Red Hat Product Errata RHSA-2017:2705 - Security Advisory

Issued:: 2017-09-13
Updated:: 2017-09-13

RHSA-2017:2705 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Topic

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges. (CVE-2017-1000251, Important)

Red Hat would like to thank Armis Labs for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

MRG Realtime 2 x86_64

Fixes

BZ - 1489716 - CVE-2017-1000251 kernel: stack buffer overflow in the native Bluetooth stack

CVEs

CVE-2017-1000251

References

Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Realtime 2

SRPM
kernel-rt-3.10.0-693.2.2.rt56.588.el6rt.src.rpm	SHA-256: 1eee535ff99238e6ff6b4e63e979a378445d9045787d01a34e09a241807ae5fb
x86_64
kernel-rt-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 6ca9aefd9b5b8833d3de498eb08fd5c1e6402e7ee087a9cbc50e623815b7c84b
kernel-rt-debug-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 17a98c45e32be6cfcc77c06ecc0df76b826f26e9c01baa01cf7f1e012b54452c
kernel-rt-debug-debuginfo-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: d0108e4aad682cc00f74c1a75198fb2bc634b4ec886b49cc9f3fcc371618132a
kernel-rt-debug-devel-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 2065ed4ca8919d4f9f7bf29d129d4169b6958ff37ec4f1ba9d384f54cc2d8a06
kernel-rt-debuginfo-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: e7096096d42608e125232379f3567acce54bd4b8ea0fca508ba1857ffce5b380
kernel-rt-debuginfo-common-x86_64-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 63c23ae08ce0f254a1f260930dd47bb8fe48cb131fbf231d2f89f7e97e7d7d7a
kernel-rt-devel-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: a69b351fc3ee5814963e784011751f9591ac26dd7bd9ba4147969c9f8802a0c8
kernel-rt-doc-3.10.0-693.2.2.rt56.588.el6rt.noarch.rpm	SHA-256: 69428bdf4b9f9954ccbd7c38ca8b450978a1e17321fbcae3032e4eaff5fdbab0
kernel-rt-firmware-3.10.0-693.2.2.rt56.588.el6rt.noarch.rpm	SHA-256: dd31d4fb01bddfe91d130519fa126c663cabc4fd563d258583497ae370f6f081
kernel-rt-trace-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: b846349821812f3fc2fa1d4abeea13a325a621c8b67f6106a1453e870da4fb1d
kernel-rt-trace-debuginfo-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 6d5d6b43600d7d1e4e5fa5e8589da8a95dade650b1c54698c355877b31fc530c
kernel-rt-trace-devel-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 0676a1955ea6112b8db7ec2011dd980dcb8f5fc9801a648ffcf073013e49d15c
kernel-rt-vanilla-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: fbc998597a2d32236a67c05efad334fd6e0991a74569a69e5952bb23d2f7e52d
kernel-rt-vanilla-debuginfo-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: 2c9dbe903d1970f3a86ee5638106a1e9ceb26afcdc76a64f6aefc19b60aea61a
kernel-rt-vanilla-devel-3.10.0-693.2.2.rt56.588.el6rt.x86_64.rpm	SHA-256: b5c1ea2d5342030d8b96d85a0b6133fdebd6d9d3934aef91f9053e8422a01836

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Red Hat Customer Portal Labs

Additional Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories