First published: Tue Mar 14 2017(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important)</li> Red Hat would like to thank Andrey Konovalov (Google) for reporting this issue.<br>Bug Fix(es):<br><li> Previously, running the "ethtool -S" command to get the statistics of a Brocade Network Adapter (BNA) sometimes caused a kernel panic. This update applies a set of patches to the bna driver, and the kernel panic no longer occurs in the described scenario. (BZ#1408130)</li> <li> Use of a multi-threaded workload with high memory mappings sometimes caused a kernel panic, due to a race condition between the context switch and the pagetable upgrade. This update fixes the switch_mm() by using the complete asce parameter instead of the asce_bits parameter. As a result, the kernel no longer panics in the described scenario. (BZ#1410865)</li> <li> Previously, the kernel was sending a Transmission Control Protocol (TCP) window which had a size of zero for a socket with an empty receive queue. Consequently, the TCP session became unresponsive. This update fixes the ibmveth driver to set correct values of the gso_size and gso_type variables and to calculate the value of the gso_segs variable for large packets. As a result, the TCP session no longer hangs in the described scenario. (BZ#1411381)</li> <li> Previously, booting a kdump kernel in some cases failed with this error:</li> Kernel panic - not syncing: Watchdog detected hard LOCKUP on CPU 0.<br>This update ensures that the hpet timer software counters, including hpet_default_delta and hpet_t1_cmp, are initialized before an interrupt request is registered, and the kdump kernel now boots without the mentioned error message. (BZ#1404183)<br><li> When one of the drives became unresponsive, all other drives intermittently hung, because the megaraid_sas driver incorrectly sent a reset request to the PowerEdge RAID Controller (PERC). This update fixes megaraid_sas, and thus the hang of one drive no longer leads to intermittent loss of access to all drives on the system. (BZ#1398174)</li>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-abi-whitelists | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-doc | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-headers | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-libs | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-libs-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/perf | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/perf-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/python-perf | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/python-perf-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debuginfo-common-s390x | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-headers | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-kdump | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-kdump-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-kdump-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/perf | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/perf-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/python-perf | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/python-perf-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-bootwrapper | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debuginfo-common-ppc64 | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-libs | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-libs-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-bootwrapper | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debug-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-debuginfo-common-ppc64le | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-headers | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-libs | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/kernel-tools-libs-devel | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/perf | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/perf-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/python-perf | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
redhat/python-perf-debuginfo | <3.10.0-327.49.2.el7 | 3.10.0-327.49.2.el7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.