SciLinux: Important: kernel on SL6.x i386/x86_64

    Date19 Jun 2017
    270
    Posted ByLinuxSecurity Advisories
    A flaw was found in the way memory was being allocated on the stack foruser space binaries. If heap (or different memory region) and stack memoryregions were adjacent to each other, an attacker could use this flaw tojump over the stack guard gap, cause controlled memory corruption onprocess stack or the adjacent memory region, and thus increase theirprivileges on the system. This is a kernel-side mitigation which increasesthe stack guard gap size from one page to 1 MiB to make successfulexploitation of this issue more difficult. (CVE-2017-1000364, Important)
    Synopsis:          Important: kernel security update
    Advisory ID:       SLSA-2017:1486-1
    Issue Date:        2017-06-19
    CVE Numbers:       CVE-2017-1000364
    --
    
    Security Fix(es):
    
    * A flaw was found in the way memory was being allocated on the stack for
    user space binaries. If heap (or different memory region) and stack memory
    regions were adjacent to each other, an attacker could use this flaw to
    jump over the stack guard gap, cause controlled memory corruption on
    process stack or the adjacent memory region, and thus increase their
    privileges on the system. This is a kernel-side mitigation which increases
    the stack guard gap size from one page to 1 MiB to make successful
    exploitation of this issue more difficult. (CVE-2017-1000364, Important)
    --
    
    SL6
      x86_64
        kernel-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-debug-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-debug-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        kernel-debug-debuginfo-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-debug-devel-2.6.32-696.3.2.el6.i686.rpm
        kernel-debug-devel-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        kernel-debuginfo-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-debuginfo-common-i686-2.6.32-696.3.2.el6.i686.rpm
        kernel-debuginfo-common-x86_64-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-devel-2.6.32-696.3.2.el6.x86_64.rpm
        kernel-headers-2.6.32-696.3.2.el6.x86_64.rpm
        perf-2.6.32-696.3.2.el6.x86_64.rpm
        perf-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        perf-debuginfo-2.6.32-696.3.2.el6.x86_64.rpm
        python-perf-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        python-perf-debuginfo-2.6.32-696.3.2.el6.x86_64.rpm
        python-perf-2.6.32-696.3.2.el6.x86_64.rpm
      i386
        kernel-2.6.32-696.3.2.el6.i686.rpm
        kernel-debug-2.6.32-696.3.2.el6.i686.rpm
        kernel-debug-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        kernel-debug-devel-2.6.32-696.3.2.el6.i686.rpm
        kernel-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        kernel-debuginfo-common-i686-2.6.32-696.3.2.el6.i686.rpm
        kernel-devel-2.6.32-696.3.2.el6.i686.rpm
        kernel-headers-2.6.32-696.3.2.el6.i686.rpm
        perf-2.6.32-696.3.2.el6.i686.rpm
        perf-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        python-perf-debuginfo-2.6.32-696.3.2.el6.i686.rpm
        python-perf-2.6.32-696.3.2.el6.i686.rpm
      noarch
        kernel-abi-whitelists-2.6.32-696.3.2.el6.noarch.rpm
        kernel-doc-2.6.32-696.3.2.el6.noarch.rpm
        kernel-firmware-2.6.32-696.3.2.el6.noarch.rpm
    
    - Scientific Linux Development Team
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"5","type":"x","order":"1","pct":83.33,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.