Title

Kernel Security Update (Cat I impact)

Discussion

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195) Issue Date: 2016-10-25:

Check Content

Run the following commands to determine kernel version: # rpm -qi kernel # rpm -qi kernel-abi-whitelists # rpm -qi kernel-bootwrapper # rpm -qi kernel-debug # rpm -qi kernel-debug-devel # rpm -qi kernel-devel # rpm -qi kernel-doc # rpm -qi kernel-firmware # rpm -qi kernel-headers # rpm -qi kernel-kdump # rpm -qi kernel-kdump-devel # rpm -qi perf # rpm -qi python-perf If any of the above packages are installed, check the Version/Release and Key ID. If the Version/Release is earlier than 2.6.32-642.6.2.el6 and the Key ID is 199e2f91fd431d51, this is a finding.

Fix Text

Upgrade any Kernel package to a version greater than 2.6.32-642.6.2.el6

Additional Identifiers

Rule ID:

Vulnerability ID: CVE-2016-5195

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.