Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:2802 - Security Advisory
Issued:
2017-09-26
Updated:
2017-09-26

RHSA-2017:2802 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)

Red Hat would like to thank Qualys Research Labs for reporting this issue.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 5.9 x86_64
  • Red Hat Enterprise Linux Server - AUS 5.9 ia64
  • Red Hat Enterprise Linux Server - AUS 5.9 i386

Fixes

  • BZ - 1492212 - CVE-2017-1000253 kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

CVEs

  • CVE-2017-1000253

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/3189592
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 5.9

SRPM
kernel-2.6.18-348.34.2.el5.src.rpm SHA-256: f69016773d0c8d8c7cce9a420e3ca68932eac80e3c84863cbf6bc0f20a84c705
x86_64
kernel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: ff4f7994c2c547ec52e9c9d3b0421091f867fad75f20a6e74d719254baaa752c
kernel-debug-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 395175eb10571e572bff220597f3a295a6d565db491d784b17dee07c79696af3
kernel-debug-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: b7f5d14f928270e3ee19842a1436b2d3eb07e9ca760d2418c651f3d77800ad15
kernel-debug-devel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: eb113a4c7d55fcf4ba6652965cce9f313847c6491d422e2944d89d043cda10d5
kernel-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 8b923c7ba0e01e15b2abccabfd0e34be068bba030cfd8415ebb7dbaa338098af
kernel-debuginfo-common-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 8dfb0900b072f4094ac016463dbb309b9512049bcaa8f090175a4f3fdacb4892
kernel-devel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: ecad76e103c0869fd12ab93cfea12fe42e8da69694e24109df5daba968e5cd61
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: fd7cb6b1cab890e0e81cf56963794663fa0b87c40b793d51622cdccbf9d26ce8
kernel-xen-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: 8c036e38b3fc69686f4967d505421ebe814bb92c49aeca3fb72277d346b15244
kernel-xen-debuginfo-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: d197e553fe89bdb1c86a141833307ed12568084fa5f43e6376121f4a996fd8a7
kernel-xen-devel-2.6.18-348.34.2.el5.x86_64.rpm SHA-256: e4e374b66f9ba9991bda91614c192db3629c1cdce9798517cc19f8f123102b99
ia64
kernel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 14e3d9d372a6704bb464299e294ad3c326f8091c597192dbe3d23019250c6868
kernel-debug-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 752135621b68ccbb6aecd212b21aad29c6adef978f9974fee3dd807470759462
kernel-debug-debuginfo-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 57ee53dcfe7b69546896befbd01890218f97b941c2458dbc19dc829dc5ab3cde
kernel-debug-devel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 97421a50d21757c7b72b5c499534898eeffcd1dc904728095ee93cecfc0a2878
kernel-debuginfo-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 6fc67b15a8849bc79a2469099f58a24b9f4fc6593576ad43b9119b44150d287f
kernel-debuginfo-common-2.6.18-348.34.2.el5.ia64.rpm SHA-256: beb9ef644ca5595c0affa6c0e1a2be194de5736a0c604f9afe0e410c9f4560bb
kernel-devel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: ef4fd0b351b546c30656296ae07e50f71b954889bc75bf5a6723d037f045e492
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 3f7e962d58075fbf845c7adcd41a2f5ece725c7e5e673919882ea289aca644a7
kernel-xen-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 9e03340b56831371605088d550f31c748fcb498fb67022b6238d0fff85974ac0
kernel-xen-debuginfo-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 327975158543b06de723ede1146275d0d1654cde843f2160f12b13ddc983a909
kernel-xen-devel-2.6.18-348.34.2.el5.ia64.rpm SHA-256: 0bd124ea209917d21518543d502d87ee8ab130874fc0b5576f544948d09c706a
i386
kernel-2.6.18-348.34.2.el5.i686.rpm SHA-256: c5f1dbc50e7ef51c2744cbec4e073466ba75ff03aa62f825f082b24212ce462f
kernel-PAE-2.6.18-348.34.2.el5.i686.rpm SHA-256: 24758cc0ed19d78e9dc28685113c528d2d169461ff7b27b127ec590f9bf4a443
kernel-PAE-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: 9066f0c4161f18b8226de8c181d72b137977040e91131ae28ad4ca9654a92b60
kernel-PAE-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: 740fe5f3f77d863d306c4011ce5121665d087b97e77719c93683c44319ee2851
kernel-debug-2.6.18-348.34.2.el5.i686.rpm SHA-256: 2955a4cdd7c8b35a8d43c1da94e60e2d45d47c2c7415789ddf91efce166c2de6
kernel-debug-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: f4b4f744241fb06e5dc75026c529308941073256b86bc56241b9562b42c26432
kernel-debug-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: d8665e1bc2b2ebf416b1e127cbb84c0321eb65eda14be0eb27b1ccca1ab11723
kernel-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: 1183e6e3ad5702e0dfc662369b05f7691d552254f968a961a07d79bd53d2bd99
kernel-debuginfo-common-2.6.18-348.34.2.el5.i686.rpm SHA-256: e1791616f91117407a80831ebe2f71af0030a88707c7e502828d386097047f3d
kernel-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: dc27011537a006ad1fb070d469544b6fcd911339bb73cf4dde3e65fea7d6715c
kernel-doc-2.6.18-348.34.2.el5.noarch.rpm SHA-256: 7a613a899a6535d64929572d83387579ef2d5bcef194dd58fc447a8c841503ac
kernel-headers-2.6.18-348.34.2.el5.i386.rpm SHA-256: 1180e319923829bd09aeaf04a0b39a37af8508b8157643551a72c69d8a4d9b38
kernel-xen-2.6.18-348.34.2.el5.i686.rpm SHA-256: 64d7562fabcbf73e609f64035c094ab093581a9db458fa1de37e5f90194a577e
kernel-xen-debuginfo-2.6.18-348.34.2.el5.i686.rpm SHA-256: eaf86c041fb99073513542226be8cd930c068a8cd00f79f45741b8feda247629
kernel-xen-devel-2.6.18-348.34.2.el5.i686.rpm SHA-256: 2aa190498a1565f76637003a934d4949c6e5bf1d714607f6fed9b38c8d4825c8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility