej Nemec
2016-01-26 09:58:16 UTC
Statement: This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2574 https://rhn.redhat.com/errata/RHSA-2016-2574.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2584 https://rhn.redhat.com/errata/RHSA-2016-2584.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2574 https://rhn.redhat.com/errata/RHSA-2016-2574.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2584 https://rhn.redhat.com/errata/RHSA-2016-2584.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0817 https://rhn.redhat.com/errata/RHSA-2017-0817.html |