(RHSA-2017:1798) Important: kernel security update

2017-07-24T22:14:27
ID RHSA-2017:1798
Type redhat
Reporter RedHat
Modified 2017-07-24T22:17:32

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)

Red Hat would like to thank Ari Kauppi for reporting this issue.