Lucene search

HistoryJul 02, 2017 - 12:00 a.m.

CentOS 7 released a kernel security update that fixes five vulnerabilities-vulnerability warning-the black bar safety net


0.905 High




CentOS system maintenance engineer Johnny Hughes today released the security Bulletin, the requirements currently are using CentOS 7 series users as soon as possible the deployment of important kernel security updates. According to Red Hat published upsteam security Bulletin, the kernel update total fixes five security vulnerabilities, and fixes many other BUGS.
! [](/Article/UploadPic/2017-7/2017723312773. jpg? www. myhack58. com)
This kernel update fixes(CVE-2017-7477)and(CVE-2017-7645)two remote code execution vulnerabilities, the former in the socket buffer(skb_buff)from the fragment list(skb_shinfo(skb)->frag_list)create a scattergather list to allocate heap memory, allowing an attacker to constantly elevated permissions. The latter is the impact of NFS2/3 RPC Client to the NFS server sends long data, thereby allowing a remote attacker to make the kernel crash.
(CVE-2017-7895)fix up NFSv2 and an NFSv3 Server implementation found security vulnerability(CVE-2017-2583)is fixed based on the Kernel of the virtual machine CONFIG_KVM)Vulnerability(CVE-2017-6214)is to fix the Linux Kernel processing URG flag process in the presence of security vulnerabilities.
CentOS users need to be deployed as soon as possible kernel-3.10.0-514.26.1. el7 kernel update, it has now been confirmed the Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux HPC Node 7 and Red Hat Enterprise Linux Server TUS 7.3 version of the existence of the vulnerability.