We are posting to set hosted client’s mind at ease today as, a critical security vulnerability was recently patched within the Linux kernel of your hosted server. The vulnerability, issued on 2/22/2017, advisory number RHSA-2017:0294-1 included an update for kernel is now available for Red Hat Enterprise Linux 7. The patch/fix was released on 2/28/2017, applied yesterday and rebooted today to recompile.
CVE-2017-6074
https://rhn.redhat.com/errata/
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operating
system.
Security Fix(es):
* A use-after-free flaw was found in the way the Linux kernel’s Datagram
Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer)
resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set
on the socket. A local, unprivileged user could use this flaw to alter the
kernel memory, allowing them to escalate their privileges on the system.
(CVE-2017-6074, Important)
