It was found that EINJ, error injection mechanism, is allowed even if securelevel, a prevention from userspace performing actions that undermine trust in the platform, is enabled. This can have undesirable side-effects, such as causing the platform to mark hardware as needing replacement. Product bug: https://bugzilla.redhat.com/show_bug.cgi?id=1321639 Upstream patch: https://github.com/mjg59/linux/commit/d7a6be58edc01b1c66ecd8fcc91236bfbce0a420
Acknowledgments: Name: Linn Crosetto (HP)
Internal CVE assignment: CVE-2016-3695
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 as the code with the flaw is not present in the products listed. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.