Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:1647 - Security Advisory
Issued:
2017-06-28
Updated:
2017-06-28

RHSA-2017:1647 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult. (CVE-2017-1000364, Important)
  • The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel, resulting in denial of service. (CVE-2017-7645, Important)
  • The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)
  • A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)

Red Hat would like to thank Qualys Research Labs for reporting CVE-2017-1000364 and Ari Kauppi for reporting CVE-2017-7895.

Bug Fix(es):

  • kernel-rt packages have been upgraded to the 3.10.0-514 source tree, which provides a number of bug fixes over the previous version. (BZ#1452745)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • MRG Realtime 2 x86_64

Fixes

  • BZ - 1426542 - CVE-2017-6214 kernel: ipv4/tcp: Infinite loop in tcp_splice_read()
  • BZ - 1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies
  • BZ - 1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests
  • BZ - 1452745 - update the MRG 2.5.z 3.10 kernel-rt sources
  • BZ - 1452769 - HPE iLO remote console video goes blank after updating to kernel-rt-3.10.0-514.rt56.210.el6rt
  • BZ - 1461333 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations

CVEs

  • CVE-2017-1000364
  • CVE-2017-1000379
  • CVE-2017-6214
  • CVE-2017-7645
  • CVE-2017-7895

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Realtime 2

SRPM
kernel-rt-3.10.0-514.rt56.228.el6rt.src.rpm SHA-256: 0e8d356f283d6acb2a263d5028a82fc7c9841d1cff7c65ae6bb4184b26a8c367
x86_64
kernel-rt-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 748626d6e97bea6e9bef2ec8b9c2fd2f49db4b8c436b12577c6ed4c51649c100
kernel-rt-debug-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 5211a51d9b782420dca86bb74425850cf03544f5e694115063661d0194d9e913
kernel-rt-debug-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 999fd4d43aa53fd4d4424fa60784b13d3e38ddc92a7c28efb519a30357454728
kernel-rt-debug-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 1c4ec41a19fdf4f1f8a2a2c6cc0cc2827ac7bec9d425fb044daa4649a5c77b9d
kernel-rt-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: cdb43fe10f6612359c904df33de958ca7ebc7118309db8a31f0c8703a84b1e18
kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: e849ba69a182bc86677043164fd34912a6913df607420f423de7ec3f93498bd6
kernel-rt-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 0bf9a6cac3252a0a7d5fe5871fffbcd96c0a860331e88a74d8ba1d46af6dad3b
kernel-rt-doc-3.10.0-514.rt56.228.el6rt.noarch.rpm SHA-256: f45ce0937330a71a4831585575c2bc1d88bdaca6b3fc9f6123513e1a592269e2
kernel-rt-firmware-3.10.0-514.rt56.228.el6rt.noarch.rpm SHA-256: 85af39c2e6413e9c7cef4b2fda3978cfe35d0eb5b24e759729a2fc551a85637b
kernel-rt-trace-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: c5e9bef22fea604d62d21555b97ca4dd1484bcfcf35bee3a75997c6036567dfd
kernel-rt-trace-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 7129357dc5d9b5f5cd6e018a76e72af1cc7612072a6576257f4b7236c70805ed
kernel-rt-trace-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 913387c90c6ba9f4cc9130096ef394c5fa96d4814fb4645c6d87d08c08ed0136
kernel-rt-vanilla-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 390b53e52140691ce3731c971145dca314ac45ab08ad8b66844993c375bfc637
kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 7a648765b4c68b7aa496ce6594719dc7d18edf634a0971035340cbfdfb2fa2b3
kernel-rt-vanilla-devel-3.10.0-514.rt56.228.el6rt.x86_64.rpm SHA-256: 5be70f7311cb9d67e205d4ed1ca4b317e496d0e423a5c51628d6429fd49a0405

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter