Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:2473-1 Issue Date: 2017-08-15 CVE Numbers: CVE-2017-7533 -- Security Fix(es): * A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data. (CVE-2017-7533, Important) Bug Fix(es): * Previously, direct I/O read operations going past EOF returned an invalid error number, instead of reading 0 bytes and returning success, if these operations were in same XFS block with EOF. Consequently, creating multiple VMs from a Scientific Linux 7.4 template caused all the VMs to become unresponsive in the 'Image Locked' state. This update fixes the direct I/O feature of the file system, and VMs created from a Scientific Linux 7.4 template now work as expected. * This kernel is signed with the new Secure Boot key. -- SL7 x86_64 kernel-3.10.0-693.1.1.el7.x86_64.rpm kernel-debug-3.10.0-693.1.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.1.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.1.1.el7.x86_64.rpm kernel-devel-3.10.0-693.1.1.el7.x86_64.rpm kernel-headers-3.10.0-693.1.1.el7.x86_64.rpm kernel-tools-3.10.0-693.1.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.1.1.el7.x86_64.rpm perf-3.10.0-693.1.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm python-perf-3.10.0-693.1.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.1.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.1.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-693.1.1.el7.noarch.rpm kernel-doc-3.10.0-693.1.1.el7.noarch.rpm - Scientific Linux Development Team