Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:2802 - Security Advisory
Issued:
2017-09-26
Updated:
2017-09-26

RHSA-2017:2802 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)

Red Hat would like to thank Qualys Research Labs for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 5.9 x86_64
  • Red Hat Enterprise Linux Server - AUS 5.9 ia64
  • Red Hat Enterprise Linux Server - AUS 5.9 i386

Fixes

  • BZ - 1492212 - CVE-2017-1000253 kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

CVEs

  • CVE-2017-1000253

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/3189592
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 5.9

SRPM
kernel-2.6.18-348.34.2.el5.src.rpm SHA-256: f69016773d0c8d8c7cce9a420e3ca68932eac80e3c84863cbf6bc0f20a84c705
x86_64
kernel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: ff4f7994c2c547ec52e9c9d3b0421091f867fad75f20a6e74d719254baaa752c
kernel-debug-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 395175eb10571e572bff220597f3a295a6d565db491d784b17dee07c79696af3
kernel-debug-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: b7f5d14f928270e3ee19842a1436b2d3eb07e9ca760d2418c651f3d77800ad15
kernel-debug-devel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: eb113a4c7d55fcf4ba6652965cce9f313847c6491d422e2944d89d043cda10d5
kernel-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 8b923c7ba0e01e15b2abccabfd0e34be068bba030cfd8415ebb7dbaa338098af
kernel-debuginfo-common-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 8dfb0900b072f4094ac016463dbb309b9512049bcaa8f090175a4f3fdacb4892
kernel-devel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: ecad76e103c0869fd12ab93cfea12fe42e8da69694e24109df5daba968e5cd61
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: fd7cb6b1cab890e0e81cf56963794663fa0b87c40b793d51622cdccbf9d26ce8
kernel-xen-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 8c036e38b3fc69686f4967d505421ebe814bb92c49aeca3fb72277d346b15244
kernel-xen-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: d197e553fe89bdb1c86a141833307ed12568084fa5f43e6376121f4a996fd8a7
kernel-xen-devel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: e4e374b66f9ba9991bda91614c192db3629c1cdce9798517cc19f8f123102b99
ia64
kernel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 14e3d9d372a6704bb464299e294ad3c326f8091c597192dbe3d23019250c6868
kernel-debug-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 752135621b68ccbb6aecd212b21aad29c6adef978f9974fee3dd807470759462
kernel-debug-debuginfo-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 57ee53dcfe7b69546896befbd01890218f97b941c2458dbc19dc829dc5ab3cde
kernel-debug-devel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 97421a50d21757c7b72b5c499534898eeffcd1dc904728095ee93cecfc0a2878
kernel-debuginfo-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 6fc67b15a8849bc79a2469099f58a24b9f4fc6593576ad43b9119b44150d287f
kernel-debuginfo-common-2.6.18-348.34.2.el5.ia64.rpm SHA-256: beb9ef644ca5595c0affa6c0e1a2be194de5736a0c604f9afe0e410c9f4560bb
kernel-devel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: ef4fd0b351b546c30656296ae07e50f71b954889bc75bf5a6723d037f045e492
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 3f7e962d58075fbf845c7adcd41a2f5ece725c7e5e673919882ea289aca644a7
kernel-xen-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 9e03340b56831371605088d550f31c748fcb498fb67022b6238d0fff85974ac0
kernel-xen-debuginfo-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 327975158543b06de723ede1146275d0d1654cde843f2160f12b13ddc983a909
kernel-xen-devel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 0bd124ea209917d21518543d502d87ee8ab130874fc0b5576f544948d09c706a
i386
kernel-2.6.18-348.34.2.el5.i686.rpm SHA-256: c5f1dbc50e7ef51c2744cbec4e073466ba75ff03aa62f825f082b24212ce462f
kernel-PAE-2.6.18-348.34.2.el5.i686.rpm SHA-256: 24758cc0ed19d78e9dc28685113c528d2d169461ff7b27b127ec590f9bf4a443
kernel-PAE-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: 9066f0c4161f18b8226de8c181d72b137977040e91131ae28ad4ca9654a92b60
kernel-PAE-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: 740fe5f3f77d863d306c4011ce5121665d087b97e77719c93683c44319ee2851
kernel-debug-2.6.18-348.34.2.el5.i686.rpm SHA-256: 2955a4cdd7c8b35a8d43c1da94e60e2d45d47c2c7415789ddf91efce166c2de6
kernel-debug-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: f4b4f744241fb06e5dc75026c529308941073256b86bc56241b9562b42c26432
kernel-debug-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: d8665e1bc2b2ebf416b1e127cbb84c0321eb65eda14be0eb27b1ccca1ab11723
kernel-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: 1183e6e3ad5702e0dfc662369b05f7691d552254f968a961a07d79bd53d2bd99
kernel-debuginfo-common-2.6.18-348.34.2.el5.i686.rpm SHA-256: e1791616f91117407a80831ebe2f71af0030a88707c7e502828d386097047f3d
kernel-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: dc27011537a006ad1fb070d469544b6fcd911339bb73cf4dde3e65fea7d6715c
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.i386.rpm SHA-256: 1180e319923829bd09aeaf04a0b39a37af8508b8157643551a72c69d8a4d9b38
kernel-xen-2.6.18-348.34.2.el5.i686.rpm SHA-256: 64d7562fabcbf73e609f64035c094ab093581a9db458fa1de37e5f90194a577e
kernel-xen-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: eaf86c041fb99073513542226be8cd930c068a8cd00f79f45741b8feda247629
kernel-xen-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: 2aa190498a1565f76637003a934d4949c6e5bf1d714607f6fed9b38c8d4825c8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our Privacy Statement effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter