CVE-2017-2616 Red Hat Update for coreutils Security (RHSA-2017:0654)

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages.

A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616)

A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2017:0654 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2017:0654: Red Hat Enterprise Linux