Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Fedora 25: 2017-81fbd592d4 Critical: Kernel Fixes for Memory Overflow

fedora
Calendar Grey January 30, 2017
Scroller Fedora
The kernel upgrade in Fedora 25 addresses significant vulnerabilities such as stack smashing and signed integer overflows across the operating system.
The 4.9.6 stable kernel update contains a number of important fixes across the tree.

Summary

The kernel meta package

Update Information:

The 4.9.6 stable kernel update contains a number of important fixes across the tree.

Change Log

References


[ 1 ] Bug #1416437 - CVE-2017-5577 kernel: vc4: Heap-buffer overflow due to failing checks https://bugzilla.redhat.com/show_bug.cgi?id=1416437 [ 2 ] Bug #1416436 - CVE-2017-5576 kernel: vc4: Integer overflow in temporary allocation layout https://bugzilla.redhat.com/show_bug.cgi?id=1416436 [ 3 ] Bug #1416126 - CVE-2017-5551 kernel: S_ISGD is not cleared when setting posix ACLs in tmpfs (CVE-2016-7097 incomplete fix) https://bugzilla.redhat.com/show_bug.cgi?id=1416126 [ 4 ] Bug #1416110 - CVE-2017-5548 kernel: Using stack for buffers in ieee802154 https://bugzilla.redhat.com/show_bug.cgi?id=1416110 [ 5 ] Bug #1416101 - CVE-2016-10153 kernel: introduce ceph_crypt() for in-place en/decryption https://bugzilla.redhat.com/show_bug.cgi?id=1416101 [ 6 ] Bug #1416096 - CVE-2017-5547 kernel: DMA buffers on stack https://bugzilla.redhat.com/show_bug.cgi?id=1416096

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade kernel' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: kernel
Product: Fedora 25
Version: 4.9.6
Release: 200.fc25
Summary: The Linux kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.