Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:0345 - Security Advisory
Issued:
2017-02-28
Updated:
2017-02-28

RHSA-2017:0345 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important)

Red Hat would like to thank Andrey Konovalov (Google) for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 6.4 x86_64

Fixes

  • BZ - 1423071 - CVE-2017-6074 kernel: use after free in dccp protocol

CVEs

  • CVE-2017-6074

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.4

SRPM
kernel-2.6.32-358.77.1.el6.src.rpm SHA-256: 7d37a8677a8b9ba10b7baac5816ab3e96955b6568a25196bf2d7413bdc4321af
x86_64
kernel-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: ed005d72125e99271696591f76e4c90c3548a2a91e8f8d9170b771a08b17afb5
kernel-debug-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: fd704c9db687f1bd8e66f59ad855349fbf3a6cf6590b450c03ef4afa5234f202
kernel-debug-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 240ecdaab010ec5f48f5de11876d0813a06fac8b99759670a39b662614945ae1
kernel-debug-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 240ecdaab010ec5f48f5de11876d0813a06fac8b99759670a39b662614945ae1
kernel-debug-devel-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 198d9da447da86c7e9b093b0e601903c89e0c2b27e0994e2f73264ab8da704b9
kernel-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 8349ca41d7b9ac16ef07ee61dcae61f690203c55e98d2c1d25c6f06f5e514fff
kernel-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 8349ca41d7b9ac16ef07ee61dcae61f690203c55e98d2c1d25c6f06f5e514fff
kernel-debuginfo-common-x86_64-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: d34ac333690a65c5b5d661afbf5fe026e466f70d4634b3ebcaeff474a430f235
kernel-debuginfo-common-x86_64-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: d34ac333690a65c5b5d661afbf5fe026e466f70d4634b3ebcaeff474a430f235
kernel-devel-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: ec52ee9ba4cb9e0a7dac3f1a413ce5625964add76c9ed26ec93cafb5d404a29d
kernel-doc-2.6.32-358.77.1.el6.noarch.rpm SHA-256: a522fd60d2b2f538d7b3e04969077060d4bcba361e0da821a41acf4bcd6290c9
kernel-firmware-2.6.32-358.77.1.el6.noarch.rpm SHA-256: cd40fddb613591f5b6c63e620be1e89fa981f988cac1ec4ce8c5e1f7920d2ee4
kernel-headers-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 523a3b6972ca9ba5a0bb9918ce19eaee8343c5026fbbdec0e434a6579ed0a601
perf-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: f1dd1fa1994c6bc9801642cab1e07ea40123da4c221480648eeedf13d6dfd315
perf-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: a8d9b846dea806f610dc766256b4b629951a1cf8019f2c759937086f96cf2eeb
perf-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: a8d9b846dea806f610dc766256b4b629951a1cf8019f2c759937086f96cf2eeb
python-perf-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 64c5171ae4ac589d9cfd81874d2b470f66e63e00b4af4c2a8749ade5125789de
python-perf-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 734dead26ec84e5af842db1b9d9993c586c642e29ece811287cebd0805aa6710
python-perf-debuginfo-2.6.32-358.77.1.el6.x86_64.rpm SHA-256: 734dead26ec84e5af842db1b9d9993c586c642e29ece811287cebd0805aa6710

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter