On Thu, Jan 12, 2017 at 1:05 PM, Phelps, Matthew <mphelps at cfa.harvard.edu> wrote: > Any word on this update for CentOS 6? This one seems pretty bad if it's a > remote exploit. > > > Never mind. I see Johnny pushing out updates now. I assume it will be out shortly. > > ---------- Forwarded message ---------- > From: Red Hat Errata Notifications <errata at redhat.com> > Date: Tue, Jan 10, 2017 at 5:19 PM > Subject: [Security Advisory] RHSA-2017:0036 Important: kernel security and > bug fix update > To: mphelps at cfa.harvard.edu > > > > The following Red Hat Security Advisory has been published which may affect > subscriptions which you have purchased. > > > RHSA-2017:0036 Important: kernel security and bug fix update > > > Summary: > > An update for kernel is now available for Red Hat Enterprise Linux 6. > > Red Hat Product Security has rated this update as having a security impact > of Important. A Common Vulnerability Scoring System (CVSS) base score, > which gives a detailed severity rating, is available for each vulnerability > from the CVE link(s) in the References section. > > The kernel packages contain the Linux kernel, the core of any Linux > operating system. > > Security Fix(es): > > * A use-after-free vulnerability was found in the kernels socket recvmmsg > subsystem. This may allow remote attackers to corrupt memory and may allow > execution of arbitrary code. This corruption takes place during the error > handling routines within __sys_recvmmsg() function. (CVE-2016-7117, > Important) > > * An out-of-bounds heap memory access leading to a Denial of Service, heap > disclosure, or further impact was found in setsockopt(). The function call > is normally restricted to root, however some processes with cap_sys_admin > may also be able to trigger this flaw in privileged container environments. > (CVE-2016-4998, Moderate) > > * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue > and other tcp_* functions. This condition could allow an attacker to send > an incorrect selective acknowledgment to existing connections, possibly > resetting a connection. (CVE-2016-6828, Moderate) > > Bug Fix(es): > > * When parallel NFS returned a file layout, a kernel crash sometimes > occurred. This update removes the call to the BUG_ON() function from a code > path of a client that returns the file layout. As a result, the kernel no > longer crashes in the described situation. (BZ#1385480) > > * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash > on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM > became unresponsive and did not create the vmcore dump file. This update > applies a set of patches to the Virtual Machine Bus kernel driver > (hv_vmbus) that fix this bug. As a result, the VM now first creates and > saves the vmcore dump file and then reboots. (BZ#1385482) > > * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache > occasionally showed incorrect values. This update fixes the DST_NOCOUNT > mechanism, and the IPv6 routing cache now shows correct values. (BZ#1391974) > > * When using the ixgbe driver and the software Fibre Channel over Ethernet > (FCoE) stack, suboptimal performance in some cases occurred on systems with > a large number of CPUs. This update fixes the fc_exch_alloc() function to > try all the available exchange managers in the list for an available > exchange ID. This change avoids failing allocations, which previously led > to the host busy status. (BZ#1392818) > > * When the vmwgfx kernel module loads, it overrides the boot resolution > automatically. Consequently, users were not able to change the resolution > by manual setting of the kernel's 'vga=' parameter in the > /boot/grub/grub.conf file. This update adds the 'nomodeset' parameter, > which can be set in the /boot/grub/grub.conf file. The 'nomodeset' > parameter allows the users to prevent the vmwgfx driver from loading. As a > result, the setting of the 'vga=' parameter works as expected, in case that > vmwgfx does not load. (BZ#1392875) > > * When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based > systems, Desktop Management Interface (DMI) information, which is > referenced by several applications, such as NEC server's memory RAS > utility, was missing entries in the sysfs virtual file system. This update > fixes the underlying source code, and sysfs now shows the DMI information > as expected. (BZ#1393464) > > * Previously, bonding mode active backup and the propagation of the media > access control (MAC) address to a VLAN interface did not work in Red Hat > Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to > fail_over_mac=active. With this update, the underlying source code has been > fixed so that the VLANs continue inheriting the MAC address of the active > physical interface until the VLAN MAC address is explicitly set to any > value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any > changes to the MAC address of the physical interface, and Duplicate Address > Detection (DAD) behaves as expected. (BZ#1396479) > > Full details and references: > > https://access.redhat.com/errata/RHSA-2017:0036?sc_cid=701600000006NHXAA2 > > CVE Names: > > CVE-2016-4998 CVE-2016-6828 CVE-2016-7117 > > Revision History: > > Issue Date: 2017-01-10 > Updated: 2017-01-10 > > > ------------------------------------------------------------ > ---------------------------------- > Manage Errata Notifications > ------------------------------------------------------------ > ---------------------------------- > > You are receiving this email because you have elected to receive errata > notifications > from Red Hat. This message is being sent to: > Red Hat login: mphelps2013 > Email address on file: <mphelps at cfa.harvard.edu> > > Update your preferences at https://www.redhat.com/wapps/u > gc/protected/notif.html > > > ------------------------------------------------------------ > ---------------------------------- > Contact > ------------------------------------------------------------ > ---------------------------------- > > The Red Hat security contact is secalert at redhat.com. More contact > details at https://access.redhat.com/security/team/contact/ > > This is an automated message. Please do not reply. If you have further > questions or concerns, > please contact Red Hat Technical Support https://access.redhat.com/supp > ort/contact/technicalSupport/ > or open a support case via the Red Hat Customer Portal > https://access.redhat.com/support/cases/#/case/new/ > > > Copyright 2017 Red Hat, Inc. > > > > > -- Matt Phelps System Administrator, Computation Facility Harvard - Smithsonian Center for Astrophysics mphelps at cfa.harvard.edu, http://www.cfa.harvard.edu