Scientific Linux alert SLSA-2017:0294-1 (kernel)
| From: | Connie Sieh <csieh@fnal.gov> | |
| To: | <scientific-linux-errata@listserv.fnal.gov> | |
| Subject: | Security ERRATA Important: kernel on SL7.x x86_64 | |
| Date: | Thu, 23 Feb 2017 22:18:09 +0000 | |
| Message-ID: | <20170223221809.30077.5354@slpackages.fnal.gov> |
Synopsis: Important: kernel security update Advisory ID: SLSA-2017:0294-1 Issue Date: 2017-02-22 CVE Numbers: CVE-2017-6074 -- Security Fix(es): * A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important) -- SL7 x86_64 kernel-3.10.0-514.6.2.el7.x86_64.rpm kernel-debug-3.10.0-514.6.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.6.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.6.2.el7.x86_64.rpm kernel-devel-3.10.0-514.6.2.el7.x86_64.rpm kernel-headers-3.10.0-514.6.2.el7.x86_64.rpm kernel-tools-3.10.0-514.6.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.6.2.el7.x86_64.rpm perf-3.10.0-514.6.2.el7.x86_64.rpm perf-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm python-perf-3.10.0-514.6.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.6.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.6.2.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-514.6.2.el7.noarch.rpm kernel-doc-3.10.0-514.6.2.el7.noarch.rpm - Scientific Linux Development Team