LISTSERV 16.5 - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: kernel security, bug fix, and enhancement 
Advisory ID:       SLSA-2017:1842-1
Issue Date:        2017-08-01
CVE Numbers:       CVE-2016-7097
                   CVE-2016-7042
                   CVE-2016-9576
                   CVE-2016-10088
                   CVE-2014-7970
                   CVE-2014-7975
                   CVE-2016-6213
                   CVE-2015-8839
                   CVE-2015-8970
                   CVE-2016-9604
                   CVE-2016-8645
                   CVE-2016-9685
                   CVE-2016-9806
                   CVE-2016-10147
                   CVE-2016-9588
                   CVE-2017-2596
                   CVE-2017-5970
                   CVE-2017-6001
                   CVE-2017-2647
                   CVE-2016-10200
                   CVE-2017-6951
                   CVE-2017-7187
                   CVE-2017-2671
                   CVE-2017-7616
                   CVE-2017-7889
                   CVE-2017-8890
                   CVE-2017-9074
                   CVE-2017-9076
                   CVE-2017-9075
                   CVE-2017-9077
                   CVE-2017-9242
                   CVE-2017-8797
--

Security Fix(es):

* An use-after-free flaw was found in the Linux kernel which enables a
race condition in the L2TPv3 IP Encapsulation feature. A local user could
use this flaw to escalate their privileges or crash the system.
(CVE-2016-10200, Important)

* A flaw was found that can be triggered in keyring_search_iterator in
keyring.c if type->match is NULL. A local user could use this flaw to
crash the system or, potentially, escalate their privileges.
(CVE-2017-2647, Important)

* It was found that the NFSv4 server in the Linux kernel did not properly
validate layout type when processing NFSv4 pNFS LAYOUTGET and
GETDEVICEINFO operands. A remote attacker could use this flaw to soft-
lockup the system and thus cause denial of service. (CVE-2017-8797,
Important)

This update also fixes multiple Moderate and Low impact security issues:

* CVE-2015-8839, CVE-2015-8970, CVE-2016-9576, CVE-2016-7042,
CVE-2016-7097, CVE-2016-8645, CVE-2016-9576, CVE-2016-9588, CVE-2016-9806,
CVE-2016-10088, CVE-2016-10147, CVE-2017-2596, CVE-2017-2671,
CVE-2017-5970, CVE-2017-6001, CVE-2017-6951, CVE-2017-7187, CVE-2017-7616,
CVE-2017-7889, CVE-2017-8890, CVE-2017-9074, CVE-2017-8890, CVE-2017-9075,
CVE-2017-8890, CVE-2017-9076, CVE-2017-8890, CVE-2017-9077, CVE-2017-9242,
CVE-2014-7970, CVE-2014-7975, CVE-2016-6213, CVE-2016-9604, CVE-2016-9685
--

SL7
  x86_64
    kernel-3.10.0-693.el7.x86_64.rpm
    kernel-debug-3.10.0-693.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-693.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-693.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-693.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-693.el7.x86_64.rpm
    kernel-devel-3.10.0-693.el7.x86_64.rpm
    kernel-headers-3.10.0-693.el7.x86_64.rpm
    kernel-tools-3.10.0-693.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-693.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-693.el7.x86_64.rpm
    perf-3.10.0-693.el7.x86_64.rpm
    perf-debuginfo-3.10.0-693.el7.x86_64.rpm
    python-perf-3.10.0-693.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-693.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-693.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-693.el7.noarch.rpm
    kernel-doc-3.10.0-693.el7.noarch.rpm

- Scientific Linux Development Team