Lucene search
RedHatRHSA-2017:2429HistoryAug 08, 2017 - 9:46 a.m.
(RHSA-2017:2429) Important: kernel security and bug fix update
2017-08-0809:46:00
access.redhat.com
46
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.905 High
EPSS
Percentile
98.8%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)
Red Hat would like to thank Ari Kauppi for reporting this issue.
Bug Fix(es):
- If a VFC port became unmapped in the VIOS, it sometimes did not respond with a CRQ init complete following the H_REG_CRQ() call. As a consequence, scsi_block_requests were called until the init complete occurred. If not, I/O requests were hung. The provided patch ensures the host action stays set to IBMVFC_HOST_ACTION_TGT_DEL so that all rports are moved into devloss state unless an init complete is received. (BZ#1460210)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | ppc64 | kernel-debug-debuginfo | < 2.6.32-573.45.1.el6 | kernel-debug-debuginfo-2.6.32-573.45.1.el6.ppc64.rpm |
| RedHat | 6 | noarch | kernel-firmware | < 2.6.32-573.45.1.el6 | kernel-firmware-2.6.32-573.45.1.el6.noarch.rpm |
| RedHat | 6 | s390x | kernel-debuginfo-common-s390x | < 2.6.32-573.45.1.el6 | kernel-debuginfo-common-s390x-2.6.32-573.45.1.el6.s390x.rpm |
| RedHat | 6 | ppc64 | kernel-headers | < 2.6.32-573.45.1.el6 | kernel-headers-2.6.32-573.45.1.el6.ppc64.rpm |
| RedHat | 6 | ppc64 | perf | < 2.6.32-573.45.1.el6 | perf-2.6.32-573.45.1.el6.ppc64.rpm |
| RedHat | 6 | x86_64 | perf-debuginfo | < 2.6.32-573.45.1.el6 | perf-debuginfo-2.6.32-573.45.1.el6.x86_64.rpm |
| RedHat | 6 | i686 | kernel-debuginfo | < 2.6.32-573.45.1.el6 | kernel-debuginfo-2.6.32-573.45.1.el6.i686.rpm |
| RedHat | 6 | ppc64 | python-perf-debuginfo | < 2.6.32-573.45.1.el6 | python-perf-debuginfo-2.6.32-573.45.1.el6.ppc64.rpm |
| RedHat | 6 | s390x | kernel-debug | < 2.6.32-573.45.1.el6 | kernel-debug-2.6.32-573.45.1.el6.s390x.rpm |
| RedHat | 6 | ppc64 | kernel | < 2.6.32-573.45.1.el6 | kernel-2.6.32-573.45.1.el6.ppc64.rpm |
Related
f5
f5
K15004519 : NFS vulnerability CVE-2017-7895
2017-07-20 00:00:00
prion
prion
Null pointer dereference
2017-04-28 10:59:00
cve
cve
CVE-2017-7895
2017-04-28 10:59:00
centos
centos
kernel, perf, python security update
2017-07-12 17:45:55
kernel, perf, python security update
2017-06-29 21:03:21
nessus
nessus
Fedora 24 : kernel (2017-ad045f80ac)
2017-05-10 00:00:00
RHEL 7 : kernel (RHSA-2017:1766)
2017-07-19 00:00:00
RHEL 6 : kernel (RHSA-2017:1723)
2017-07-12 00:00:00
redhat
redhat
(RHSA-2017:1766) Important: kernel security and bug fix update
2017-07-18 10:59:46
(RHSA-2017:2428) Important: kernel security update
2017-08-08 09:44:39
(RHSA-2017:1715) Important: kernel security and bug fix update
2017-07-11 15:27:07
openvas
openvas
Fedora Update for kernel FEDORA-2017-b9b1ac0d15
2017-05-10 00:00:00
CentOS Update for kernel CESA-2017:1723 centos6
2017-07-14 00:00:00
Fedora Update for kernel FEDORA-2017-ad045f80ac
2017-05-10 00:00:00
oraclelinux
oraclelinux
kernel security update
2017-09-08 00:00:00
Unbreakable Enterprise kernel security update
2017-05-25 00:00:00
kernel security update
2017-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: kernel-4.10.14-200.fc25
2017-05-10 04:03:34
[SECURITY] Fedora 24 Update: kernel-4.10.14-100.fc24
2017-05-10 03:56:15
ubuntucve
ubuntucve
CVE-2017-7895
2017-04-28 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:17:57
debiancve
debiancve
CVE-2017-7895
2017-04-28 10:59:00
virtuozzo
virtuozzo
mageia
mageia
Updated kernel packages fixes security vulnerabilities
2017-05-26 09:54:58
Updated kernel-tmb packages fixes security vulnerabilities
2017-05-26 09:54:58
Updated kernel-linus packages fixes security vulnerabilities
2017-05-26 09:54:58
myhack58
myhack58
ubuntu
ubuntu
Linux kernel vulnerabilities
2017-07-20 00:00:00
Linux kernel vulnerabilities
2017-06-07 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2017-06-07 00:00:00
osv
osv
linux - security update
2017-06-20 00:00:00
linux - security update
2017-06-19 00:00:00
debian
debian
[SECURITY] [DLA 993-1] linux security update
2017-06-20 03:02:17
[SECURITY] [DSA 3886-1] linux security update
2017-06-19 15:49:09
[SECURITY] [DSA 3886-1] linux security update
2017-06-19 15:49:09
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel
2018-06-16 22:02:59
Security Bulletin: IBM Security Guardium is affected by Open Source packages vulnerabilities
2018-06-16 22:04:22
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:38:07
photon
photon
Critical Photon OS Security Update - PHSA-2019-0178
2019-09-23 00:00:00
cloudfoundry
cloudfoundry
USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-06-22 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.905 High
EPSS
Percentile
98.8%
Related for RHSA-2017:2429