Issued:
2017-04-18
Updated:
2017-04-18

RHSA-2017:0986 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important)

Red Hat would like to thank Alexander Popov for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 6.4 x86_64

Fixes

  • BZ - 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

Red Hat Enterprise Linux Server - AUS 6.4

SRPM
kernel-2.6.32-358.78.1.el6.src.rpm SHA-256: 1ac38e3af1a38d695451b9213a8866fe306c3ffd6bd59f664d7fee6455736d65
x86_64
kernel-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: d9b3796a24ce904c958e3e1a882b4f2a4b5066a28f8cfb973e7c3d6f0b82c2fa
kernel-debug-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 03c2a21643856e59188f29eeaccb021cb1dee7277f17ba334f9167f889dca31a
kernel-debug-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 7c4373f7ad7d7b8d7dc1cc2d02edb667a38dce3423fc9cf2b3bf4bfd5b979506
kernel-debug-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 7c4373f7ad7d7b8d7dc1cc2d02edb667a38dce3423fc9cf2b3bf4bfd5b979506
kernel-debug-devel-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: fe4eaf3732a4966bf89eebb58fefdc8e586df71d8c19da7bc750a57a63104c81
kernel-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 33c8a4c2e7c564537e72334efc810ca70b3cbfdd29a71e71d9f64295741313f9
kernel-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 33c8a4c2e7c564537e72334efc810ca70b3cbfdd29a71e71d9f64295741313f9
kernel-debuginfo-common-x86_64-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 6760b00c90184125b33f72654da40dba4e6b700d3770b3d55d70ae53fdddc2dd
kernel-debuginfo-common-x86_64-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 6760b00c90184125b33f72654da40dba4e6b700d3770b3d55d70ae53fdddc2dd
kernel-devel-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 168df5f3bd4cd42917ff10e2a4781d1f3b17cfb2676a028245a1a295fea12dee
kernel-doc-2.6.32-358.78.1.el6.noarch.rpm SHA-256: 7ab1ea5c7e4cfcfc998332629c17de29059ef4fbcc9affb9d6599ebab17567df
kernel-firmware-2.6.32-358.78.1.el6.noarch.rpm SHA-256: 3ea124158a5650ffd3ca15ae72081b2da3831d4cb320771e4add6d16f2c4a24d
kernel-headers-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 668ad2f7aa6810435a09b33b4d8d0acb1f64e71d684ff0bcfe70eb0608639c03
perf-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 2379ef2b3709dce076cf495c29d854534ced6cdbabe1e68e6c842fd2eb3db096
perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 12f8c9c27010bedf19d1aaa88c3ee28351b1dfee46d4243104bd13c7c34bec53
perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 12f8c9c27010bedf19d1aaa88c3ee28351b1dfee46d4243104bd13c7c34bec53
python-perf-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: aecc0133720dace4341da73c678452d84959f80c4f56b09ab212d30fb5b1c941
python-perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 51fb06dac6dd13a98db85e68f78bf9460da96165cde974902b0cbee4a4b649e5
python-perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm SHA-256: 51fb06dac6dd13a98db85e68f78bf9460da96165cde974902b0cbee4a4b649e5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.