Oval Definition:oval:com.redhat.rhsa:def:20170654
Revision Date:2017-03-21Version:638
Title:RHSA-2017:0654: coreutils security and bug fix update (Moderate)
Description:The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages.

Security Fix(es):

  • A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616)

    Red Hat would like to thank Tobias Stöckmann for reporting this issue.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-2616
    RHSA-2017:0654
    RHSA-2017:0654-00
    RHSA-2017:0654-01
    RHSA-2017:0654-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • coreutils is earlier than 0:8.4-46.el6
  • AND coreutils is signed with Red Hat redhatrelease2 key
  • coreutils-libs is earlier than 0:8.4-46.el6
  • AND coreutils-libs is signed with Red Hat redhatrelease2 key
    • BACK