Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-10037

kernel update [RHEL6.9 2.6.32-696.10.3.el6]

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 3
    • 9223372036854775807

    Description

      Security Fix(es):

      A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)

      Bugs fixed (https://bugzilla.redhat.com/):

      BZ - 1492212 - CVE-2017-1000253 kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-10088 kernel update [RHEL6.9 2.6.32-696.13.2.el6]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-9979 kernel update [RHEL6.9 2.6.32-696.10.2.el6]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              bogl Bob Glossman (Inactive)
              bogl Bob Glossman (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: