Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Tower
      • Red Hat Ansible Engine
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat Cloud Infrastructure
      • Red Hat Cloud Suite
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat OpenShift Application Runtimes
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Container-Native Storage
    • JBoss Development and Management
      • Back
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat JBoss Data Grid
      • Red Hat JBoss Web Server
      • Red Hat JBoss Operations Network
      • Red Hat JBoss Developer Studio
    • JBoss Integration and Automation
      • Back
      • Red Hat JBoss Data Virtualization
      • Red Hat JBoss Fuse
      • Red Hat JBoss AMQ
      • Red Hat JBoss BPM Suite
      • Red Hat Decision Manager
      • Red Hat 3scale API Management Platform
    • Mobile
      • Back
      • Red Hat Mobile Application Platform
    • Enterprise-ready containers
    • Search the Red Hat Container Catalog
    • Support
    • Production Support
    • Development Support
    • Product Life Cycle & Update Policies
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem
    • Browse Certified Solutions
    • Partner Resources
  • Tools
    • Back
    • Red Hat Insights
    • Learn More
    • Red Hat Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Troubleshooting
    • Security
    • Additional Tools
    • Red Hat Access plug-ins
    • Red Hat Satellite Certificate Tool
  • Security
    • Back
    • Product Security Center
    • Spectre & Meltdown Detector
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • Newsletter and Contact Preferences
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • Español
    • Deutsch
    • Italiano
    • 한국어
    • Français
    • 日本語
    • Português
    • 中文 (中国)
    • русский
Red Hat Logo Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Tower
      • Red Hat Ansible Engine
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat Cloud Infrastructure
      • Red Hat Cloud Suite
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat OpenShift Application Runtimes
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Container-Native Storage
    • JBoss Development and Management
      • Back
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat JBoss Data Grid
      • Red Hat JBoss Web Server
      • Red Hat JBoss Operations Network
      • Red Hat JBoss Developer Studio
    • JBoss Integration and Automation
      • Back
      • Red Hat JBoss Data Virtualization
      • Red Hat JBoss Fuse
      • Red Hat JBoss AMQ
      • Red Hat JBoss BPM Suite
      • Red Hat Decision Manager
      • Red Hat 3scale API Management Platform
    • Mobile
      • Back
      • Red Hat Mobile Application Platform
    • Enterprise-ready containers
    • Search the Red Hat Container Catalog
    • Support
    • Production Support
    • Development Support
    • Product Life Cycle & Update Policies
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem
    • Browse Certified Solutions
    • Partner Resources
  • Tools
    • Back
    • Red Hat Insights
    • Learn More
    • Red Hat Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Troubleshooting
    • Security
    • Additional Tools
    • Red Hat Access plug-ins
    • Red Hat Satellite Certificate Tool
  • Security
    • Back
    • Product Security Center
    • Spectre & Meltdown Detector
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • Newsletter and Contact Preferences
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • Español
    • Deutsch
    • Italiano
    • 한국어
    • Français
    • 日本語
    • Português
    • 中文 (中国)
    • русский
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Account
  • Language
Troubleshooting an issue? Try Solution Engine—our new support tool.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • Newsletter and Contact Preferences
  • User Management
  • Account Maintenance

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • Español
  • Deutsch
  • Italiano
  • 한국어
  • Français
  • 日本語
  • Português
  • 中文 (中国)
  • русский
Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • JBoss Development and Management

  • JBoss Integration and Automation

  • Mobile

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Tower
  • Red Hat Ansible Engine
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat Cloud Infrastructure
  • Red Hat Cloud Suite
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat OpenShift Application Runtimes
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Container-Native Storage
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat JBoss Data Grid
  • Red Hat JBoss Web Server
  • Red Hat JBoss Operations Network
  • Red Hat JBoss Developer Studio
  • Red Hat JBoss Data Virtualization
  • Red Hat JBoss Fuse
  • Red Hat JBoss AMQ
  • Red Hat JBoss BPM Suite
  • Red Hat Decision Manager
  • Red Hat 3scale API Management Platform
  • Red Hat Mobile Application Platform
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycle & Update Policies

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem
  • Browse Certified Solutions
  • Partner Resources

Enterprise-ready containers

Secure, certified, and up-to-date container images.

Search the Red Hat Container Catalog

Red Hat Customer Portal Labs

To help you use Red Hat products to their full potential, our engineers have developed a powerful set of tools to support your ongoing success.

Explore Labs

  • Configuration
  • Deployment
  • Troubleshooting
  • Security

Additional Tools

  • Red Hat Access plug-ins
  • Red Hat Satellite Certificate Tool

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn More

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Spectre & Meltdown Detector

Go to App

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses for high-priority security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2017:0932 - Security Advisory
Issued:
2017-04-12
Updated:
2017-04-12

RHSA-2017:0932 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important)
  • A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important)
  • A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate)
  • A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate)
  • A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate)

Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636; Andrey Konovalov (Google) for reporting CVE-2017-6074; and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering).

Bug Fix(es):

  • The kernel-rt packages have been upgraded to version 3.10.0-514.rt56.219, which provides a number of bug fix updates over the previous version. (BZ#1429613)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • MRG Realtime 2 x86_64

Fixes

  • BZ - 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl
  • BZ - 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
  • BZ - 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)
  • BZ - 1423071 - CVE-2017-6074 kernel: use after free in dccp protocol
  • BZ - 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()
  • BZ - 1429613 - update the MRG 2.5.z 3.10 kernel-rt sources

CVEs

  • CVE-2016-8650
  • CVE-2016-9793
  • CVE-2017-2618
  • CVE-2017-2636
  • CVE-2017-6074

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Realtime 2

SRPM
kernel-rt-3.10.0-514.rt56.219.el6rt.src.rpm SHA-256: c95df7676e85f35fae36e3015f35791de885c6d5e1d7fd20d9e06baf414f2fdf
x86_64
kernel-rt-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 916c0c7c4b9a2c9a15794663f5f4d3edc5f631f6c367af13bd384b9faadbeead
kernel-rt-debug-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 14ca5854add626601d1d307fd0c008527d14907c6ec0408f22e9843fc7f732f6
kernel-rt-debug-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: ffaf9639c31c05c34595d9500150f6cb4739207b07f666aa7c6afe1a239871f2
kernel-rt-debug-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 852f4e88b909ea7bfe589ea38b8d3fe3c61bc196101ef20415d2f024f7419ab7
kernel-rt-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 77903ffd4fe1e79cde1a4443a32fd4f6217be62ce9eff22dc1c43c122acc0696
kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 573550a0a7e493c9e83fe8efd26c7d69147c5fbdaf469b41781f0013a3247fd6
kernel-rt-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 716425ea1d23ecc0bc3d96831f8203b5a62459ae672e378f35ed51f46b24d9c2
kernel-rt-doc-3.10.0-514.rt56.219.el6rt.noarch.rpm SHA-256: 517c293af0fe53ef5d3053b4d2041954e1188e224ad0ae29af1a073d0abd897f
kernel-rt-firmware-3.10.0-514.rt56.219.el6rt.noarch.rpm SHA-256: e4082d03e4e4cdd69ec63e9e0427187aec34bffdefb0162af3401a2dcd845a86
kernel-rt-trace-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 735d883052ed03dcf4e74da0f440aa185ca35fc64d9fde6eab5f7ba453cf4c77
kernel-rt-trace-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: fb5766257319f9ae2c22e6b2a526a714bcfdf319095e0d5344a43fcfedef8306
kernel-rt-trace-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: aad0964e63328813f775791495d573a45cdcf41a94583a70e5267b9781229f65
kernel-rt-vanilla-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 5ee65a9b960171b4944b130e401a563217e8f364ea316ff600a0bf63224a040c
kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 8e34df15a7865b9e4558ecd4e467578ed778ade6da348da6408b24f4881d8c91
kernel-rt-vanilla-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm SHA-256: 3825d49a021e12d80e32277bd7faed73bc6f1e78a8d8d120599e5216a4284987

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs

Related Sites

  • RedHat.com
  • JBoss.org
  • OpenShift.com
  • Developers.RedHat.com
  • Red Hat Partner Connect
Red Hat Summit Twitter Facebook Google+
  • Privacy Policy
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Copyright © 2018 Red Hat, Inc.