CentOS 7 Linux Kernel Security Patch

Tuesday, April 18, 2017 @ 03:04 PM gHale


CentOS Linux 7 operating system series users are getting a kernel security update.

CentOS, which emanates from the freely distributed Red Hat Enterprise Linux, patches four vulnerabilities, said CentOS maintainer Johnny Hughes.

RELATED STORIES
Wireshark Issues Security Update
Patched Apache Struts Under Attack
Cisco Suffers from Apache Struts2 Hole
Android Ransomware Delays, Confuses AV

These are a race condition flaw reported by Alexander Popov in Linux kernel’s N_HLDC driver, which could allow an unprivileged local user to gain root access by setting the HDLC line discipline on a TTY device, as well as a flaw in the way Linux kernel handles the clearing of SELinux attributes on /proc/pid/attr files, which could lead to a system crash.

Another issue reported by Ralf Spenneberg marked upstream as moderate was in Linux kernel’s key management subsystem, which could allow a local attacker to either cause a denial of service or crash the kernel by providing a specially crafted RSA key.

The last security flaw also marked as moderate upstream and discovered in Linux kernel’s implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. This could be used by an attacker to cause memory corruption or crash the affected system.

“Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption,” said researches on the security advisory.

CentOS 7 users should update their installations to kernel-3.10.0-514.16.1.el7 as soon as possible.

These issues are also affecting Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux Server TUS 7.3, and Red Hat Enterprise Linux Workstation 7.



Leave a Reply

You must be logged in to post a comment.