Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2017:1298
HistoryMay 25, 2017 - 1:21 p.m.

(RHSA-2017:1298) Important: kernel-rt security and bug fix update

2017-05-2513:21:34
access.redhat.com
36

0.001 Low

EPSS

Percentile

51.0%

JSON

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • It was found that the packet_set_ring() function of the Linux kernel’s networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2017-7308, Important)

  • Mounting a crafted EXT4 image read-only leads to an attacker controlled memory corruption and SLAB-Out-of-Bounds reads. (CVE-2016-10208, Moderate)

  • A flaw was found in the Linux kernel’s implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation. (CVE-2016-7910, Moderate)

  • A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shash_async_export() by attempting to force the in-kernel hashing algorithms into decrypting an empty data set. (CVE-2016-8646, Moderate)

Red Hat would like to thank Igor Redko (Virtuozzo kernel team) for reporting CVE-2016-8646.

Bug Fix(es):

  • The kernel-rt packages have been upgraded to the 3.10.0-514.21.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1440803)
OSVersionArchitecturePackageVersionFilename
RedHat7x86_64kernel-rt-kvm-debuginfo< 3.10.0-514.21.1.rt56.438.el7kernel-rt-kvm-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt-trace-kvm-debuginfo< 3.10.0-514.21.1.rt56.438.el7kernel-rt-trace-kvm-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7noarchkernel-rt-doc< 3.10.0-514.21.1.rt56.438.el7kernel-rt-doc-3.10.0-514.21.1.rt56.438.el7.noarch.rpm
RedHat7x86_64kernel-rt-trace-kvm< 3.10.0-514.21.1.rt56.438.el7kernel-rt-trace-kvm-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt-debuginfo< 3.10.0-514.21.1.rt56.438.el7kernel-rt-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt-trace-devel< 3.10.0-514.21.1.rt56.438.el7kernel-rt-trace-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt-debug-debuginfo< 3.10.0-514.21.1.rt56.438.el7kernel-rt-debug-debuginfo-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt-debug-kvm< 3.10.0-514.21.1.rt56.438.el7kernel-rt-debug-kvm-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt< 3.10.0-514.21.1.rt56.438.el7kernel-rt-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
RedHat7x86_64kernel-rt-debug-devel< 3.10.0-514.21.1.rt56.438.el7kernel-rt-debug-devel-3.10.0-514.21.1.rt56.438.el7.x86_64.rpm
Rows per page:
1-10 of 171

Related

redhat 3
nessus 62
openvas 25
centos 2
oraclelinux 13
prion 4
cve 4
cvelist 4
veracode 4
redhatcve 5
android 1
ubuntucve 4
nvd 4
debiancve 4
exploitpack 2
metasploit 1
hackerone 1
ibm 3
virtuozzo 4
packetstorm 1
zdt 3
suse 24
cloudfoundry 2
ubuntu 7
seebug 1
f5 1
exploitdb 3
threatpost 1
photon 2
fedora 2
googleprojectzero 1
amazon 1
redhat
redhat
(RHSA-2017:1297) Important: kernel-rt security and bug fix update
2017-05-25 13:15:44
(RHSA-2017:1308) Important: kernel security, bug fix, and enhancement update
2017-05-25 13:27:24
(RHSA-2017:0892) Important: kernel security and bug fix update
2017-04-11 10:30:37
nessus
nessus
RHEL 7 : kernel-rt (RHSA-2017:1298)
2017-05-26 00:00:00
RHEL 6 : MRG (RHSA-2017:1297)
2017-05-26 00:00:00
Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-1308)
2017-07-13 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2017:1308 centos7
2017-05-26 00:00:00
RedHat Update for kernel RHSA-2017:1308-01
2017-05-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1287-1)
2021-04-19 00:00:00
centos
centos
kernel, perf, python security update
2017-05-26 02:33:51
kernel, perf, python security update
2017-04-12 12:56:09
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2017-05-26 00:00:00
kernel security, bug fix, and enhancement update
2017-05-26 00:00:00
Unbreakable Enterprise kernel security update
2017-04-13 00:00:00
prion
prion
Out-of-bounds
2017-02-06 06:59:00
Design/Logic Flaw
2016-11-16 05:59:00
Design/Logic Flaw
2016-11-28 03:59:00
cve
cve
CVE-2016-10208
2017-02-06 06:59:00
CVE-2016-7910
2016-11-16 05:59:05
CVE-2016-8646
2016-11-28 03:59:08
cvelist
cvelist
CVE-2016-10208
2017-02-06 06:04:00
CVE-2016-7910
2016-11-16 04:49:00
CVE-2017-7308
2017-03-29 20:00:00
veracode
veracode
Privilege Escalation
2019-01-15 09:16:43
Denial Of Service (DoS)
2019-01-15 09:16:58
NULL Pointer Dereference
2019-05-02 06:11:33
redhatcve
redhatcve
CVE-2016-10208
2017-02-06 01:18:56
CVE-2016-7910
2016-11-29 15:49:20
CVE-2017-7308
2019-10-25 00:24:39
android
android
CVE-2016-7910
2016-11-01 00:00:00
ubuntucve
ubuntucve
CVE-2016-7910
2016-11-16 00:00:00
CVE-2016-10208
2017-02-06 00:00:00
CVE-2016-8646
2016-11-28 00:00:00
nvd
nvd
CVE-2016-7910
2016-11-16 05:59:05
CVE-2016-10208
2017-02-06 06:59:00
CVE-2016-8646
2016-11-28 03:59:08
debiancve
debiancve
CVE-2016-7910
2016-11-16 05:59:05
CVE-2016-8646
2016-11-28 03:59:08
CVE-2016-10208
2017-02-06 06:59:00
exploitpack
exploitpack
Linux Kernel 4.8.0-34 4.8.0-45 (Ubuntu Linux Mint) - Packet Socket Local Privilege Escalation
2018-12-29 00:00:00
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation
2017-05-11 00:00:00
metasploit
metasploit
AF_PACKET packet_set_ring Privilege Escalation
2018-04-28 01:40:17
hackerone
hackerone
Internet Bug Bounty: Linux kernel: CVE-2017-7308: a signedness issue in AF_PACKET sockets
2019-08-29 13:48:44
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel
2018-06-16 22:02:59
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:38:07
Security Bulletin: IBM Security Access Manager appliances are affected by kernel vulnerabilities (CVE-2017-1000364, CVE-2016-10208)
2018-06-22 02:26:41
virtuozzo
virtuozzo
Kernel security update: Virtuozzo ReadyKernel patch 17.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)
2017-04-04 00:00:00
Critical kernel security update: vulnerability fixes CVE-2016-7910, CVE-2016-7911 (and other), new kernel 2.6.32-042stab120.11
2016-11-21 00:00:00
Kernel security update: CVE-2017-9077 and other; Virtuozzo ReadyKernel patch 22.0 for Virtuozzo 7.0.1
2017-06-02 00:00:00
packetstorm
packetstorm
AF_PACKET packet_set_ring Privilege Escalation
2018-05-17 00:00:00
zdt
zdt
Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation Exploit
2018-05-18 00:00:00
Linux Kernel 4.8.0 - Packet Socket Local root Privilege Escalation Exploit
2017-05-12 00:00:00
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
2019-07-26 00:00:00
suse
suse
Security update for Linux Kernel Live Patch 18 for SLE 12 (important)
2017-05-15 21:20:49
Security update for Linux Kernel Live Patch 17 for SLE 12 (important)
2017-05-15 21:10:57
Security update for Linux Kernel Live Patch 13 for SLE 12 (important)
2017-05-15 21:31:58
cloudfoundry
cloudfoundry
USN-3256-2: Linux kernel (HWE) vulnerability | Cloud Foundry
2017-04-12 00:00:00
USN-3234-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-03-31 00:00:00
ubuntu
ubuntu
Linux kernel (HWE) vulnerability
2017-04-05 00:00:00
Linux kernel vulnerability
2017-04-05 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2017-03-15 00:00:00
seebug
seebug
Linux kernel Local Denial of Service Vulnerability (CVE-2017-7308 )
2017-05-11 00:00:00
f5
f5
K82224417 : Linux kernel vulnerability CVE-2017-7308
2017-05-05 00:00:00
exploitdb
exploitdb
Linux 4.8.0 &lt; 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)
2018-05-18 00:00:00
Linux Kernel 4.8.0-34 &lt; 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
2018-12-29 00:00:00
Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation
2017-05-11 00:00:00
threatpost
threatpost
RSAC 2019: Container Escape Hack Targets Vulnerable Linux Kernel
2019-03-04 13:30:17
photon
photon
Important Photon OS Security Update - PHSA-2017-0041
2017-05-11 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0011
2017-04-14 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: kernel-4.10.10-200.fc25
2017-04-17 20:54:22
[SECURITY] Fedora 24 Update: kernel-4.10.10-100.fc24
2017-04-17 20:54:45
googleprojectzero
googleprojectzero
Exploiting the Linux kernel via packet sockets
2017-05-10 00:00:00
amazon
amazon
Important: kernel
2017-05-10 17:06:00

0.001 Low

EPSS

Percentile

51.0%

JSON
Related for RHSA-2017:1298
redhat3nessus62openvas25centos2oraclelinux13prion4cve4cvelist4veracode4redhatcve5android1ubuntucve4nvd4debiancve4exploitpack2metasploit1hackerone1ibm3virtuozzo4packetstorm1zdt3suse24cloudfoundry2ubuntu7seebug1f51exploitdb3threatpost1photon2fedora2googleprojectzero1amazon1