Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:2704 - Security Advisory
Issued:
2017-09-13
Updated:
2017-09-13

RHSA-2017:2704 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges. (CVE-2017-1000251, Important)

Red Hat would like to thank Armis Labs for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
  • Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64

Fixes

  • BZ - 1489716 - CVE-2017-1000251 kernel: stack buffer overflow in the native Bluetooth stack

CVEs

  • CVE-2017-1000251

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/CVE-2017-1000251
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-693.2.2.rt56.623.el7.src.rpm SHA-256: 89100fc17d782af94a3a86bb60f5f78eef7fa5b9a769e8de3587258dd23bbbb9
x86_64
kernel-rt-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 96adb0dd6cb6187d8555a757ac7d9a5f47b66bcbdc459f24aa97d11f710b685b
kernel-rt-debug-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 27e84d7465c7f977f9a2583a3a97d78678ebde0cd53f38b7fbd78d7cc64aa042
kernel-rt-debug-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d60624051730c6d82c93ea5e7affb5b15edc1c60bd6d3126ffacf177b58d048f
kernel-rt-debug-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 7c2f87d78bdef58ba995f16a54c59602f8a1c67f4aa96e2ecd505b3206ecbf6e
kernel-rt-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: ee9780df7cb180bec7bc3530aab1cb7e81a7a1e80a1cade96192af6bef270600
kernel-rt-debuginfo-common-x86_64-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d49ffec1e9012e6b6b0572b3b2d0ee754a0e727be38fca4a6f3814ff55f7e2ea
kernel-rt-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 567b59a36f210bb0fdc50b2285d1d3a79fcce1270ffe31172b109de8fdda85a4
kernel-rt-doc-3.10.0-693.2.2.rt56.623.el7.noarch.rpm SHA-256: 342c966a91ad96cb8fd30ade67d79918ccda11408fdd9ee07be5ebd8d98fd251
kernel-rt-trace-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: c7d188b5f2597f45f5967973ca302528abea1f3082f73203ea6221d4e8d8336c
kernel-rt-trace-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 00c3fa2e49c73155f720bff154067170bf3d4e6e4f357d989b7edaa78a9f47f4
kernel-rt-trace-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d765619fcc43f823d3d5ba4d791ffce976d66a248ea362f26eed4d663caee35e

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-693.2.2.rt56.623.el7.src.rpm SHA-256: 89100fc17d782af94a3a86bb60f5f78eef7fa5b9a769e8de3587258dd23bbbb9
x86_64
kernel-rt-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 96adb0dd6cb6187d8555a757ac7d9a5f47b66bcbdc459f24aa97d11f710b685b
kernel-rt-debug-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 27e84d7465c7f977f9a2583a3a97d78678ebde0cd53f38b7fbd78d7cc64aa042
kernel-rt-debug-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d60624051730c6d82c93ea5e7affb5b15edc1c60bd6d3126ffacf177b58d048f
kernel-rt-debug-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 7c2f87d78bdef58ba995f16a54c59602f8a1c67f4aa96e2ecd505b3206ecbf6e
kernel-rt-debug-kvm-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 0502688acef90b3f3d9aec214807b6b53fdbb055bb86e4ce652f7a922bb9e07e
kernel-rt-debug-kvm-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: a5d7b5570b8cdb36123f7bc66f02b72fb67aafd0a802fd2e2234d0875340b05f
kernel-rt-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: ee9780df7cb180bec7bc3530aab1cb7e81a7a1e80a1cade96192af6bef270600
kernel-rt-debuginfo-common-x86_64-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d49ffec1e9012e6b6b0572b3b2d0ee754a0e727be38fca4a6f3814ff55f7e2ea
kernel-rt-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 567b59a36f210bb0fdc50b2285d1d3a79fcce1270ffe31172b109de8fdda85a4
kernel-rt-doc-3.10.0-693.2.2.rt56.623.el7.noarch.rpm SHA-256: 342c966a91ad96cb8fd30ade67d79918ccda11408fdd9ee07be5ebd8d98fd251
kernel-rt-kvm-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 60437b4dc99fe7a1b61e12113392a6b28188def4047fd1fa24d470b75540309e
kernel-rt-kvm-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 1cc3aae8106da785fee5611f86f16c85484e9a2c907c82e05cd286745302e59c
kernel-rt-trace-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: c7d188b5f2597f45f5967973ca302528abea1f3082f73203ea6221d4e8d8336c
kernel-rt-trace-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 00c3fa2e49c73155f720bff154067170bf3d4e6e4f357d989b7edaa78a9f47f4
kernel-rt-trace-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d765619fcc43f823d3d5ba4d791ffce976d66a248ea362f26eed4d663caee35e
kernel-rt-trace-kvm-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 2ffbb2c1b34fd3b4549ce0045882abf5d7213bc1f9ceef6eb64442a976410e12
kernel-rt-trace-kvm-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 9789a62260197a430538c666fb9be6b6323d39a3a4d9ba7bad3f94f6c3f1e64e

Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7

SRPM
kernel-rt-3.10.0-693.2.2.rt56.623.el7.src.rpm SHA-256: 89100fc17d782af94a3a86bb60f5f78eef7fa5b9a769e8de3587258dd23bbbb9
x86_64
kernel-rt-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 96adb0dd6cb6187d8555a757ac7d9a5f47b66bcbdc459f24aa97d11f710b685b
kernel-rt-debug-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 27e84d7465c7f977f9a2583a3a97d78678ebde0cd53f38b7fbd78d7cc64aa042
kernel-rt-debug-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d60624051730c6d82c93ea5e7affb5b15edc1c60bd6d3126ffacf177b58d048f
kernel-rt-debug-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 7c2f87d78bdef58ba995f16a54c59602f8a1c67f4aa96e2ecd505b3206ecbf6e
kernel-rt-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: ee9780df7cb180bec7bc3530aab1cb7e81a7a1e80a1cade96192af6bef270600
kernel-rt-debuginfo-common-x86_64-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d49ffec1e9012e6b6b0572b3b2d0ee754a0e727be38fca4a6f3814ff55f7e2ea
kernel-rt-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 567b59a36f210bb0fdc50b2285d1d3a79fcce1270ffe31172b109de8fdda85a4
kernel-rt-doc-3.10.0-693.2.2.rt56.623.el7.noarch.rpm SHA-256: 342c966a91ad96cb8fd30ade67d79918ccda11408fdd9ee07be5ebd8d98fd251
kernel-rt-trace-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: c7d188b5f2597f45f5967973ca302528abea1f3082f73203ea6221d4e8d8336c
kernel-rt-trace-debuginfo-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: 00c3fa2e49c73155f720bff154067170bf3d4e6e4f357d989b7edaa78a9f47f4
kernel-rt-trace-devel-3.10.0-693.2.2.rt56.623.el7.x86_64.rpm SHA-256: d765619fcc43f823d3d5ba4d791ffce976d66a248ea362f26eed4d663caee35e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility