Issued:
2017-09-13
Updated:
2017-09-13

RHSA-2017:2707 - Security Advisory

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support and Red Hat Enterprise Linux 6.5 Telco Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges. (CVE-2017-1000251, Important)

Red Hat would like to thank Armis Labs for reporting this issue.

Bug Fix(es):

  • Previously, while the MAP_GROWSDOWN flag was set, writing to the memory which was mapped with the mmap system call failed with the SIGBUS signal. This update fixes memory management in the Linux kernel by backporting an upstream patch that enlarges the stack guard page gap. As a result, mmap now works as expected under the described circumstances. (BZ#1474723)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 6.5 x86_64
  • Red Hat Enterprise Linux Server - TUS 6.5 x86_64

Fixes

  • BZ - 1489716 - CVE-2017-1000251 kernel: stack buffer overflow in the native Bluetooth stack

Red Hat Enterprise Linux Server - AUS 6.5

SRPM
kernel-2.6.32-431.84.1.el6.src.rpm SHA-256: bf05c260145fe572489c74017537d2cfe014c8525fecfed6cac3edb37a14e1d5
x86_64
kernel-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 7e861b8d65c222da13bc160910e41ba79d04ce039faffa5090c82980fd18e798
kernel-abi-whitelists-2.6.32-431.84.1.el6.noarch.rpm SHA-256: d7d4a95af299e6cf7b46ef68ccc589e38dee901b0469907530535e79c2aaa827
kernel-debug-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 766dcc248d7ddd4815ca5cd71594785271bcf8baf4533c0dbb610fe618baf122
kernel-debug-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 3446b05d6b3b3d3a149832a5e61838d18733be2829a8141e2c57eb0b19b753e0
kernel-debug-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 3446b05d6b3b3d3a149832a5e61838d18733be2829a8141e2c57eb0b19b753e0
kernel-debug-devel-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: fe3a46c127f3ee24535e8c20afacde3661fc2c909f7f12d33cd128b3e13d2453
kernel-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: a59e163f9f2190b9b9b049702f401f398caeffafa239862a4994c097e4a46e89
kernel-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: a59e163f9f2190b9b9b049702f401f398caeffafa239862a4994c097e4a46e89
kernel-debuginfo-common-x86_64-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 4a072188c200108fc6e8236865c7eba4602dc07db056a5bfedca98ce2fab9a23
kernel-debuginfo-common-x86_64-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 4a072188c200108fc6e8236865c7eba4602dc07db056a5bfedca98ce2fab9a23
kernel-devel-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 77fe33006f4cd42d0a38abef0ec3e1896c2b96cd129c602b020369babb838750
kernel-doc-2.6.32-431.84.1.el6.noarch.rpm SHA-256: ef0b8e9b54b4411f8314c31283b7acf8cfd166eca6ac3353190db15eae584cd1
kernel-firmware-2.6.32-431.84.1.el6.noarch.rpm SHA-256: 6ac5fce78ae99aceecc59d9b42f762afb4c15835a9d81afd98696623ea4f9231
kernel-headers-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 410719e1f16e5b2133aaa15aee989ccccc3234d0ba5af801af1fa07d5ea950de
perf-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 59be0c50555f62e659dbf623785fb2f69ae030ac90c452358713b5cdd21c76bb
perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: af67d4c99fe2a2d0e9dfbfdace4c926ba0f420e9b6f9be87de7bbc98e52c7b8c
perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: af67d4c99fe2a2d0e9dfbfdace4c926ba0f420e9b6f9be87de7bbc98e52c7b8c
python-perf-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 2761b69ca5e8f76f4f030599ab46a5c293c203c047e0e82dd9bc71df713cdcee
python-perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 1ff83954e3f82759b813cb36604b69d281937a2bf38e3de455c59221a3120d13
python-perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 1ff83954e3f82759b813cb36604b69d281937a2bf38e3de455c59221a3120d13

Red Hat Enterprise Linux Server - TUS 6.5

SRPM
kernel-2.6.32-431.84.1.el6.src.rpm SHA-256: bf05c260145fe572489c74017537d2cfe014c8525fecfed6cac3edb37a14e1d5
x86_64
kernel-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 7e861b8d65c222da13bc160910e41ba79d04ce039faffa5090c82980fd18e798
kernel-abi-whitelists-2.6.32-431.84.1.el6.noarch.rpm SHA-256: d7d4a95af299e6cf7b46ef68ccc589e38dee901b0469907530535e79c2aaa827
kernel-debug-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 766dcc248d7ddd4815ca5cd71594785271bcf8baf4533c0dbb610fe618baf122
kernel-debug-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 3446b05d6b3b3d3a149832a5e61838d18733be2829a8141e2c57eb0b19b753e0
kernel-debug-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 3446b05d6b3b3d3a149832a5e61838d18733be2829a8141e2c57eb0b19b753e0
kernel-debug-devel-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: fe3a46c127f3ee24535e8c20afacde3661fc2c909f7f12d33cd128b3e13d2453
kernel-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: a59e163f9f2190b9b9b049702f401f398caeffafa239862a4994c097e4a46e89
kernel-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: a59e163f9f2190b9b9b049702f401f398caeffafa239862a4994c097e4a46e89
kernel-debuginfo-common-x86_64-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 4a072188c200108fc6e8236865c7eba4602dc07db056a5bfedca98ce2fab9a23
kernel-debuginfo-common-x86_64-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 4a072188c200108fc6e8236865c7eba4602dc07db056a5bfedca98ce2fab9a23
kernel-devel-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 77fe33006f4cd42d0a38abef0ec3e1896c2b96cd129c602b020369babb838750
kernel-doc-2.6.32-431.84.1.el6.noarch.rpm SHA-256: ef0b8e9b54b4411f8314c31283b7acf8cfd166eca6ac3353190db15eae584cd1
kernel-firmware-2.6.32-431.84.1.el6.noarch.rpm SHA-256: 6ac5fce78ae99aceecc59d9b42f762afb4c15835a9d81afd98696623ea4f9231
kernel-headers-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 410719e1f16e5b2133aaa15aee989ccccc3234d0ba5af801af1fa07d5ea950de
perf-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 59be0c50555f62e659dbf623785fb2f69ae030ac90c452358713b5cdd21c76bb
perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: af67d4c99fe2a2d0e9dfbfdace4c926ba0f420e9b6f9be87de7bbc98e52c7b8c
perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: af67d4c99fe2a2d0e9dfbfdace4c926ba0f420e9b6f9be87de7bbc98e52c7b8c
python-perf-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 2761b69ca5e8f76f4f030599ab46a5c293c203c047e0e82dd9bc71df713cdcee
python-perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 1ff83954e3f82759b813cb36604b69d281937a2bf38e3de455c59221a3120d13
python-perf-debuginfo-2.6.32-431.84.1.el6.x86_64.rpm SHA-256: 1ff83954e3f82759b813cb36604b69d281937a2bf38e3de455c59221a3120d13

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.