Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

Fedora 25: 2017-73f71456d7 Critical Kernel Update: Memory Corruption Fix

fedora
Calendar Grey August 23, 2017
Dist Fedora Esm H88
A new kernel security patch for Fedora 25 tackles significant vulnerabilities and ensures essential improvements for overall system reliability.
The 4.12.8 stable kernel update contains a number of important fixes across the tree

Summary

The kernel meta package

The 4.12.8 stable kernel update contains a number of important fixes across the

tree. ---- The 4.12.5 kernel rebase contains new features and many bug fixes

across the tree.

[ 1 ] Bug #1477656 - CVE-2017-12134 xsa229 xen: linux: Fix Xen block IO merge-ability calculation (XSA-229)

https://bugzilla.redhat.com/show_bug.cgi?id=1477656

[ 2 ] Bug #1479304 - CVE-2017-1000111 kernel: Heap out-of-bounds in AF_PACKET sockets

https://bugzilla.redhat.com/show_bug.cgi?id=1479304

[ 3 ] Bug #1479307 - CVE-2017-1000112 kernel: Exploitable memory corruption due to UFO to non-UFO path switch

https://bugzilla.redhat.com/show_bug.cgi?id=1479307

[ 4 ] Bug #1468283 - CVE-2017-7533 kernel: a race between inotify_handle_event() and sys_rename()

https://bugzilla.redhat.com/show_bug.cgi?id=1468283

su -c 'dnf upgrade kernel' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 25
Version: 4.12.8
Release: 200.fc25
Summary: The Linux kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.