Red Hat Enterprise MRG 2 update for kernel-rt

1) Resource management error

EUVDB-ID: #VU21057

Risk: Low

CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-11487

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a reference count overflow in page->_refcount that leads to a use-after-free error on systems with more than 140 GiB of RAM. A local user can send specially crafted FUSE requests that may lead to denial of service conditions.

The vulnerability is related to code in fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c files.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

kernel-rt (Red Hat package): 3.10.0-229.rt56.144.el6rt - 3.10.0-693.67.1.rt56.665.el6rt

MRG Realtime: 2

CPE2.3

• cpe:2.3:o:red_hat:kernel-rt_redhat_package:3.10.0-693.67.1.rt56.665.el6rt:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel-rt_redhat_package:3.10.0-693.65.1.rt56.663.el6rt:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel-rt_redhat_package:3.10.0-693.64.1.rt56.662.el6rt:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:a:red_hat:mrg_realtime:2:*:*:*:*:*:*:

External links

http://access.redhat.com/errata/RHSA-2020:3266

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.