Synopsis:          Important: kernel security update
Advisory ID:       SLSA-2017:0294-1
Issue Date:        2017-02-22
CVE Numbers:       CVE-2017-6074
--

Security Fix(es):

* A use-after-free flaw was found in the way the Linux kernel's Datagram
Congestion Control Protocol (DCCP) implementation freed SKB (socket
buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO
option is set on the socket. A local, unprivileged user could use this
flaw to alter the kernel memory, allowing them to escalate their
privileges on the system. (CVE-2017-6074, Important)
--

SL7
  x86_64
    kernel-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-debug-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-devel-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-headers-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-tools-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-514.6.2.el7.x86_64.rpm
    perf-3.10.0-514.6.2.el7.x86_64.rpm
    perf-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm
    python-perf-3.10.0-514.6.2.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-514.6.2.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-514.6.2.el7.noarch.rpm
    kernel-doc-3.10.0-514.6.2.el7.noarch.rpm

- Scientific Linux Development Team