(RHSA-2017:1798) Important: kernel security update

2017-07-2418:14:27

access.redhat.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.905 High

EPSS

Percentile

98.8%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.

OSVersionArchitecturePackageVersionFilename
RedHat6x86_64python-perf-debuginfo< 2.6.32-504.62.1.el6python-perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat6x86_64kernel-debuginfo< 2.6.32-504.62.1.el6kernel-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat6noarchkernel-firmware< 2.6.32-504.62.1.el6kernel-firmware-2.6.32-504.62.1.el6.noarch.rpm
RedHat6x86_64kernel< 2.6.32-504.62.1.el6kernel-2.6.32-504.62.1.el6.x86_64.rpm
RedHat6noarchkernel-doc< 2.6.32-504.62.1.el6kernel-doc-2.6.32-504.62.1.el6.noarch.rpm
RedHat6noarchkernel-abi-whitelists< 2.6.32-504.62.1.el6kernel-abi-whitelists-2.6.32-504.62.1.el6.noarch.rpm
RedHat6x86_64perf< 2.6.32-504.62.1.el6perf-2.6.32-504.62.1.el6.x86_64.rpm
RedHat6x86_64perf-debuginfo< 2.6.32-504.62.1.el6perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat6x86_64kernel-debug-debuginfo< 2.6.32-504.62.1.el6kernel-debug-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat6x86_64kernel-debuginfo-common-x86_64< 2.6.32-504.62.1.el6kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	x86_64	python-perf-debuginfo	< 2.6.32-504.62.1.el6	python-perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat	6	x86_64	kernel-debuginfo	< 2.6.32-504.62.1.el6	kernel-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat	6	noarch	kernel-firmware	< 2.6.32-504.62.1.el6	kernel-firmware-2.6.32-504.62.1.el6.noarch.rpm
RedHat	6	x86_64	kernel	< 2.6.32-504.62.1.el6	kernel-2.6.32-504.62.1.el6.x86_64.rpm
RedHat	6	noarch	kernel-doc	< 2.6.32-504.62.1.el6	kernel-doc-2.6.32-504.62.1.el6.noarch.rpm
RedHat	6	noarch	kernel-abi-whitelists	< 2.6.32-504.62.1.el6	kernel-abi-whitelists-2.6.32-504.62.1.el6.noarch.rpm
RedHat	6	x86_64	perf	< 2.6.32-504.62.1.el6	perf-2.6.32-504.62.1.el6.x86_64.rpm
RedHat	6	x86_64	perf-debuginfo	< 2.6.32-504.62.1.el6	perf-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat	6	x86_64	kernel-debug-debuginfo	< 2.6.32-504.62.1.el6	kernel-debug-debuginfo-2.6.32-504.62.1.el6.x86_64.rpm
RedHat	6	x86_64	kernel-debuginfo-common-x86_64	< 2.6.32-504.62.1.el6	kernel-debuginfo-common-x86_64-2.6.32-504.62.1.el6.x86_64.rpm