Security Advisory Important: kernel security update

Advisory: RHSA-2017:0986-1
Type: Security Advisory
Severity: Important
Issued on: 2017-04-18
Last updated on: 2017-04-18
Affected Products: Red Hat Enterprise Linux Server AUS (v. 6.4)
CVEs (cve.mitre.org): CVE-2017-2636

Details

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced
Update Support.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

* A race condition flaw was found in the N_HLDC Linux kernel driver when
accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged
user able to set the HDLC line discipline on the tty device could use this flaw
to increase their privileges on the system. (CVE-2017-2636, Important)

Red Hat would like to thank Alexander Popov for reporting this issue.


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Updated packages

Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
kernel-2.6.32-358.78.1.el6.src.rpm     MD5: b4b9cba73d0107e10dc3d05c401a61dd
SHA-256: 1ac38e3af1a38d695451b9213a8866fe306c3ffd6bd59f664d7fee6455736d65
 
x86_64:
kernel-2.6.32-358.78.1.el6.x86_64.rpm     MD5: ce97e1707d0f1bf9892170fa6a849d7d
SHA-256: d9b3796a24ce904c958e3e1a882b4f2a4b5066a28f8cfb973e7c3d6f0b82c2fa
kernel-debug-2.6.32-358.78.1.el6.x86_64.rpm     MD5: 97c0f55cf69049f53b076e41734a4dfa
SHA-256: 03c2a21643856e59188f29eeaccb021cb1dee7277f17ba334f9167f889dca31a
kernel-debug-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm     MD5: 417a95356792c67d2d62e5ed5ae66eec
SHA-256: 7c4373f7ad7d7b8d7dc1cc2d02edb667a38dce3423fc9cf2b3bf4bfd5b979506
kernel-debug-devel-2.6.32-358.78.1.el6.x86_64.rpm     MD5: da385b2e2d3b0221fa1d0ba6fdf09e44
SHA-256: fe4eaf3732a4966bf89eebb58fefdc8e586df71d8c19da7bc750a57a63104c81
kernel-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm     MD5: 45f057ca76a033cb3e695fad8654f4ee
SHA-256: 33c8a4c2e7c564537e72334efc810ca70b3cbfdd29a71e71d9f64295741313f9
kernel-debuginfo-common-x86_64-2.6.32-358.78.1.el6.x86_64.rpm     MD5: a240169f35f7f842a7f76d5ef0eae4f5
SHA-256: 6760b00c90184125b33f72654da40dba4e6b700d3770b3d55d70ae53fdddc2dd
kernel-devel-2.6.32-358.78.1.el6.x86_64.rpm     MD5: 341b7c77bbb23dc15592de6638ec226f
SHA-256: 168df5f3bd4cd42917ff10e2a4781d1f3b17cfb2676a028245a1a295fea12dee
kernel-doc-2.6.32-358.78.1.el6.noarch.rpm     MD5: 9c619ba163e7426a10e26516640511c3
SHA-256: 7ab1ea5c7e4cfcfc998332629c17de29059ef4fbcc9affb9d6599ebab17567df
kernel-firmware-2.6.32-358.78.1.el6.noarch.rpm     MD5: 22bc63c6411ce70254ae1deb3a01ec30
SHA-256: 3ea124158a5650ffd3ca15ae72081b2da3831d4cb320771e4add6d16f2c4a24d
kernel-headers-2.6.32-358.78.1.el6.x86_64.rpm     MD5: bd4d58592ba28f16229fda4f9d716a66
SHA-256: 668ad2f7aa6810435a09b33b4d8d0acb1f64e71d684ff0bcfe70eb0608639c03
perf-2.6.32-358.78.1.el6.x86_64.rpm     MD5: cd5c7d5bd71cbc0c2e0ce7b1b1d27923
SHA-256: 2379ef2b3709dce076cf495c29d854534ced6cdbabe1e68e6c842fd2eb3db096
perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm     MD5: b213c2a3fc529cb870494ede14e522f1
SHA-256: 12f8c9c27010bedf19d1aaa88c3ee28351b1dfee46d4243104bd13c7c34bec53
python-perf-2.6.32-358.78.1.el6.x86_64.rpm     MD5: 2832d65e69a5cf4c6d9127a81898943f
SHA-256: aecc0133720dace4341da73c678452d84959f80c4f56b09ab212d30fb5b1c941
python-perf-debuginfo-2.6.32-358.78.1.el6.x86_64.rpm     MD5: 3a5a48a6955a415de0c2bfe692843f75
SHA-256: 51fb06dac6dd13a98db85e68f78bf9460da96165cde974902b0cbee4a4b649e5
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()


References


Keywords

reboot_suggested


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/