Warning: this is an old version of RHEL6 kernel. For the latest version, see Download/kernel/rhel6/042stab145.3. |
Based on | RHEL6 2.6.32 |
---|---|
Status | stable, maintained |
End Of Life | Nov 2019 |
Latest | 042stab145.3 |
Archives | RHEL6 |
Contents
ChangesEdit
Since 042stab130.1:
- Rebase to RHEL6u10 kernel 2.6.32-754.el6
- [Important] The do_get_mempolicy() function in 'mm/mempolicy.c' in the Linux kernel allows local users to hit a use-after-free bug via crafted system calls and thus cause a denial of service (DoS) or possibly have unspecified other impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2018-10675)
- [Moderate] It was found that AIO interface didn't use the proper rw_verify_area() helper function with extended functionality, for example, mandatory locking on the file. Also rw_verify_area() makes extended checks, for example, that the size of the access doesn't cause overflow of the provided offset limits. This integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. (CVE-2012-6701)
- [Moderate] Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression. (CVE-2015-8830)
- [Moderate] A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650)
- [Moderate] A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system. (CVE-2017-2671)
- [Moderate] It was found that the original fix for CVE-2016-6786 was incomplete. There exist a race between two concurrent sys_perf_event_open() calls when both try and move the same pre-existing software group into a hardware context. (CVE-2017-6001)
- [Moderate] Incorrect error handling in the set_mempolicy() and mbind() compat syscalls in 'mm/mempolicy.c' in the Linux kernel allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. (CVE-2017-7616)
- [Moderate] The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c. (CVE-2017-7889)
- [Moderate] It was found that in the Linux kernel through v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bio_add_pc_page() merges them into one, but the page reference is never dropped, causing a memory leak and possible system lockup due to out-of-memory condition. (CVE-2017-12190)
- [Moderate] The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dm_get_from_kobject() which can be caused by local users leveraging a race condition with __dm_destroy() during creation and removal of DM devices. Only privileged local users (with CAP_SYS_ADMIN capability) can directly perform the ioctl operations for dm device creation and removal and this would typically be outside the direct control of the unprivileged attacker. (CVE-2017-18203)
- [Moderate] An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS. (CVE-2018-5803)
- [Low] Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory. (CVE-2018-7757)
- Reloading the nf_conntrack module could result in node crash. (PSBM-85938)
See alsoEdit
RPMsEdit
x86 (i686, IA32)Edit
File | Date | Size |
---|---|---|
vzkernel-2.6.32-042stab131.1.i686.rpm | 2018-06-25 14:01:51 | 33 Mb |
vzkernel-devel-2.6.32-042stab131.1.i686.rpm | 2018-06-25 14:01:58 | 10 Mb |
vzkernel-headers-2.6.32-042stab131.1.i686.rpm | 2018-06-25 14:02:00 | 4 Mb |
vzkernel-debug-2.6.32-042stab131.1.i686.rpm | 2018-06-25 14:01:56 | 34 Mb |
vzkernel-debug-devel-2.6.32-042stab131.1.i686.rpm | 2018-06-25 14:01:58 | 10 Mb |
vzkernel-firmware-2.6.32-042stab131.1.noarch.rpm | 2018-06-25 14:02:00 | 33 Mb |
x86_64 (AMD64, EM64T)Edit
File | Date | Size |
---|---|---|
vzkernel-2.6.32-042stab131.1.x86_64.rpm | 2018-06-25 14:01:55 | 35 Mb |
vzkernel-devel-2.6.32-042stab131.1.x86_64.rpm | 2018-06-25 14:01:59 | 10 Mb |
vzkernel-headers-2.6.32-042stab131.1.x86_64.rpm | 2018-06-25 14:02:00 | 4 Mb |
vzkernel-debug-2.6.32-042stab131.1.x86_64.rpm | 2018-06-25 14:01:57 | 36 Mb |
vzkernel-debug-devel-2.6.32-042stab131.1.x86_64.rpm | 2018-06-25 14:01:58 | 10 Mb |
vzkernel-firmware-2.6.32-042stab131.1.noarch.rpm | 2018-06-25 14:02:00 | 33 Mb |
sourceEdit
File | Date | Size |
---|---|---|
vzkernel-2.6.32-042stab131.1.src.rpm | 2018-06-25 14:01:54 | 129 Mb |
kernel.spec | 2018-06-25 12:58:28 | 4 Mb |
DEBsEdit
AMD64 (x86_64, EM64T)Edit
File | Date | Size |
---|---|---|
linux-image-2.6.32-openvz-042stab131.1-amd64_1_amd64.deb | 2018-06-25 12:57:39 | 66 Mb |
linux-headers-2.6.32-openvz-042stab131.1-amd64_1_amd64.deb | 2018-06-25 12:57:38 | 7 Mb |
linux-image-openvz-amd64_042stab131.1_amd64.deb | 2018-06-25 12:57:40 | 3 Kb |
linux-source-2.6.32-openvz-042stab131.1-amd64_1_all.deb | 2018-06-25 12:57:42 | 134 Mb |
x86 (i686, IA32)Edit
File | Date | Size |
---|---|---|
linux-image-2.6.32-openvz-042stab131.1-i386-686_1_i386.deb | 2018-06-25 12:57:40 | 63 Mb |
linux-headers-2.6.32-openvz-042stab131.1-i386_1_i386.deb | 2018-06-25 12:57:38 | 7 Mb |
linux-image-openvz-i386_042stab131.1_i386.deb | 2018-06-25 12:57:40 | 3 Kb |
linux-source-2.6.32-openvz-042stab131.1-i386_1_all.deb | 2018-06-25 12:57:45 | 134 Mb |
Kernel patchEdit
This patch is applicable to vanilla Linux 2.6.32 kernel (not to 2.6.32.y), available from kernel.org.
File | Date | Size |
---|---|---|
patch-042stab131.1-combined.gz (signature) | 2018-06-25 13:01:10 | 88 Mb |
ConfigsEdit
Official configs of this OpenVZ kernel used to build binaries.
File | Date | Size |
---|---|---|
config-2.6.32-042stab131.1.debug.i686 | 2018-06-25 13:02:44 | 111 Kb |
config-2.6.32-042stab131.1.debug.x86_64 | 2018-06-25 13:02:51 | 107 Kb |
config-2.6.32-042stab131.1.i686 | 2018-06-25 13:02:29 | 111 Kb |
config-2.6.32-042stab131.1.x86_64 | 2018-06-25 13:02:36 | 106 Kb |
ArchivesEdit
For other rhel6 kernel releases, see download/kernel/rhel6/Archives.
For other kernel branches, see download/kernel.