LISTSERV 16.5 - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       SLSA-2017:1308-1
Issue Date:        2017-05-25
CVE Numbers:       CVE-2016-8646
                   CVE-2016-10208
                   CVE-2016-7910
                   CVE-2017-5986
                   CVE-2017-7308
--

Security Fix(es):

* It was found that the packet_set_ring() function of the Linux kernel's
networking implementation did not properly validate certain block-size
data. A local attacker with CAP_NET_RAW capability could use this flaw to
trigger a buffer overflow, resulting in the crash of the system. Due to
the nature of the flaw, privilege escalation cannot be fully ruled out.
(CVE-2017-7308, Important)

* Mounting a crafted EXT4 image read-only leads to an attacker controlled
memory corruption and SLAB-Out-of-Bounds reads. (CVE-2016-10208, Moderate)

* A flaw was found in the Linux kernel's implementation of seq_file where
a local attacker could manipulate memory in the put() function pointer.
This could lead to memory corruption and possible privileged escalation.
(CVE-2016-7910, Moderate)

* A vulnerability was found in the Linux kernel. An unprivileged local
user could trigger oops in shash_async_export() by attempting to force the
in-kernel hashing algorithms into decrypting an empty data set.
(CVE-2016-8646, Moderate)

* It was reported that with Linux kernel, earlier than version v4.10-rc8,
an application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket
tx buffer is full, a thread is waiting on it to queue more data, and
meanwhile another thread peels off the association being used by the first
thread. (CVE-2017-5986, Moderate)
--

SL7
  x86_64
    kernel-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-debug-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-devel-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-headers-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-tools-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-514.21.1.el7.x86_64.rpm
    perf-3.10.0-514.21.1.el7.x86_64.rpm
    perf-debuginfo-3.10.0-514.21.1.el7.x86_64.rpm
    python-perf-3.10.0-514.21.1.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-514.21.1.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-514.21.1.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-514.21.1.el7.noarch.rpm
    kernel-doc-3.10.0-514.21.1.el7.noarch.rpm

- Scientific Linux Development Team