Security Advisory Important: kernel security and bug fix update

Advisory: RHSA-2017:0316-1
Type: Security Advisory
Severity: Important
Issued on: 2017-02-23
Last updated on: 2017-02-23
Affected Products: Red Hat Enterprise Linux Server EUS (v. 6.7.z)
CVEs (cve.mitre.org): CVE-2017-6074

Details

An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended
Update Support.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

* A use-after-free flaw was found in the way the Linux kernel's Datagram
Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer)
resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set
on the socket. A local, unprivileged user could use this flaw to alter the
kernel memory, allowing them to escalate their privileges on the system.
(CVE-2017-6074, Important)

Red Hat would like to thank Andrey Konovalov (Google) for reporting this issue.

Bug Fix(es):

* When an NFS server received a compound Remote Procedure Call (RPC) with
multiple operations where the SECINFO operation was the ninth or later
operation, the server terminated unexpectedly. This update fixes the NFS server
to correctly initialize all arguments of all compound RPC operations that are
beyond the first eight operations. As a result, the NFS server no longer crashes
in the described situation. (BZ#1413035)


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Updated packages

Red Hat Enterprise Linux Server EUS (v. 6.7.z)

SRPMS:
kernel-2.6.32-573.40.1.el6.src.rpm
File outdated by:  RHSA-2017:1487
    MD5: 86a66c236b956f29135b14fa735281d1
SHA-256: f6f2d8d8105b20fd543e8ba6c11beb8892fb9dee91bf11acde37bcadfd6ea618
 
IA-32:
kernel-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 92900a5d7a7ebb38e64e3adcd6eeef3d
SHA-256: a6b32967162231a657c7099fb51a743a58dfaf122a8efb16701a680b0b2d31eb
kernel-abi-whitelists-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 7d14c0635bebee459d45f4b83bad8067
SHA-256: ebd47e6f192a4b375b2570a932f95f2d255a59ac4203dade478660c8665892c1
kernel-debug-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 1c46a58e7f9d22657a340314c065a1ec
SHA-256: 15a7dc1e1fd86e4f0de972cb585e9d6bffeae8b99ec1cc3af7c93eed3616afff
kernel-debug-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: cefde97cc1371b49718241dc354f63fb
SHA-256: 66c405fdd60a792dbf6abe3ecb2b3b373c636d0a9ea3de8c1e7eb627953d09cd
kernel-debug-devel-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: eb89c45df02c26bfa58f0ce2eb0f0eaa
SHA-256: f4b51df0ed81b8833e2c8b8041656658e56bd48fae23c20caabcf93ff1a69904
kernel-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: e95ac6ab41c2220b148af3544c676314
SHA-256: 8774df94f1b06b9fe49d626676db0aac1eb3da49f4a852aa5f4621c01218e83d
kernel-debuginfo-common-i686-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 5d49a99227799b41c07c727360aa1363
SHA-256: 0d1400c5e138a59884213ba5c564d18eb2223386a5924f728ae8dce1f67ea886
kernel-devel-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 14bef1141495007e07895c0634fd6753
SHA-256: 9dcceea5acac6705550fdb3045f290ef1d2e59e42afb98e0fdd821bfd8c5c8c0
kernel-doc-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: eb4ecd01ed89e6d91e55bbe6287ab61a
SHA-256: 18766dc3bfd0d4a2d5cfed335c4bb60d64c7eb49b89ccab04dff0f4c3bcd1cac
kernel-firmware-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 0bfef4cee67e18bae02ce9c2d3a804c2
SHA-256: 7d14bc66fd8d75df8b9cfe1b3cbcd150a757110203e8eb4d3ed7f9c15f6ff24f
kernel-headers-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 4305be052e3a7bc586fc3c1f5561ce72
SHA-256: 2af2730b7380e895f0274dc0be8d56a886e1f45c1dc3ffc3842150001baf2638
perf-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 7f73904f8e9141e932c7481c073e7105
SHA-256: 4315d2c0e0b1795b2305f893e48a76bebd3f788b2fb5d94d34f58eccd61cf364
perf-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 93e0cfbdcac3daf42a7ee839cecbebfd
SHA-256: 2d385b29c85fb150849ce32870dc98f296c9d616d6e883be556830db4c942d23
python-perf-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 72b07dd20d2f02cc5c5d1c29ae537774
SHA-256: 5c0acbd6076366b1498abf5664beddaeb65368efa3b6a29bf0ba89d4fd27ea73
python-perf-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: edee9cd2abde24c09d1862e1e3f43d49
SHA-256: b427023864000ccdb29879e70516a5476e37fe30165fd849408f5e4b9591d558
 
PPC:
kernel-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 9f90c5e48e8fa9a7d54811549a7e8a51
SHA-256: 5e55777b9c2c010ecb661779ccbe21ede9a2d181d705b24d4d9fb920146f596a
kernel-abi-whitelists-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 7d14c0635bebee459d45f4b83bad8067
SHA-256: ebd47e6f192a4b375b2570a932f95f2d255a59ac4203dade478660c8665892c1
kernel-bootwrapper-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 448829b56cc56c3b6518c642b34dd321
SHA-256: 29b2b98af8fb23c2c617e7281b77371916700e80de7d8c419e93b826773336ab
kernel-debug-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 81b30f94f3397595fbd9ca734219092f
SHA-256: 88474c129f896c03dd84946d5e5e25a2c6668c25f348345a0c4ae8cd76db5808
kernel-debug-debuginfo-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 40c83df39a7a04cad77af2bd50aa329a
SHA-256: aa48644f7f8c0195ca4fcc48c3331edfc2514dbcbcf4bf22727234a3ce29c443
kernel-debug-devel-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: e8fac2fe1b743a0aa91f55a291e7f74b
SHA-256: dfd11a02e7e094dc96bb5fe0b43bcad816c8fbb309104ed1327180152b4b4e05
kernel-debuginfo-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 336633bcb8d8731e18a94f6ef5a2da8f
SHA-256: e0924dd88bc68eaa7fda2d0fcb6e1e5afb7a75ffe44f0428b1339f4eee885b89
kernel-debuginfo-common-ppc64-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 3dc02b9ea3a0656cd697ae51db232b92
SHA-256: 2c42d9a1c116bbbe1d9cb03fdda9d7a96e895a469f2b7d02974903a36cd0267e
kernel-devel-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 16dc6d5853ab9bc4877de430e61b62af
SHA-256: ddea7300609a5a595eaf39a6cf01bf78b5502eb280b1e5015d52a3ef3b78d88d
kernel-doc-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: eb4ecd01ed89e6d91e55bbe6287ab61a
SHA-256: 18766dc3bfd0d4a2d5cfed335c4bb60d64c7eb49b89ccab04dff0f4c3bcd1cac
kernel-firmware-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 0bfef4cee67e18bae02ce9c2d3a804c2
SHA-256: 7d14bc66fd8d75df8b9cfe1b3cbcd150a757110203e8eb4d3ed7f9c15f6ff24f
kernel-headers-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: dbfdc536ece1acb1cf067bc57a503b7e
SHA-256: dcf560632f17682c2883f98a3ff80aa5d5462dd1c875465eb5b7c6ec0a898dd6
perf-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: ac86179722cb4d1aae8c0b94cc96d96d
SHA-256: 66bbbc91632301f4e435df6841acb60243900df5211534a2ddb9f6ca7d4274e2
perf-debuginfo-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: e725e6bb79f760833be79a72d21121c7
SHA-256: 971fe3435d1a6c17eef048e6578f21ecc449fcbb5ffe1eb3bc516eb5b47169fc
python-perf-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 6e222e908551f1930ba6a7b607adb978
SHA-256: 2d0b7db4f14c0a2c8e257c422c6d170c07085d2ae6a7933f52c6212f1566ba67
python-perf-debuginfo-2.6.32-573.40.1.el6.ppc64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 59488ca4a1dec9e3b2d9e206096c5316
SHA-256: 7c3a783ad7e96769c46d69c7fb69e51e5811ede3093d147181f3c9ffda1069a8
 
s390x:
kernel-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: c060346697deea21465464dc699e2080
SHA-256: cc2d3fccaf7e5f62b434473ac5bf56781382032498ddc6310094bf57e5a08691
kernel-abi-whitelists-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 7d14c0635bebee459d45f4b83bad8067
SHA-256: ebd47e6f192a4b375b2570a932f95f2d255a59ac4203dade478660c8665892c1
kernel-debug-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: ce5f7ea58dcb4cbb8933aeba4105c315
SHA-256: 0d97358d576752be027d154fa4e2980d456dc2fa082ab4eb549f6a17f9e1263b
kernel-debug-debuginfo-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: c3162807014d1dec1d86b27f44f522db
SHA-256: 4cbe52151d9d86ad57ce47b01223305a1b88a5600b7e9daa20c58a2f57626316
kernel-debug-devel-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: a156a82ee71995e7404b6db24168347d
SHA-256: 138257a7769d61d3724a3c5b9171687b54ac283dc3dc29f522d0d045ff0de93c
kernel-debuginfo-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: 685276855d61f33e3a81a38e3efc3cdc
SHA-256: 2a57c0204b5b5382f659927c5088666eaf33f5abfdc5ebcf8c3cdf445f0c71bf
kernel-debuginfo-common-s390x-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: ca93709b0b86dac9d9cf662053a05fbc
SHA-256: 29392124eae440a15c7f3e143132d5448ef9d29b6e1addf0c24562fed9b3a857
kernel-devel-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: 7360f02f07f42561d303eaeb5799e39a
SHA-256: 0a1561ce12a41ba6bc7ebb080d3186b5b74f305d095f718d176aea797347b46a
kernel-doc-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: eb4ecd01ed89e6d91e55bbe6287ab61a
SHA-256: 18766dc3bfd0d4a2d5cfed335c4bb60d64c7eb49b89ccab04dff0f4c3bcd1cac
kernel-firmware-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 0bfef4cee67e18bae02ce9c2d3a804c2
SHA-256: 7d14bc66fd8d75df8b9cfe1b3cbcd150a757110203e8eb4d3ed7f9c15f6ff24f
kernel-headers-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: fc6f94a060fc174f42eaf8a4c373624e
SHA-256: 8069588741c06161a8960d42b8e59aaf75490a949ec0d874befc0e9ce231ff8d
kernel-kdump-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: 6e7108231c7f29fa9f456864b9455f44
SHA-256: c755da48c8b8c6873e2195ccec090918a086ce05ba0c9e8b75e142cd2d980f22
kernel-kdump-debuginfo-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: c08e5c93d50a83caa7a11e9007d3cca7
SHA-256: 200871e6519b64c1b192b345c77318c57fe181ca563f3760dabba1384c078148
kernel-kdump-devel-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: a0b75cdca3ea510a33ce63975227e2eb
SHA-256: 5c2870e971e9fd6a8e4a9eb1e64a22b41e6b4f361bb3371eb5d13124c2cf7f09
perf-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: 27fdc87fac6b7fa653c1ebcefb59ccb0
SHA-256: 1f3c088e581a8d6dbe9b14274843f3d45f9fb3ffdea4c37ca11b7412a8a7875e
perf-debuginfo-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: 0fa628c1ba3c780718e50b985fe55d44
SHA-256: b459b3f822ed9916739eaca74d3f74bcd48ab2ea86512275500b2982bb73dac5
python-perf-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: ed46e5dee81d0039515667b8b812c592
SHA-256: 3ccb2b32e18aeb927f44c5ea5529c2a4205f63e1f058ca436e4de327418a1791
python-perf-debuginfo-2.6.32-573.40.1.el6.s390x.rpm
File outdated by:  RHSA-2017:1487
    MD5: 0ddef26e581feee474bf2181cc73307d
SHA-256: c4152fc7eb411d6e98fe22038710ac54597c8e2e8ece826bc18404f534431583
 
x86_64:
kernel-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 8985826290fd806699ddd27eb8b19537
SHA-256: 7733217b5673330fe9bcc6a64ec5c20d15243f0d0931562617a6546f85e74332
kernel-abi-whitelists-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 7d14c0635bebee459d45f4b83bad8067
SHA-256: ebd47e6f192a4b375b2570a932f95f2d255a59ac4203dade478660c8665892c1
kernel-debug-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 71426d60cf21732838789ff3dff4beea
SHA-256: e12881fb30cdf2ec3bcbe2c28200eb9180d6259e9d166b94c4c0eb0c12bf5d54
kernel-debug-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: cefde97cc1371b49718241dc354f63fb
SHA-256: 66c405fdd60a792dbf6abe3ecb2b3b373c636d0a9ea3de8c1e7eb627953d09cd
kernel-debug-debuginfo-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 8b6ba25497accf6d95b85c8f3b364e33
SHA-256: 1cf9ca38f7bf65cbafa6736b2fc6927927995b8f79a5ac97844bae5d9e0caa4c
kernel-debug-devel-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: eb89c45df02c26bfa58f0ce2eb0f0eaa
SHA-256: f4b51df0ed81b8833e2c8b8041656658e56bd48fae23c20caabcf93ff1a69904
kernel-debug-devel-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 44b48812857da312d1381b01ef543eca
SHA-256: d1f499548edd6506dfc50c34cb7548343e9fe819aea7e46eedca17f713db66a6
kernel-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: e95ac6ab41c2220b148af3544c676314
SHA-256: 8774df94f1b06b9fe49d626676db0aac1eb3da49f4a852aa5f4621c01218e83d
kernel-debuginfo-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: ae0ca7b52cd2bb974ddf7747b81c45f0
SHA-256: 10731a7071b1bdb09ad35f5175b7d77993583956b382ffc8423d099caf5073c5
kernel-debuginfo-common-i686-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 5d49a99227799b41c07c727360aa1363
SHA-256: 0d1400c5e138a59884213ba5c564d18eb2223386a5924f728ae8dce1f67ea886
kernel-debuginfo-common-x86_64-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: e7c42747d96bd26be2e69eb44e46abfc
SHA-256: 01ddbf4084757c08b17877b37fedd4106e49dfeb6f89cab1bc59d79cdbc3bb59
kernel-devel-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 279516dfad9bf6896d30cd4e522b75bf
SHA-256: 7599edf46f90a0693c29c879056ee67c5d3d96c537e4af1eec835687313e9d6e
kernel-doc-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: eb4ecd01ed89e6d91e55bbe6287ab61a
SHA-256: 18766dc3bfd0d4a2d5cfed335c4bb60d64c7eb49b89ccab04dff0f4c3bcd1cac
kernel-firmware-2.6.32-573.40.1.el6.noarch.rpm
File outdated by:  RHSA-2017:1487
    MD5: 0bfef4cee67e18bae02ce9c2d3a804c2
SHA-256: 7d14bc66fd8d75df8b9cfe1b3cbcd150a757110203e8eb4d3ed7f9c15f6ff24f
kernel-headers-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 440795d89938398b6b164eadcfcd6526
SHA-256: 030affc2ea7c1c827b7b2580cc4d06a709b9706cea9501b5a5e2ac72b263392c
perf-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: d82300d95a7aa4774383a65b0b1eb740
SHA-256: 137adbedd42260fb2a5814fdf89d8be177df1d1b80e920be2f42e267f47e375e
perf-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: 93e0cfbdcac3daf42a7ee839cecbebfd
SHA-256: 2d385b29c85fb150849ce32870dc98f296c9d616d6e883be556830db4c942d23
perf-debuginfo-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: ac9522d5bb5f07a23f9b19a1d2c8506f
SHA-256: 34451dd00205c9fd9dd8c7a129a00397a21b9a46d4aed57ae6b7e647856d7cf1
python-perf-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: ed39cab51aa05e4e8bcfb790c80e525c
SHA-256: fcca3d62a7657a0fae4265840710fad4b08beae826d0a6ee414ebfa91e7664d6
python-perf-debuginfo-2.6.32-573.40.1.el6.i686.rpm
File outdated by:  RHSA-2017:1487
    MD5: edee9cd2abde24c09d1862e1e3f43d49
SHA-256: b427023864000ccdb29879e70516a5476e37fe30165fd849408f5e4b9591d558
python-perf-debuginfo-2.6.32-573.40.1.el6.x86_64.rpm
File outdated by:  RHSA-2017:1487
    MD5: 2ff5465f02b6f4a0026f731cd800de49
SHA-256: ac2d1912e84a6b75997fbe2bed405704c55b08a8b01e746dcef45786b851c10c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1423071 - CVE-2017-6074 kernel: use after free in dccp protocol


References


Keywords

reboot_suggested


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/