Red Hat Product Errata RHSA-2017:2802 - Security Advisory

Issued:: 2017-09-26
Updated:: 2017-09-26

RHSA-2017:2802 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)

Red Hat would like to thank Qualys Research Labs for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 5.9 x86_64
Red Hat Enterprise Linux Server - AUS 5.9 ia64
Red Hat Enterprise Linux Server - AUS 5.9 i386

Fixes

BZ - 1492212 - CVE-2017-1000253 kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

CVEs

CVE-2017-1000253

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 5.9

SRPM
kernel-2.6.18-348.34.2.el5.src.rpm	SHA-256: f69016773d0c8d8c7cce9a420e3ca68932eac80e3c84863cbf6bc0f20a84c705
x86_64
kernel-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: ff4f7994c2c547ec52e9c9d3b0421091f867fad75f20a6e74d719254baaa752c
kernel-debug-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: 395175eb10571e572bff220597f3a295a6d565db491d784b17dee07c79696af3
kernel-debug-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: b7f5d14f928270e3ee19842a1436b2d3eb07e9ca760d2418c651f3d77800ad15
kernel-debug-devel-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: eb113a4c7d55fcf4ba6652965cce9f313847c6491d422e2944d89d043cda10d5
kernel-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: 8b923c7ba0e01e15b2abccabfd0e34be068bba030cfd8415ebb7dbaa338098af
kernel-debuginfo-common-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: 8dfb0900b072f4094ac016463dbb309b9512049bcaa8f090175a4f3fdacb4892
kernel-devel-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: ecad76e103c0869fd12ab93cfea12fe42e8da69694e24109df5daba968e5cd61
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm	SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: fd7cb6b1cab890e0e81cf56963794663fa0b87c40b793d51622cdccbf9d26ce8
kernel-xen-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: 8c036e38b3fc69686f4967d505421ebe814bb92c49aeca3fb72277d346b15244
kernel-xen-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: d197e553fe89bdb1c86a141833307ed12568084fa5f43e6376121f4a996fd8a7
kernel-xen-devel-2.6.18-348.34.2.el5.x86_64.rpm	SHA-256: e4e374b66f9ba9991bda91614c192db3629c1cdce9798517cc19f8f123102b99
ia64
kernel-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 14e3d9d372a6704bb464299e294ad3c326f8091c597192dbe3d23019250c6868
kernel-debug-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 752135621b68ccbb6aecd212b21aad29c6adef978f9974fee3dd807470759462
kernel-debug-debuginfo-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 57ee53dcfe7b69546896befbd01890218f97b941c2458dbc19dc829dc5ab3cde
kernel-debug-devel-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 97421a50d21757c7b72b5c499534898eeffcd1dc904728095ee93cecfc0a2878
kernel-debuginfo-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 6fc67b15a8849bc79a2469099f58a24b9f4fc6593576ad43b9119b44150d287f
kernel-debuginfo-common-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: beb9ef644ca5595c0affa6c0e1a2be194de5736a0c604f9afe0e410c9f4560bb
kernel-devel-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: ef4fd0b351b546c30656296ae07e50f71b954889bc75bf5a6723d037f045e492
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm	SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 3f7e962d58075fbf845c7adcd41a2f5ece725c7e5e673919882ea289aca644a7
kernel-xen-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 9e03340b56831371605088d550f31c748fcb498fb67022b6238d0fff85974ac0
kernel-xen-debuginfo-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 327975158543b06de723ede1146275d0d1654cde843f2160f12b13ddc983a909
kernel-xen-devel-2.6.18-348.34.2.el5.ia64.rpm	SHA-256: 0bd124ea209917d21518543d502d87ee8ab130874fc0b5576f544948d09c706a
i386
kernel-2.6.18-348.34.2.el5.i686.rpm	SHA-256: c5f1dbc50e7ef51c2744cbec4e073466ba75ff03aa62f825f082b24212ce462f
kernel-PAE-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 24758cc0ed19d78e9dc28685113c528d2d169461ff7b27b127ec590f9bf4a443
kernel-PAE-debuginfo-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 9066f0c4161f18b8226de8c181d72b137977040e91131ae28ad4ca9654a92b60
kernel-PAE-devel-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 740fe5f3f77d863d306c4011ce5121665d087b97e77719c93683c44319ee2851
kernel-debug-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 2955a4cdd7c8b35a8d43c1da94e60e2d45d47c2c7415789ddf91efce166c2de6
kernel-debug-debuginfo-2.6.18-348.34.2.el5.i686.rpm	SHA-256: f4b4f744241fb06e5dc75026c529308941073256b86bc56241b9562b42c26432
kernel-debug-devel-2.6.18-348.34.2.el5.i686.rpm	SHA-256: d8665e1bc2b2ebf416b1e127cbb84c0321eb65eda14be0eb27b1ccca1ab11723
kernel-debuginfo-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 1183e6e3ad5702e0dfc662369b05f7691d552254f968a961a07d79bd53d2bd99
kernel-debuginfo-common-2.6.18-348.34.2.el5.i686.rpm	SHA-256: e1791616f91117407a80831ebe2f71af0030a88707c7e502828d386097047f3d
kernel-devel-2.6.18-348.34.2.el5.i686.rpm	SHA-256: dc27011537a006ad1fb070d469544b6fcd911339bb73cf4dde3e65fea7d6715c
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm	SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.i386.rpm	SHA-256: 1180e319923829bd09aeaf04a0b39a37af8508b8157643551a72c69d8a4d9b38
kernel-xen-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 64d7562fabcbf73e609f64035c094ab093581a9db458fa1de37e5f90194a577e
kernel-xen-debuginfo-2.6.18-348.34.2.el5.i686.rpm	SHA-256: eaf86c041fb99073513542226be8cd930c068a8cd00f79f45741b8feda247629
kernel-xen-devel-2.6.18-348.34.2.el5.i686.rpm	SHA-256: 2aa190498a1565f76637003a934d4949c6e5bf1d714607f6fed9b38c8d4825c8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories