Red Hat Product Errata RHSA-2017:1482 - Security Advisory
Issued:
2017-06-19
Updated:
2017-06-19

RHSA-2017:1482 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5 Extended
Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

  • A flaw was found in the way memory was being allocated on the stack for user

space binaries. If heap (or different memory region) and stack memory regions
were adjacent to each other, an attacker could use this flaw to jump over the
stack guard gap, cause controlled memory corruption on process stack or the
adjacent memory region, and thus increase their privileges on the system. This
is a kernel-side mitigation which increases the stack guard gap size from one
page to 1 MiB to make successful exploitation of this issue more difficult.
(CVE-2017-1000364, Important)

Red Hat would like to thank Qualys Research Labs for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 5 s390x

Fixes

  • BZ - 1461333 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations

Red Hat Enterprise Linux Server 5

SRPM
kernel-2.6.18-420.el5.src.rpm SHA-256: d4a5af03771abb03864c4a68ec53813462c77418b929311182cf8dbd9bb691a6
x86_64
kernel-2.6.18-420.el5.x86_64.rpm SHA-256: 9afe7761eea3e22f583efd7b2e192ab0f8ef5ea876e94532f9c0cf6ac56f8526
kernel-debug-2.6.18-420.el5.x86_64.rpm SHA-256: 4dbc23fa8532530e961f11b8e69ad39c37cce0e45e8da668c82e37c16a054345
kernel-debug-debuginfo-2.6.18-420.el5.x86_64.rpm SHA-256: a140be3d0cc6705c1f1a88ad9a0eb6c3f20daafa3599164ee98e1f7993feb6b5
kernel-debug-devel-2.6.18-420.el5.x86_64.rpm SHA-256: ece689618f158ec2814c9b69be9a246d06d41ce1bf906c411dc7620fc74262da
kernel-debuginfo-2.6.18-420.el5.x86_64.rpm SHA-256: 7191b8846b6f463973069132a535113608a28de9d94b23767ca0be2eeeff15fd
kernel-debuginfo-common-2.6.18-420.el5.x86_64.rpm SHA-256: 80daf3ec2ce2295b28a7af53f4d44926bb868d150a1f0492d1f12ff5543d577b
kernel-devel-2.6.18-420.el5.x86_64.rpm SHA-256: 2d6d72a183750d3287575e2ac379fd47a344a8ced17bb4b54fba0a84cf917cc2
kernel-doc-2.6.18-420.el5.noarch.rpm SHA-256: 7316380c5cf1161f96c78a759c993e36c664e11476c0aaeb6044b1b8421e8cdc
kernel-headers-2.6.18-420.el5.x86_64.rpm SHA-256: c1a080697be87d8d4cfafb928688362ea8cdea8299b21371059db8644f2452e3
kernel-xen-2.6.18-420.el5.x86_64.rpm SHA-256: 8770fd3acce045d4ea4fb2a49a807eda489c0f5eed5f44cd750b77bb49b303d5
kernel-xen-debuginfo-2.6.18-420.el5.x86_64.rpm SHA-256: 545926e04296bd83b9ea04b2636e7f8c8bf74c929d7e44e262bf36686ede4bb9
kernel-xen-devel-2.6.18-420.el5.x86_64.rpm SHA-256: cc22ba650951a3dbbd7cba75b584e0f9e93d125f13fc5c89d4d40c3a588b9d9c
i386
kernel-2.6.18-420.el5.i686.rpm SHA-256: b040797f2da57f4d494711f9c872e363ec9f71114cb78ebaf0dd93b2cc4bffd8
kernel-PAE-2.6.18-420.el5.i686.rpm SHA-256: d6348b072fe8e5c25df412686e4875b76eb7b33ee0be917b052c778c5155e047
kernel-PAE-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: 373a0b22a3bb941d68a1113da57ba753a42de3f8cbd433aa646ba20da300bf00
kernel-PAE-devel-2.6.18-420.el5.i686.rpm SHA-256: 254f343312c9982c482d3791b1461956465737a2f12a8ad075b6750af3e97306
kernel-debug-2.6.18-420.el5.i686.rpm SHA-256: 9e1fd322f0a26e01246e599205c1645a70adebac9a7fc36ddd09079e78faf52d
kernel-debug-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: b286c023440180a63be28667a8d85a29265f964aea44084c81777f5261bcec95
kernel-debug-devel-2.6.18-420.el5.i686.rpm SHA-256: e73c25e8efb293641d67fbfea6f22d0602e17861a3b666510eb8debbfa93e937
kernel-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: 33305e02bc1d544207e11d63eb31d084aae2f4f38106be7a1b5f10264e309ea0
kernel-debuginfo-common-2.6.18-420.el5.i686.rpm SHA-256: 9ef0f406ef6acfb1e155df0af5af5a0d26fd3d0ffc5b767202fb713bd1ee8bb6
kernel-devel-2.6.18-420.el5.i686.rpm SHA-256: b3cabff5351375089e64b95fde50c77054b2a73c14c8b52e39639f467a130056
kernel-doc-2.6.18-420.el5.noarch.rpm SHA-256: 7316380c5cf1161f96c78a759c993e36c664e11476c0aaeb6044b1b8421e8cdc
kernel-headers-2.6.18-420.el5.i386.rpm SHA-256: 579300cb2d81a2cda43dae3a540935e50c41ff9b21c60e542150031bda1f4b27
kernel-xen-2.6.18-420.el5.i686.rpm SHA-256: 83f2aa94d12c9207dcc101746856e15ec8def6952c96ee3a886460de0687c6cc
kernel-xen-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: eb1f498784bb3bba072ae43c7ee164a91847f4e977bd1008ca109bb1b3f864dd
kernel-xen-devel-2.6.18-420.el5.i686.rpm SHA-256: 6e84e018085185be3298faa8bf3cb69e518bacbb5bb4eae1a85e610f3097c366

Red Hat Enterprise Linux Server - Extended Life Cycle Support 5

SRPM
kernel-2.6.18-420.el5.src.rpm SHA-256: d4a5af03771abb03864c4a68ec53813462c77418b929311182cf8dbd9bb691a6
x86_64
kernel-2.6.18-420.el5.x86_64.rpm SHA-256: 9afe7761eea3e22f583efd7b2e192ab0f8ef5ea876e94532f9c0cf6ac56f8526
kernel-debug-2.6.18-420.el5.x86_64.rpm SHA-256: 4dbc23fa8532530e961f11b8e69ad39c37cce0e45e8da668c82e37c16a054345
kernel-debug-debuginfo-2.6.18-420.el5.x86_64.rpm SHA-256: a140be3d0cc6705c1f1a88ad9a0eb6c3f20daafa3599164ee98e1f7993feb6b5
kernel-debug-devel-2.6.18-420.el5.x86_64.rpm SHA-256: ece689618f158ec2814c9b69be9a246d06d41ce1bf906c411dc7620fc74262da
kernel-debuginfo-2.6.18-420.el5.x86_64.rpm SHA-256: 7191b8846b6f463973069132a535113608a28de9d94b23767ca0be2eeeff15fd
kernel-debuginfo-common-2.6.18-420.el5.x86_64.rpm SHA-256: 80daf3ec2ce2295b28a7af53f4d44926bb868d150a1f0492d1f12ff5543d577b
kernel-devel-2.6.18-420.el5.x86_64.rpm SHA-256: 2d6d72a183750d3287575e2ac379fd47a344a8ced17bb4b54fba0a84cf917cc2
kernel-doc-2.6.18-420.el5.noarch.rpm SHA-256: 7316380c5cf1161f96c78a759c993e36c664e11476c0aaeb6044b1b8421e8cdc
kernel-headers-2.6.18-420.el5.x86_64.rpm SHA-256: c1a080697be87d8d4cfafb928688362ea8cdea8299b21371059db8644f2452e3
kernel-xen-2.6.18-420.el5.x86_64.rpm SHA-256: 8770fd3acce045d4ea4fb2a49a807eda489c0f5eed5f44cd750b77bb49b303d5
kernel-xen-debuginfo-2.6.18-420.el5.x86_64.rpm SHA-256: 545926e04296bd83b9ea04b2636e7f8c8bf74c929d7e44e262bf36686ede4bb9
kernel-xen-devel-2.6.18-420.el5.x86_64.rpm SHA-256: cc22ba650951a3dbbd7cba75b584e0f9e93d125f13fc5c89d4d40c3a588b9d9c
i386
kernel-2.6.18-420.el5.i686.rpm SHA-256: b040797f2da57f4d494711f9c872e363ec9f71114cb78ebaf0dd93b2cc4bffd8
kernel-PAE-2.6.18-420.el5.i686.rpm SHA-256: d6348b072fe8e5c25df412686e4875b76eb7b33ee0be917b052c778c5155e047
kernel-PAE-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: 373a0b22a3bb941d68a1113da57ba753a42de3f8cbd433aa646ba20da300bf00
kernel-PAE-devel-2.6.18-420.el5.i686.rpm SHA-256: 254f343312c9982c482d3791b1461956465737a2f12a8ad075b6750af3e97306
kernel-debug-2.6.18-420.el5.i686.rpm SHA-256: 9e1fd322f0a26e01246e599205c1645a70adebac9a7fc36ddd09079e78faf52d
kernel-debug-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: b286c023440180a63be28667a8d85a29265f964aea44084c81777f5261bcec95
kernel-debug-devel-2.6.18-420.el5.i686.rpm SHA-256: e73c25e8efb293641d67fbfea6f22d0602e17861a3b666510eb8debbfa93e937
kernel-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: 33305e02bc1d544207e11d63eb31d084aae2f4f38106be7a1b5f10264e309ea0
kernel-debuginfo-common-2.6.18-420.el5.i686.rpm SHA-256: 9ef0f406ef6acfb1e155df0af5af5a0d26fd3d0ffc5b767202fb713bd1ee8bb6
kernel-devel-2.6.18-420.el5.i686.rpm SHA-256: b3cabff5351375089e64b95fde50c77054b2a73c14c8b52e39639f467a130056
kernel-doc-2.6.18-420.el5.noarch.rpm SHA-256: 7316380c5cf1161f96c78a759c993e36c664e11476c0aaeb6044b1b8421e8cdc
kernel-headers-2.6.18-420.el5.i386.rpm SHA-256: 579300cb2d81a2cda43dae3a540935e50c41ff9b21c60e542150031bda1f4b27
kernel-xen-2.6.18-420.el5.i686.rpm SHA-256: 83f2aa94d12c9207dcc101746856e15ec8def6952c96ee3a886460de0687c6cc
kernel-xen-debuginfo-2.6.18-420.el5.i686.rpm SHA-256: eb1f498784bb3bba072ae43c7ee164a91847f4e977bd1008ca109bb1b3f864dd
kernel-xen-devel-2.6.18-420.el5.i686.rpm SHA-256: 6e84e018085185be3298faa8bf3cb69e518bacbb5bb4eae1a85e610f3097c366

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
kernel-2.6.18-420.el5.src.rpm SHA-256: d4a5af03771abb03864c4a68ec53813462c77418b929311182cf8dbd9bb691a6
s390x
kernel-2.6.18-420.el5.s390x.rpm SHA-256: 6e6d7d1758aabfdcdeb7313ab625ee3dabf02b310e20d267bd162f6a6b143ca1
kernel-debug-2.6.18-420.el5.s390x.rpm SHA-256: 6573806554eee0bc6743a4b36ae03637ab9aafc266d5b0a3df70cbb17f541440
kernel-debug-debuginfo-2.6.18-420.el5.s390x.rpm SHA-256: 2bf58328996d1391dfdd11ce745be1661034a7b65d4d6db0645389f9f78e99da
kernel-debug-devel-2.6.18-420.el5.s390x.rpm SHA-256: 109272d9f2c4c187057e463fafcad820085a5810aeef35fd9625cba02fc2caee
kernel-debuginfo-2.6.18-420.el5.s390x.rpm SHA-256: 9c7abc0605f6cf405cf6c7c1030a8fdd26644ba7de747734925f4f5b95feedec
kernel-debuginfo-common-2.6.18-420.el5.s390x.rpm SHA-256: e94de470d70241e761af1d609c2f35528c2f210f607ad686a9efb571e6cc370c
kernel-devel-2.6.18-420.el5.s390x.rpm SHA-256: f293f27d5bcbf12e07d8fbad983dd4d0d53cb7edc079b9e794fc15d38ab86d4f
kernel-doc-2.6.18-420.el5.noarch.rpm SHA-256: 7316380c5cf1161f96c78a759c993e36c664e11476c0aaeb6044b1b8421e8cdc
kernel-headers-2.6.18-420.el5.s390x.rpm SHA-256: f0bab39e63ccf86e4815311199cbb45d35d0d463fa8d770ad27fd90ce368be75
kernel-kdump-2.6.18-420.el5.s390x.rpm SHA-256: da3506f85d2a60118fd4ce947dc33581a635956a4251a3dbaba083a272707ab2
kernel-kdump-debuginfo-2.6.18-420.el5.s390x.rpm SHA-256: 02988bdd32906a5ccaeb701145b00502ec9a784ace1b873b0a370d60591afaa1
kernel-kdump-devel-2.6.18-420.el5.s390x.rpm SHA-256: 1a2cf8ac281ebd945692996bcba43fb1036cee4673fd34749d7ba64d3153cfae

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 5

SRPM
kernel-2.6.18-420.el5.src.rpm SHA-256: d4a5af03771abb03864c4a68ec53813462c77418b929311182cf8dbd9bb691a6
s390x
kernel-2.6.18-420.el5.s390x.rpm SHA-256: 6e6d7d1758aabfdcdeb7313ab625ee3dabf02b310e20d267bd162f6a6b143ca1
kernel-debug-2.6.18-420.el5.s390x.rpm SHA-256: 6573806554eee0bc6743a4b36ae03637ab9aafc266d5b0a3df70cbb17f541440
kernel-debug-debuginfo-2.6.18-420.el5.s390x.rpm SHA-256: 2bf58328996d1391dfdd11ce745be1661034a7b65d4d6db0645389f9f78e99da
kernel-debug-devel-2.6.18-420.el5.s390x.rpm SHA-256: 109272d9f2c4c187057e463fafcad820085a5810aeef35fd9625cba02fc2caee
kernel-debuginfo-2.6.18-420.el5.s390x.rpm SHA-256: 9c7abc0605f6cf405cf6c7c1030a8fdd26644ba7de747734925f4f5b95feedec
kernel-debuginfo-common-2.6.18-420.el5.s390x.rpm SHA-256: e94de470d70241e761af1d609c2f35528c2f210f607ad686a9efb571e6cc370c
kernel-devel-2.6.18-420.el5.s390x.rpm SHA-256: f293f27d5bcbf12e07d8fbad983dd4d0d53cb7edc079b9e794fc15d38ab86d4f
kernel-doc-2.6.18-420.el5.noarch.rpm SHA-256: 7316380c5cf1161f96c78a759c993e36c664e11476c0aaeb6044b1b8421e8cdc
kernel-headers-2.6.18-420.el5.s390x.rpm SHA-256: f0bab39e63ccf86e4815311199cbb45d35d0d463fa8d770ad27fd90ce368be75
kernel-kdump-2.6.18-420.el5.s390x.rpm SHA-256: da3506f85d2a60118fd4ce947dc33581a635956a4251a3dbaba083a272707ab2
kernel-kdump-debuginfo-2.6.18-420.el5.s390x.rpm SHA-256: 02988bdd32906a5ccaeb701145b00502ec9a784ace1b873b0a370d60591afaa1
kernel-kdump-devel-2.6.18-420.el5.s390x.rpm SHA-256: 1a2cf8ac281ebd945692996bcba43fb1036cee4673fd34749d7ba64d3153cfae

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.