Issued:
2017-09-14
Updated:
2017-09-14

RHSA-2017:2731 - Security Advisory

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges. (CVE-2017-1000251, Important)

Red Hat would like to thank Armis Labs for reporting this issue.

Bug Fix(es):

  • Previously, while the MAP_GROWSDOWN flag was set, writing to the memory which was mapped with the mmap system call failed with the SIGBUS signal. This update fixes memory management in the Linux kernel by backporting an upstream patch that enlarges the stack guard page gap. As a result, mmap now works as expected under the described circumstances. (BZ#1474722)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 6.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 6.6 x86_64

Fixes

  • BZ - 1489716 - CVE-2017-1000251 kernel: stack buffer overflow in the native Bluetooth stack

Red Hat Enterprise Linux Server - AUS 6.6

SRPM
kernel-2.6.32-504.63.2.el6.src.rpm SHA-256: d8764be3e7c2e839b46cbf259e0c819c5e2dee17b927bb7f96a5a2b1b0ad7018
x86_64
kernel-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 2a79fcb8f438be0940e8c44d8dcbb3095acff0f5b86c5bd2e0741d204d9c1765
kernel-abi-whitelists-2.6.32-504.63.2.el6.noarch.rpm SHA-256: 8f533ccecb862158571b42779c99940bbe09b50ac9f639f53829cdd96a48a0fe
kernel-debug-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 29470c8b99bfca733731f193003867f698c4b7141789f051b61a0fc81b2a4eb4
kernel-debug-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: bb9c54c4c255a8007a9ae49458cade80dd083737040b0fcbdc518cc5e4997806
kernel-debug-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: bb9c54c4c255a8007a9ae49458cade80dd083737040b0fcbdc518cc5e4997806
kernel-debug-devel-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 2926c85509c3045b8a7b502d77f423a73f12b3a2f5b74e256c1b386c1522ccd0
kernel-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: b9a699159c147264f5f7698e563a0bc93f7610b100bfef0527e713182fe82cdf
kernel-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: b9a699159c147264f5f7698e563a0bc93f7610b100bfef0527e713182fe82cdf
kernel-debuginfo-common-x86_64-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 5aaf87f35293893c2787337621ace86df0fccc53c2b22f64cfb835e92f962d6a
kernel-debuginfo-common-x86_64-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 5aaf87f35293893c2787337621ace86df0fccc53c2b22f64cfb835e92f962d6a
kernel-devel-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: aef2f2f993ea905f3b5d08ca04a7ee3713adb7a54fa54a95b96e3db4f0cbdc3f
kernel-doc-2.6.32-504.63.2.el6.noarch.rpm SHA-256: c652cb431448d8143b21db22b4c1c216d91010b184c76a12693eaac9d4b139b1
kernel-firmware-2.6.32-504.63.2.el6.noarch.rpm SHA-256: 5902fbe3ce056a679bfcaa5e7dbe7c0dc371df495241790af335df27fb24ce82
kernel-headers-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: cf5b10a571bafc1e1af92dbbc493be3fadfec8bab8b274672cc7ea31f4b5ba61
perf-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: e25d16cee47dad7379a0ac5a95ce1e7c09c92c43340ebc0b886883c3e2cd32f5
perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 299fbbd3dafa489a7ef53aced595ce5fba84331c11a1a3f2ad62c03438a36a11
perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 299fbbd3dafa489a7ef53aced595ce5fba84331c11a1a3f2ad62c03438a36a11
python-perf-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: a03a5874d06f2fa14e7ff719880de644606b13db5f658c66a17c3746f6d43040
python-perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 34fe57fb6ce3e6c911841eed51c142a3a8e561dd0d7f829fa3fcb3c2f8874dac
python-perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 34fe57fb6ce3e6c911841eed51c142a3a8e561dd0d7f829fa3fcb3c2f8874dac

Red Hat Enterprise Linux Server - TUS 6.6

SRPM
kernel-2.6.32-504.63.2.el6.src.rpm SHA-256: d8764be3e7c2e839b46cbf259e0c819c5e2dee17b927bb7f96a5a2b1b0ad7018
x86_64
kernel-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 2a79fcb8f438be0940e8c44d8dcbb3095acff0f5b86c5bd2e0741d204d9c1765
kernel-abi-whitelists-2.6.32-504.63.2.el6.noarch.rpm SHA-256: 8f533ccecb862158571b42779c99940bbe09b50ac9f639f53829cdd96a48a0fe
kernel-debug-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 29470c8b99bfca733731f193003867f698c4b7141789f051b61a0fc81b2a4eb4
kernel-debug-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: bb9c54c4c255a8007a9ae49458cade80dd083737040b0fcbdc518cc5e4997806
kernel-debug-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: bb9c54c4c255a8007a9ae49458cade80dd083737040b0fcbdc518cc5e4997806
kernel-debug-devel-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 2926c85509c3045b8a7b502d77f423a73f12b3a2f5b74e256c1b386c1522ccd0
kernel-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: b9a699159c147264f5f7698e563a0bc93f7610b100bfef0527e713182fe82cdf
kernel-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: b9a699159c147264f5f7698e563a0bc93f7610b100bfef0527e713182fe82cdf
kernel-debuginfo-common-x86_64-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 5aaf87f35293893c2787337621ace86df0fccc53c2b22f64cfb835e92f962d6a
kernel-debuginfo-common-x86_64-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 5aaf87f35293893c2787337621ace86df0fccc53c2b22f64cfb835e92f962d6a
kernel-devel-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: aef2f2f993ea905f3b5d08ca04a7ee3713adb7a54fa54a95b96e3db4f0cbdc3f
kernel-doc-2.6.32-504.63.2.el6.noarch.rpm SHA-256: c652cb431448d8143b21db22b4c1c216d91010b184c76a12693eaac9d4b139b1
kernel-firmware-2.6.32-504.63.2.el6.noarch.rpm SHA-256: 5902fbe3ce056a679bfcaa5e7dbe7c0dc371df495241790af335df27fb24ce82
kernel-headers-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: cf5b10a571bafc1e1af92dbbc493be3fadfec8bab8b274672cc7ea31f4b5ba61
perf-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: e25d16cee47dad7379a0ac5a95ce1e7c09c92c43340ebc0b886883c3e2cd32f5
perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 299fbbd3dafa489a7ef53aced595ce5fba84331c11a1a3f2ad62c03438a36a11
perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 299fbbd3dafa489a7ef53aced595ce5fba84331c11a1a3f2ad62c03438a36a11
python-perf-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: a03a5874d06f2fa14e7ff719880de644606b13db5f658c66a17c3746f6d43040
python-perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 34fe57fb6ce3e6c911841eed51c142a3a8e561dd0d7f829fa3fcb3c2f8874dac
python-perf-debuginfo-2.6.32-504.63.2.el6.x86_64.rpm SHA-256: 34fe57fb6ce3e6c911841eed51c142a3a8e561dd0d7f829fa3fcb3c2f8874dac

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.