Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2017:0295 - Security Advisory
Issued:
2017-02-22
Updated:
2017-03-06

RHSA-2017:0295 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1423071 - CVE-2017-6074 kernel: use after free in dccp protocol

CVEs

  • CVE-2017-6074

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-514.6.1.rt56.430.el7.src.rpm SHA-256: d76fc19d6fa9d1256762e4056d7da088c15a0f49414e5fe92b4dce8f6a277f3b
x86_64
kernel-rt-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: f677096559d604b490608add3e3ff292cd3b574eb749f5b32768d3c153e52505
kernel-rt-debug-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: d5c0cede15ea09601e99d45077d606dfb23fc1819d4e7b0aea35bfd1f6340ba3
kernel-rt-debug-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: dd3cca7cb16beea7588e452d5e8f40e96fbc805c3e83be7a6958fe2d2c955b6d
kernel-rt-debug-devel-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: ead230ec0f9aedb13e73634c5d0288777b51083acdc5d969a7bb10d32f72fa8d
kernel-rt-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 0882f15fe4afc2a6907856ac6ca90bed5a67924170698434e1faffaac6d5e4b6
kernel-rt-debuginfo-common-x86_64-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: bef82ecef8899baa7cea49f45117e62c554a8925c39aeafdc3b5258fb57dc189
kernel-rt-devel-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 27a72e2586980ce3e87bd1ca1443c114fed8b3fffdbef788371190fa2b151a8a
kernel-rt-doc-3.10.0-514.6.1.rt56.430.el7.noarch.rpm SHA-256: 0aad4ad15aa8f92a15f1cdb1bf37fba6c7c0e40c654543bf519f6e9fa7521317
kernel-rt-trace-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: c2fa96629a52a5c1c88724872d72e343da1044c545fd838eb57f585eda8dc3ca
kernel-rt-trace-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: f3d431b517fd27b24a8a54e21cd1898a31f2509fbde7038cbe70bcbff2d438d7
kernel-rt-trace-devel-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 006e8c399d4b62f3470180d785227e4b9ca05e6659cc98062d50635a669451c6

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-514.6.1.rt56.430.el7.src.rpm SHA-256: d76fc19d6fa9d1256762e4056d7da088c15a0f49414e5fe92b4dce8f6a277f3b
x86_64
kernel-rt-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: f677096559d604b490608add3e3ff292cd3b574eb749f5b32768d3c153e52505
kernel-rt-debug-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: d5c0cede15ea09601e99d45077d606dfb23fc1819d4e7b0aea35bfd1f6340ba3
kernel-rt-debug-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: dd3cca7cb16beea7588e452d5e8f40e96fbc805c3e83be7a6958fe2d2c955b6d
kernel-rt-debug-devel-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: ead230ec0f9aedb13e73634c5d0288777b51083acdc5d969a7bb10d32f72fa8d
kernel-rt-debug-kvm-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: a3bdab4f1b3170c413c5e9d99dfae735add9de4f3349804e97bb7a2b8e175334
kernel-rt-debug-kvm-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: e16626d8cb9f1f2b3d0db190e5ecde679e95ab4084caa2994eee889ed011808d
kernel-rt-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 0882f15fe4afc2a6907856ac6ca90bed5a67924170698434e1faffaac6d5e4b6
kernel-rt-debuginfo-common-x86_64-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: bef82ecef8899baa7cea49f45117e62c554a8925c39aeafdc3b5258fb57dc189
kernel-rt-devel-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 27a72e2586980ce3e87bd1ca1443c114fed8b3fffdbef788371190fa2b151a8a
kernel-rt-doc-3.10.0-514.6.1.rt56.430.el7.noarch.rpm SHA-256: 0aad4ad15aa8f92a15f1cdb1bf37fba6c7c0e40c654543bf519f6e9fa7521317
kernel-rt-kvm-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 66d9f45e1acbc74500190e9e848a770f1dd71e81785ba444d15356c20e895c44
kernel-rt-kvm-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: dfe76fe991583b9f09beb9ae18a076ec36f664e58ec5adac2792b00f00712a13
kernel-rt-trace-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: c2fa96629a52a5c1c88724872d72e343da1044c545fd838eb57f585eda8dc3ca
kernel-rt-trace-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: f3d431b517fd27b24a8a54e21cd1898a31f2509fbde7038cbe70bcbff2d438d7
kernel-rt-trace-devel-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: 006e8c399d4b62f3470180d785227e4b9ca05e6659cc98062d50635a669451c6
kernel-rt-trace-kvm-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: bc0fe1a1d895bfb9bd518fd9c711db3577dcd233330599b7acd8a43c637dc7a6
kernel-rt-trace-kvm-debuginfo-3.10.0-514.6.1.rt56.430.el7.x86_64.rpm SHA-256: fbc3390ce890594c22d9b65bcec69111cf3758112ae69c56cb19fe0d7da56bd4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter