- Issued:
- 2017-05-25
- Updated:
- 2017-05-25
RHSA-2017:1298 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2017-7308, Important)
- Mounting a crafted EXT4 image read-only leads to an attacker controlled memory corruption and SLAB-Out-of-Bounds reads. (CVE-2016-10208, Moderate)
- A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation. (CVE-2016-7910, Moderate)
- A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shash_async_export() by attempting to force the in-kernel hashing algorithms into decrypting an empty data set. (CVE-2016-8646, Moderate)
Red Hat would like to thank Igor Redko (Virtuozzo kernel team) for reporting CVE-2016-8646.
Bug Fix(es):
- The kernel-rt packages have been upgraded to the 3.10.0-514.21.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1440803)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
Fixes
- BZ - 1388821 - CVE-2016-8646 kernel: Oops in shash_async_export()
- BZ - 1395190 - CVE-2016-10208 kernel: EXT4 memory corruption / SLAB out-of-bounds read
- BZ - 1399727 - CVE-2016-7910 kernel: Use after free in seq file
- BZ - 1437404 - CVE-2017-7308 kernel: net/packet: overflow in check for priv area size
- BZ - 1440803 - kernel-rt: update to the RHEL7.3.z batch#5 source tree [rhel-7.3.z]
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-514.21.1.rt56.438.el7.src.rpm | SHA-256: bbf19c65c50cb071a6f8bd7d2095c45b58c462c313336aa6ed79bae36043ab13 |
| x86_64 | |
| kernel-rt-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 6bc752be56c016f700d08d8215944da9893508a5d1c2e12b28983cfabf81e109 |
| kernel-rt-debug-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 4ea1f899773f9517087db06197103e10ecda771209794b5d5e26baf66007c1cc |
| kernel-rt-debug-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 24605c2bae65bef139346e287328b579f003c5514c3df276b7a71b105b0ddbe4 |
| kernel-rt-debug-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: ddc858f6031d563184a031a2c80f9cc25475a423029bbbe9636a8611cc82b15e |
| kernel-rt-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: ce3de1cabe55ac510b6da4d1a50383e3411d707d0e6db90b9b5397b6aea5b98e |
| kernel-rt-debuginfo-common-x86_64-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: eb38601053bb4332e5b53ca2afe99807e56f31f5beaab1358521c16472376166 |
| kernel-rt-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: a5aa5d7c750561640d7c6aee1357f8a62ac369eb1246245b1a8c6ae59dba526c |
| kernel-rt-doc-3.10.0-514.21.1.rt56.438.el7.noarch.rpm | SHA-256: 5568b1c87fd388506ef2d7e7ac3aed5e3ac060a238e84ab969724cce25df9e65 |
| kernel-rt-trace-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 79e3aff1646f3a3ee977323152a762458f6af7870540c4ea6e1406be2ff3dbfd |
| kernel-rt-trace-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 3627ffe2aa4f57b9c37cf1ec8b0130094a14bbefa57e5d857567657d042fc47b |
| kernel-rt-trace-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: dfe33c4a56ea069f1afbb623a8850bdc9b6392198fff26ae706966013babf5e9 |
Red Hat Enterprise Linux for Real Time for NFV 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-514.21.1.rt56.438.el7.src.rpm | SHA-256: bbf19c65c50cb071a6f8bd7d2095c45b58c462c313336aa6ed79bae36043ab13 |
| x86_64 | |
| kernel-rt-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 6bc752be56c016f700d08d8215944da9893508a5d1c2e12b28983cfabf81e109 |
| kernel-rt-debug-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 4ea1f899773f9517087db06197103e10ecda771209794b5d5e26baf66007c1cc |
| kernel-rt-debug-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 24605c2bae65bef139346e287328b579f003c5514c3df276b7a71b105b0ddbe4 |
| kernel-rt-debug-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: ddc858f6031d563184a031a2c80f9cc25475a423029bbbe9636a8611cc82b15e |
| kernel-rt-debug-kvm-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 1a5923d54957c5337b9a1737148bad01ba787ea02362d1dab7166bf954c4d204 |
| kernel-rt-debug-kvm-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 8e68d3f1ca041547293f9b62ffccad5cee16efe854941c1d70eec9d5b13c0aab |
| kernel-rt-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: ce3de1cabe55ac510b6da4d1a50383e3411d707d0e6db90b9b5397b6aea5b98e |
| kernel-rt-debuginfo-common-x86_64-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: eb38601053bb4332e5b53ca2afe99807e56f31f5beaab1358521c16472376166 |
| kernel-rt-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: a5aa5d7c750561640d7c6aee1357f8a62ac369eb1246245b1a8c6ae59dba526c |
| kernel-rt-doc-3.10.0-514.21.1.rt56.438.el7.noarch.rpm | SHA-256: 5568b1c87fd388506ef2d7e7ac3aed5e3ac060a238e84ab969724cce25df9e65 |
| kernel-rt-kvm-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: c897a173da8ba6699b2cc65c7743e8dff8b50e9a6365c462da3bcb8399546048 |
| kernel-rt-kvm-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: c07009347e51dc4f88afca4376a7fd0bedab8c53e9e0dfe05f83d8902d1fcea4 |
| kernel-rt-trace-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 79e3aff1646f3a3ee977323152a762458f6af7870540c4ea6e1406be2ff3dbfd |
| kernel-rt-trace-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: 3627ffe2aa4f57b9c37cf1ec8b0130094a14bbefa57e5d857567657d042fc47b |
| kernel-rt-trace-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: dfe33c4a56ea069f1afbb623a8850bdc9b6392198fff26ae706966013babf5e9 |
| kernel-rt-trace-kvm-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: ab6d449ee5ef34826a8b16e631c2ccf8a534c9077debe58c2d3ce161da406b04 |
| kernel-rt-trace-kvm-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm | SHA-256: a43bab17fcf3accc34283810d2358c8086a353b7f5e1c90d6e0cb8ea403bc1cd |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.