First published: Thu Feb 23 2017(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important)</li> Red Hat would like to thank Andrey Konovalov (Google) for reporting this issue.<br>Bug Fix(es):<br><li> When an NFS server received a compound Remote Procedure Call (RPC) with multiple operations where the SECINFO operation was the ninth or later operation, the server terminated unexpectedly. This update fixes the NFS server to correctly initialize all arguments of all compound RPC operations that are beyond the first eight operations. As a result, the NFS server no longer crashes in the described situation. (BZ#1413035)</li>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-abi-whitelists | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debug | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debug-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debug-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debug-devel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debug-devel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debuginfo-common-i686 | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-devel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-doc | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-firmware | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-headers | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/perf | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/perf-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/perf-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/python-perf | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/python-perf-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/python-perf-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debug | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-devel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-headers | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/perf | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/python-perf | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debuginfo-common-s390x | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-kdump | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-kdump-debuginfo | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-kdump-devel | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-bootwrapper | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
redhat/kernel-debuginfo-common-ppc64 | <2.6.32-573.40.1.el6 | 2.6.32-573.40.1.el6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.