LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

December 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA December 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Important: kernel on SL7.x x86_64
From:	Scott Reid <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Wed, 14 Dec 2016 18:16:44 -0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (75 lines)

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       SLSA-2016:2574-2
Issue Date:        2016-11-03
CVE Numbers:       CVE-2015-8543
                   CVE-2013-4312
                   CVE-2016-5829
                   CVE-2015-8374
                   CVE-2015-8746
                   CVE-2016-2053
                   CVE-2016-2069
                   CVE-2015-8812
                   CVE-2016-2384
                   CVE-2016-3070
                   CVE-2016-2117
                   CVE-2016-2847
                   CVE-2016-3156
                   CVE-2015-8845
                   CVE-2015-8844
                   CVE-2016-3699
                   CVE-2016-4581
                   CVE-2016-4569
                   CVE-2016-4578
                   CVE-2016-4794
                   CVE-2016-5412
                   CVE-2016-5828
                   CVE-2016-6136
                   CVE-2016-6327
                   CVE-2016-6198
                   CVE-2016-6480
                   CVE-2016-3841
                   CVE-2015-8956
--

Security Fix(es):

* It was found that the Linux kernel's IPv6 implementation mishandled
socket options. A local attacker could abuse concurrent access to the
socket options to escalate their privileges, or cause a denial of service
(use-after-free and system crash) via a crafted sendmsg system call.
(CVE-2016-3841, Important)

(CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8812,
CVE-2015-8844, CVE-2015-8845, CVE-2016-2053, CVE-2016-2069, CVE-2016-2847,
CVE-2016-3156, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828,
CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480,
CVE-2015-8746, CVE-2015-8956, CVE-2016-2117, CVE-2016-2384, CVE-2016-3070,
CVE-2016-3699, CVE-2016-4569, CVE-2016-4578)

Additional Changes:
--

SL7
  x86_64
    kernel-3.10.0-514.el7.x86_64.rpm
    kernel-debug-3.10.0-514.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-514.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-514.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-514.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-514.el7.x86_64.rpm
    kernel-devel-3.10.0-514.el7.x86_64.rpm
    kernel-headers-3.10.0-514.el7.x86_64.rpm
    kernel-tools-3.10.0-514.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-514.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-514.el7.x86_64.rpm
    perf-3.10.0-514.el7.x86_64.rpm
    perf-debuginfo-3.10.0-514.el7.x86_64.rpm
    python-perf-3.10.0-514.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-514.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-514.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-514.el7.noarch.rpm
    kernel-doc-3.10.0-514.el7.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV