Sign In
Forgot Password

Don’t have an account? Create One.

NetBackup Appliance 3.1 / 3.0 / 2.7.3 HotFix - Red Hat Enterprise Linux (RHEL) 7 kernel vulnerability (article 100040540)

HotFix Critical

Abstract

Kernel packages prior to version 3.10.0-693 Red Hat Enterprise Linux (RHEL) 7 contain a vulnerability described in CVE-2017-1000253

Description

CVE ID: CVE-2017-1000253


Severity: Critical

CVSS v3 Base Score: 7.8


Kernel packages prior to version 3.10.0-693 Red Hat Enterprise Linux (RHEL) 7 contain a vulnerability described in CVE-2017-1000253. This vulnerability can allow part of a data segment in an application to map over the memory area that is reserved for its stack, causing memory corruption. This problem could potentially allow an unprivileged local user to escalate their privileges on the system.


NetBackup Appliance releases 2.7.3, 3.0 and 3.1 use the affected RHEL kernel versions.


This patch contains security enhancement to mitigate the kernel vulnerability issue in NetBackup Appliances for CVE-2017-1000253.


Action Required

Emergency Engineering Binaries (EEBs) that address this vulnerability are available for the following NetBackup Appliance release versions:


2.7.3, 3.0 and 3.1


Apply the appropriate EEB for your version.

Update files

File name Description Version Platform Size

Applies to the following product releases