Synopsis: Important: kernel security and bug fix update
Advisory ID: SLSA-2016:2962-1
Issue Date: 2016-12-20
CVE Numbers: CVE-2016-7117
—
Security Fix(es):
* A use-after-free vulnerability was found in the kernels socket recvmmsg
subsystem. This may allows remote attackers to corrupt memory and may
allow execution of arbitrary code. This corruption takes place during the
error handling routines within __sys_recvmmsg() function. (CVE-2016-7117,
Important)
Bug Fix(es):
* Previously, guest virtual machines (VMs) on a Hyper-V server cluster got
in some cases rebooted during the graceful node failover test, because the
host kept sending heartbeat packets independently of guests responding to
them. This update fixes the bug by properly responding to all the
heartbeat messages in the queue, even if they are pending. As a result,
guest VMs no longer get rebooted under the described circumstances.
—
SL5
x86_64
kernel-2.6.18-417.el5.x86_64.rpm
kernel-debug-2.6.18-417.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-417.el5.x86_64.rpm
kernel-debug-devel-2.6.18-417.el5.x86_64.rpm
kernel-debuginfo-2.6.18-417.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-417.el5.x86_64.rpm
kernel-devel-2.6.18-417.el5.x86_64.rpm
kernel-headers-2.6.18-417.el5.x86_64.rpm
kernel-xen-2.6.18-417.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-417.el5.x86_64.rpm
kernel-xen-devel-2.6.18-417.el5.x86_64.rpm
i386
kernel-2.6.18-417.el5.i686.rpm
kernel-PAE-2.6.18-417.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-417.el5.i686.rpm
kernel-PAE-devel-2.6.18-417.el5.i686.rpm
kernel-debug-2.6.18-417.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-417.el5.i686.rpm
kernel-debug-devel-2.6.18-417.el5.i686.rpm
kernel-debuginfo-2.6.18-417.el5.i686.rpm
kernel-debuginfo-common-2.6.18-417.el5.i686.rpm
kernel-devel-2.6.18-417.el5.i686.rpm
kernel-headers-2.6.18-417.el5.i386.rpm
kernel-xen-2.6.18-417.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-417.el5.i686.rpm
kernel-xen-devel-2.6.18-417.el5.i686.rpm
noarch
kernel-doc-2.6.18-417.el5.noarch.rpm
– Scientific Linux Development Team
