[Announce] Kernel RHEL6 042stab125.1
Vasily Averin
vvs at openvz.org
Tue Sep 26 17:07:40 MSK 2017
OpenVZ project released an updated RHEL6 based kernel.
Read below for more information. Everyone is advised to update.
Changes and Download
====================
(since 042stab124.2)
* Rebase to RHEL6u9 kernel 2.6.32-696.10.2.el6 (security fixes)
* [Important] Kernel crash due to missing error handling for negatively instantiated keys. (PSBM-72416)
* [Important] A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. (CVE-2017-1000251)
* [Moderate] The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation. (CVE-2017-14489)
For more info and downloads, see:
https://openvz.org/Download/kernel/rhel6/042stab125.1
See also
========
https://rhn.redhat.com/errata/RHBA-2017-2681.html
https://www.redhat.com/security/data/cve/CVE-2017-1000251.html
https://www.redhat.com/security/data/cve/CVE-2017-14489.html
Bug reporting
=============
Use http://bugs.openvz.org/ to report any bugs found.
Regards,
OpenVZ team
More information about the Announce
mailing list