An integer overflow vulnerability in ring_buffer_resize() calculations in which a privileged user can adjust the size of the ringbuffer message size. These calculations can create an issue where the kernel memory allocator will not allocate the correct count of pages yet expect them to be usable. This can lead to the ftrace() output to appear to corrupt kernel memory and possibly be used for privileged escalation or more likely kernel panic. Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6 Reference: https://source.android.com/security/bulletin/2017-01-01.html#eop-in-kernel-profiling-subsystem
Statement: This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5,6 and 7 kernels.