(RHSA-2017:3315) Moderate: kernel security and bug fix update

2017-11-3013:40:05

access.redhat.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting
all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/articles/3253081

Security Fix(es):

It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users. (CVE-2017-1000380, Moderate)

Red Hat would like to thank Alexander Potapenko (Google) for reporting this issue.

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64kernel-headers< 3.10.0-693.11.1.el7kernel-headers-3.10.0-693.11.1.el7.ppc64.rpm
RedHat7ppc64kernel< 3.10.0-693.11.1.el7kernel-3.10.0-693.11.1.el7.ppc64.rpm
RedHat7noarchkernel-abi-whitelists< 3.10.0-693.11.1.el7kernel-abi-whitelists-3.10.0-693.11.1.el7.noarch.rpm
RedHat7s390xkernel-headers< 3.10.0-693.11.1.el7kernel-headers-3.10.0-693.11.1.el7.s390x.rpm
RedHat7x86_64kernel-tools-libs< 3.10.0-693.11.1.el7kernel-tools-libs-3.10.0-693.11.1.el7.x86_64.rpm
RedHat7s390xkernel-debug-devel< 3.10.0-693.11.1.el7kernel-debug-devel-3.10.0-693.11.1.el7.s390x.rpm
RedHat7ppc64lekernel-tools-libs-devel< 3.10.0-693.11.1.el7kernel-tools-libs-devel-3.10.0-693.11.1.el7.ppc64le.rpm
RedHat7x86_64kernel-debuginfo< 3.10.0-693.11.1.el7kernel-debuginfo-3.10.0-693.11.1.el7.x86_64.rpm
RedHat7s390xkernel-debug-debuginfo< 3.10.0-693.11.1.el7kernel-debug-debuginfo-3.10.0-693.11.1.el7.s390x.rpm
RedHat7ppc64lekernel-debug-debuginfo< 3.10.0-693.11.1.el7kernel-debug-debuginfo-3.10.0-693.11.1.el7.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	ppc64	kernel-headers	< 3.10.0-693.11.1.el7	kernel-headers-3.10.0-693.11.1.el7.ppc64.rpm
RedHat	7	ppc64	kernel	< 3.10.0-693.11.1.el7	kernel-3.10.0-693.11.1.el7.ppc64.rpm
RedHat	7	noarch	kernel-abi-whitelists	< 3.10.0-693.11.1.el7	kernel-abi-whitelists-3.10.0-693.11.1.el7.noarch.rpm
RedHat	7	s390x	kernel-headers	< 3.10.0-693.11.1.el7	kernel-headers-3.10.0-693.11.1.el7.s390x.rpm
RedHat	7	x86_64	kernel-tools-libs	< 3.10.0-693.11.1.el7	kernel-tools-libs-3.10.0-693.11.1.el7.x86_64.rpm
RedHat	7	s390x	kernel-debug-devel	< 3.10.0-693.11.1.el7	kernel-debug-devel-3.10.0-693.11.1.el7.s390x.rpm
RedHat	7	ppc64le	kernel-tools-libs-devel	< 3.10.0-693.11.1.el7	kernel-tools-libs-devel-3.10.0-693.11.1.el7.ppc64le.rpm
RedHat	7	x86_64	kernel-debuginfo	< 3.10.0-693.11.1.el7	kernel-debuginfo-3.10.0-693.11.1.el7.x86_64.rpm
RedHat	7	s390x	kernel-debug-debuginfo	< 3.10.0-693.11.1.el7	kernel-debug-debuginfo-3.10.0-693.11.1.el7.s390x.rpm
RedHat	7	ppc64le	kernel-debug-debuginfo	< 3.10.0-693.11.1.el7	kernel-debug-debuginfo-3.10.0-693.11.1.el7.ppc64le.rpm