Issued:: 2017-08-15
Updated:: 2017-08-15

RHSA-2017:2472 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

Bug Fix(es):

When upgrading to kernel with the fix for stack guard flaw, a crash could occur in Java Virtual Machine (JVM) environments, which attempted to implement their own stack guard page. With this update, the underlying source code has been fixed to consider the PROT_NONE mapping as a part of the stack, and the crash in JVM no longer occurs under the described circumstances. (BZ#1472671)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 5.9 x86_64
Red Hat Enterprise Linux Server - AUS 5.9 ia64
Red Hat Enterprise Linux Server - AUS 5.9 i386

Fixes

BZ - 1446103 - CVE-2017-7895 kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests

CVEs

CVE-2017-7895

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 5.9

SRPM
kernel-2.6.18-348.34.1.el5.src.rpm	SHA-256: a0ab0a3137251d466a1c61b1a43da9f07d1c7b0170be6d73dad14a7bcc1b3da7
x86_64
kernel-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: e48da79d02a3938158c7d4a4a5b99e286c2ebeccaa1723ed3db7bedec89106ed
kernel-debug-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 754d205cc8c5d21ac28ef935484c67e41dcd637eb4c88be08534758393dfc517
kernel-debug-debuginfo-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: d9333981f3f75b763eeaf438fa7199493e19973e08a4788499d2960b55e742b3
kernel-debug-devel-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 8a6a7cf7f737fd47a15c6765c37facdfd828221aa0cb4b7629324af7d46bd9d8
kernel-debuginfo-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 3d923688cfc636b380681a54d5523554d5925501ef896ce3066dc744656bb2a6
kernel-debuginfo-common-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 0034fb72655d6d7d8fef72c24f0de9a8a1065463fdb0734b3cfd489f933f60fa
kernel-devel-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: bca2b8ba20a2e5e5284e88ff8a2a57e217e57a6d6ca491626ca9ade3dae32bd2
kernel-doc-2.6.18-348.34.1.el5.noarch.rpm	SHA-256: 69dbb56e1d6b5de06263f19b80d3681565f518eac500e3c5c82369ac79bb3d19
kernel-headers-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 62559c8edb75e5f3ef726c3e2081aa61a1515b820841d97e99f2e12af4a159da
kernel-xen-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: f4abd5798d16c0bc970d7ed662390d69df4ecc541b6a479a86a454b96aa27204
kernel-xen-debuginfo-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 6c9287b1e71ac5dea3028463ce0c336874cef4bd84e88687588c2f4c4d2945c5
kernel-xen-devel-2.6.18-348.34.1.el5.x86_64.rpm	SHA-256: 7e95eb7205c3785d525034fd9f9cd3848de2c76da47d43d9837b8d3fca08fa81
ia64
kernel-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: bc930ee7b99a7f6d893742af45091d80381c24914b74d4b2a943921dba68c06a
kernel-debug-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 0e01ff9f2e4fb653bfdf9cd2e7ff1f5d3af8eb4a9880f18a4d14609fb6e6267c
kernel-debug-debuginfo-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 8284611b1b2a78ecfc34d733d8888c25ea2dfe105e495cd932a61ab3dd7f3ab4
kernel-debug-devel-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 730f56c24f0acb42f5e25c7c40685008bd0512f6654ec4993ea9a53603b4a563
kernel-debuginfo-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 623c101b3c96290c82c25859a8dac41c00dc32ea10cec9803617521056d3fec1
kernel-debuginfo-common-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: ea50fa7b705cff5b76d28035936e8bb47810baa567bc76b2ceaff00947b5b5d2
kernel-devel-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 74935061f224546179d869a3769979dd805c9d35f54d71d7585da4569820a535
kernel-doc-2.6.18-348.34.1.el5.noarch.rpm	SHA-256: 69dbb56e1d6b5de06263f19b80d3681565f518eac500e3c5c82369ac79bb3d19
kernel-headers-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 50a14f493a8792a52f7903f0a1f824c699bcf2062657c87dc10364e2b2b226e3
kernel-xen-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: 24743805a4b199e8be0d495f3f43ccdb32f709b7217380d22db4944fd3ef7424
kernel-xen-debuginfo-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: e1f5489d78625ab6ce6743beea1efb7167e7bf7747e04d0b59563e676ab2faf6
kernel-xen-devel-2.6.18-348.34.1.el5.ia64.rpm	SHA-256: ecbea66accdc40ec20a36a4101755d43f3f19735c306376a007e5a77623e9534
i386
kernel-2.6.18-348.34.1.el5.i686.rpm	SHA-256: da191141172a5d85fc3dccde0f0dc26d8805448e79ac6a0bf1ad908b2f755838
kernel-PAE-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 19f307be8fa764f099803c35361325e73622e6ce63a0a331a026e7820411e175
kernel-PAE-debuginfo-2.6.18-348.34.1.el5.i686.rpm	SHA-256: e6b9affefe21fa11ee43dfe6617d03cb6e326c76bcec20bb3999b441fb5cec09
kernel-PAE-devel-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 5df6c383b29978df5b2c2f125dfc90bd7fb3cbc54eb3f2ae61822ad87caad6e8
kernel-debug-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 785493b235793dc8e53dacaaa36de52aab6d8289bc48d5c50c2f0f7b89351739
kernel-debug-debuginfo-2.6.18-348.34.1.el5.i686.rpm	SHA-256: bd5613b76e5a045e030ef7467d4ddd9aa9403a979ca2fec31dc2243b4cb3f95a
kernel-debug-devel-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 5757d7d893cd559d6fb7b23afad14409d2dcf20acc1a2eec06ec200f4cd23b6c
kernel-debuginfo-2.6.18-348.34.1.el5.i686.rpm	SHA-256: ba3ea32a2852de72aa2dce99f88f9cc2bd9ca791d75fa6132cfd1fde78841cbb
kernel-debuginfo-common-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 978042a824033890078e31687a284e852974f667be35146dc03c70a87848aeab
kernel-devel-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 5bbd85ee1fa193276933d2dc36153c07ddd50427cf203524eacf30b79c862a49
kernel-doc-2.6.18-348.34.1.el5.noarch.rpm	SHA-256: 69dbb56e1d6b5de06263f19b80d3681565f518eac500e3c5c82369ac79bb3d19
kernel-headers-2.6.18-348.34.1.el5.i386.rpm	SHA-256: 0b979fec62d1e9a404960d99195783915730494983584c4fd96ec3ec13bb05c9
kernel-xen-2.6.18-348.34.1.el5.i686.rpm	SHA-256: a536e3c6c9c4add7ca30ecda032fdd8681d7c17cd00f9524d0241ffaaa54301d
kernel-xen-debuginfo-2.6.18-348.34.1.el5.i686.rpm	SHA-256: 9363b4c84a014ff61c25c8b771475eccfc6ac9986fc10582def3979eb5d347e0
kernel-xen-devel-2.6.18-348.34.1.el5.i686.rpm	SHA-256: f5c28417ba95649315617c94f14cf96264c2e3a3d18a93dc791139f5d69115b8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation