Scientific Linux SL7.x SLSA-2016:2098-1 Important Kernel Memory Flaw CVE-2016-5195

Date: Mon, 24 Oct 2016 15:54:42 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: kernel on SL7.x x86_64
MIME-Version: 1.0
Message-ID: <20161024155442.17939.37187@slpackages.fnal.gov>

Synopsis: Important: kernel security update
Advisory ID: SLSA-2016:2098-1
Issue Date: 2016-10-24
CVE Numbers: CVE-2016-5195
--

Security Fix(es):

* A race condition was found in the way the Linux kernel's memory
subsystem handled the copy-on-write (COW) breakage of private read-only
memory mappings. An unprivileged, local user could use this flaw to gain
write access to otherwise read-only memory mappings and thus increase
their privileges on the system. (CVE-2016-5195, Important)
--

SL7
 x86_64
 kernel-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-debug-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-debug-debuginfo-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-debug-devel-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-debuginfo-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-debuginfo-common-x86_64-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-devel-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-headers-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-tools-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-tools-debuginfo-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-tools-libs-3.10.0-327.36.3.el7.x86_64.rpm
 perf-3.10.0-327.36.3.el7.x86_64.rpm
 perf-debuginfo-3.10.0-327.36.3.el7.x86_64.rpm
 python-perf-3.10.0-327.36.3.el7.x86_64.rpm
 python-perf-debuginfo-3.10.0-327.36.3.el7.x86_64.rpm
 kernel-tools-libs-devel-3.10.0-327.36.3.el7.x86_64.rpm
 noarch
 kernel-abi-whitelists-3.10.0-327.36.3.el7.noarch.rpm
 kernel-doc-3.10.0-327.36.3.el7.noarch.rpm

- Scientific Linux Development Team