Fedora 24: FEDORA-2017-85744f8aa9 Critical: Kernel Security Fixes

The kernel meta package

The 4.10.17 stable kernel update contains a number of important fixes across the

tree.

[ 1 ] Bug #1451386 - CVE-2017-9059 kernel: Module reference leak due to improper shut down of callback channel on umount

https://bugzilla.redhat.com/show_bug.cgi?id=1451386

[ 2 ] Bug #1452744 - CVE-2017-9077 kernel: net: tcp_v6_syn_recv_sock function mishandles inheritance

https://bugzilla.redhat.com/show_bug.cgi?id=1452744

[ 3 ] Bug #1452688 - CVE-2017-9076 kernel: net: IPv6 DCCP implementation mishandles inheritance

https://bugzilla.redhat.com/show_bug.cgi?id=1452688

[ 4 ] Bug #1452691 - CVE-2017-9075 kernel: net: sctp_v6_create_accept_sk function mishandles inheritance

https://bugzilla.redhat.com/show_bug.cgi?id=1452691

[ 5 ] Bug #1452679 - CVE-2017-9074 kernel: net: IPv6 fragmentation implementation of nexthdr field may be associated with an invalid option

https://bugzilla.redhat.com/show_bug.cgi?id=1452679

[ 6 ] Bug #1450972 - CVE-2017-8890 kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c

https://bugzilla.redhat.com/show_bug.cgi?id=1450972

su -c 'dnf upgrade kernel' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org