RHSA-2017:2473-01 -- Redhat kernel, python-perf, perfID: oval:org.secpod.oval:def:502125 | Date: (C)2017-08-18 (M)2024-01-29 |
Class: PATCH | Family: unix |
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event and vfs_rename while running the rename operation against the same file. As a result of the race the next slab data or the slab"s free list pointer can be corrupted with attacker-controlled data. Red Hat would like to thank Leilei Lin , Fan Wu , and Shixiong Zhao for reporting this issue. Bug Fix: * Previously, direct I/O read operations going past EOF returned an invalid error number, instead of reading 0 bytes and returning success, if these operations were in same XFS block with EOF. Consequently, creating multiple VMs from a Red Hat Enterprise Linux 7.4 template caused all the VMs to become unresponsive in the "Image Locked" state. This update fixes the direct I/O feature of the file system, and VMs created from a Red Hat Enterprise Linux 7.4 template now work as expected
Platform: |
Red Hat Enterprise Linux 7 |
Product: |
kernel |
python-perf |
perf |