Lucene search

K
redhatRedHatRHSA-2017:0402
HistoryMar 02, 2017 - 3:47 p.m.

(RHSA-2017:0402) Important: kernel-rt security, bug fix, and enhancement update

2017-03-0215:47:05
access.redhat.com
44

0.0004 Low

EPSS

Percentile

9.5%

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2016-8655, Important)

Red Hat would like to thank Philip Pettersson for reporting this issue.

Enhancement(s):

  • Previously, the Broadcom bnx2x driver in the MRG kernel-rt used an incorrect PTP Hardware Clock (PHC) timer divisor value, which broke Precision Time Protocol (PTP) timestamping due to an unstable clock. This update corrects the divisor value, and the PTP timestamping is now accurate, with monotonically increasing timestamp values. (BZ#1411139)