As I am sure many of you have heard/read about CVE-2017-1000364.
If not, you can find some information here:
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
This CVE has a very high CVSS score of 9.8.
There are a number of packages release for Oracle Linux to deal with this CVE.
An updated glibc: https://linux.oracle.com/cve/CVE-2017-1000366.html
An updated kernel: https://linux.oracle.com/cve/CVE-2017-1000364.html
A very important additional detail is that we also have an online fix available through Ksplice. So for Oracle Linux users/customers with a support subscription, you can simply run uptrack-upgrade on a running kernel. No reboot required.
The following steps will be taken:
Install [8cpcuyra] CVE-2017-1000364: Increase stack guard size to 1 MiB.
Go ahead [y/N]? y
Installing [8cpcuyra] CVE-2017-1000364: Increase stack guard size to 1 MiB.
Your kernel is fully up to date.
Effective kernel version is 4.1.12-94.3.7.el7uek