- Home
- CVEs with nessus.description==From+Red+Hat+Security+Advisory+2017%3A1842+%3A%0A%0AAn+update+for+kernel+is+now+available+for+Red+Hat+Enterprise+Linux+7.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+a+security+impact+of+Important.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+for+each+vulnerability+from+the+CVE+link%28s%29+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0ASecurity+Fix%28es%29+%3A%0A%0A%2A+An+use-after-free+flaw+was+found+in+the+Linux+kernel+which+enables+a+race+condition+in+the+L2TPv3+IP+Encapsulation+feature.+A+local+user+could+use+this+flaw+to+escalate+their+privileges+or+crash+the+system.%0A%28CVE-2016-10200%2C+Important%29%0A%0A%2A+A+flaw+was+found+that+can+be+triggered+in+keyring_search_iterator+in+keyring.c+if+type-%3Ematch+is+NULL.+A+local+user+could+use+this+flaw+to+crash+the+system+or%2C+potentially%2C+escalate+their+privileges.%0A%28CVE-2017-2647%2C+Important%29%0A%0A%2A+It+was+found+that+the+NFSv4+server+in+the+Linux+kernel+did+not+properly+validate+layout+type+when+processing+NFSv4+pNFS+LAYOUTGET+and+GETDEVICEINFO+operands.+A+remote+attacker+could+use+this+flaw+to+soft-lockup+the+system+and+thus+cause+denial+of+service.%0A%28CVE-2017-8797%2C+Important%29%0A%0AThis+update+also+fixes+multiple+Moderate+and+Low+impact+security+issues+%3A%0A%0A%2A+CVE-2015-8839%2C+CVE-2015-8970%2C+CVE-2016-9576%2C+CVE-2016-7042%2C+CVE-2016-7097%2C+CVE-2016-8645%2C+CVE-2016-9576%2C+CVE-2016-9588%2C+CVE-2016-9806%2C+CVE-2016-10088%2C+CVE-2016-10147%2C+CVE-2017-2596%2C+CVE-2017-2671%2C+CVE-2017-5970%2C+CVE-2017-6001%2C+CVE-2017-6951%2C+CVE-2017-7187%2C+CVE-2017-7616%2C+CVE-2017-7889%2C+CVE-2017-8890%2C+CVE-2017-9074%2C+CVE-2017-8890%2C+CVE-2017-9075%2C+CVE-2017-8890%2C+CVE-2017-9076%2C+CVE-2017-8890%2C+CVE-2017-9077%2C+CVE-2017-9242%2C+CVE-2014-7970%2C+CVE-2014-7975%2C+CVE-2016-6213%2C+CVE-2016-9604%2C+CVE-2016-9685%0A%0ADocumentation+for+these+issues+is+available+from+the+Release+Notes+document+linked+from+the+References+section.%0A%0ARed+Hat+would+like+to+thank+Igor+Redko+%28Virtuozzo%29+and+Andrey+Ryabinin+%28Virtuozzo%29+for+reporting+CVE-2017-2647%3B+Igor+Redko+%28Virtuozzo%29+and+Vasily+Averin+%28Virtuozzo%29+for+reporting+CVE-2015-8970%3B+Marco+Grassi+for+reporting+CVE-2016-8645%3B+and+Dmitry+Vyukov+%28Google+Inc.%29+for+reporting+CVE-2017-2596.+The+CVE-2016-7042+issue+was+discovered+by+Ondrej+Kozina+%28Red+Hat%29%3B+the+CVE-2016-7097+issue+was+discovered+by+Andreas+Gruenbacher+%28Red+Hat%29+and+Jan+Kara+%28SUSE%29%3B+the+CVE-2016-6213+and+CVE-2016-9685+issues+were+discovered+by+Qian+Cai+%28Red+Hat%29%3B+and+the+CVE-2016-9604+issue+was+discovered+by+David+Howells+%28Red+Hat%29.%0A%0AAdditional+Changes+%3A%0A%0AFor+detailed+information+on+other+changes+in+this+release%2C+see+the+Red+Hat+Enterprise+Linux+7.4+Release+Notes+linked+from+the+References+section
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top