rhsa-2018_0676
Vulnerability from csaf_redhat
Published
2018-04-10 09:01
Modified
2024-11-15 03:02
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Buffer overflow in firewire driver via crafted incoming packets (CVE-2016-8633, Important)
* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824, Important)
* Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register (CVE-2017-12154, Important)
* kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166, Important)
* kernel: media: use-after-free in [tuner-xc2028] media driver (CVE-2016-7913, Moderate)
* kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294, Moderate)
* kernel: Incorrect type conversion for size during dma allocation (CVE-2017-9725, Moderate)
* kernel: memory leak when merging buffers in SCSI IO vectors (CVE-2017-12190, Moderate)
* kernel: vfs: BUG in truncate_inode_pages_range() and fuse client (CVE-2017-15121, Moderate)
* kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c (CVE-2017-15126, Moderate)
* kernel: net: double-free and memory corruption in get_net_ns_by_id() (CVE-2017-15129, Moderate)
* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265, Moderate)
* kernel: Incorrect handling in arch/x86/include/asm/mmu_context.h:init_new_context function allowing use-after-free (CVE-2017-17053, Moderate)
* kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure (CVE-2017-17448, Moderate)
* kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity (CVE-2017-17449, Moderate)
* kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow (CVE-2017-17558, Moderate)
* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017, Moderate)
* kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203, Moderate)
* kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ (CVE-2017-1000252, Moderate)
* Kernel: KVM: DoS via write flood to I/O port 0x80 (CVE-2017-1000407, Moderate)
* kernel: Stack information leak in the EFS element (CVE-2017-1000410, Moderate)
* kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass (CVE-2018-5750, Moderate)
* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004, Moderate)
* kernel: unlimiting the stack disables ASLR (CVE-2016-3672, Low)
* kernel: Missing permission check in move_pages system call (CVE-2017-14140, Low)
* kernel: Null pointer dereference in rngapi_reset function (CVE-2017-15116, Low)
* kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c (CVE-2017-15127, Low)
* kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact (CVE-2018-6927, Low)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Mohamed Ghannam for reporting CVE-2017-8824; Jim Mattson (Google.com) for reporting CVE-2017-12154; Vitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli (Engineering) for reporting CVE-2017-15126; Kirill Tkhai for reporting CVE-2017-15129; Jan H. Schönherr (Amazon) for reporting CVE-2017-1000252; and Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was discovered by Miklos Szeredi (Red Hat) and the CVE-2017-15116 issue was discovered by ChunYu Wang (Red Hat).
Additional Changes:
See the Red Hat Enterprise Linux 7.5 Release Notes linked from References.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Buffer overflow in firewire driver via crafted incoming packets (CVE-2016-8633, Important)\n\n* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824, Important)\n\n* Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register (CVE-2017-12154, Important)\n\n* kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166, Important)\n\n* kernel: media: use-after-free in [tuner-xc2028] media driver (CVE-2016-7913, Moderate)\n\n* kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294, Moderate)\n\n* kernel: Incorrect type conversion for size during dma allocation (CVE-2017-9725, Moderate)\n\n* kernel: memory leak when merging buffers in SCSI IO vectors (CVE-2017-12190, Moderate)\n\n* kernel: vfs: BUG in truncate_inode_pages_range() and fuse client (CVE-2017-15121, Moderate)\n\n* kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c (CVE-2017-15126, Moderate)\n\n* kernel: net: double-free and memory corruption in get_net_ns_by_id() (CVE-2017-15129, Moderate)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265, Moderate)\n\n* kernel: Incorrect handling in arch/x86/include/asm/mmu_context.h:init_new_context function allowing use-after-free (CVE-2017-17053, Moderate)\n\n* kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure (CVE-2017-17448, Moderate)\n\n* kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity (CVE-2017-17449, Moderate)\n\n* kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow (CVE-2017-17558, Moderate)\n\n* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017, Moderate)\n\n* kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203, Moderate)\n\n* kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ (CVE-2017-1000252, Moderate)\n\n* Kernel: KVM: DoS via write flood to I/O port 0x80 (CVE-2017-1000407, Moderate)\n\n* kernel: Stack information leak in the EFS element (CVE-2017-1000410, Moderate)\n\n* kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass (CVE-2018-5750, Moderate)\n\n* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004, Moderate)\n\n* kernel: unlimiting the stack disables ASLR (CVE-2016-3672, Low)\n\n* kernel: Missing permission check in move_pages system call (CVE-2017-14140, Low)\n\n* kernel: Null pointer dereference in rngapi_reset function (CVE-2017-15116, Low)\n\n* kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c (CVE-2017-15127, Low)\n\n* kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact (CVE-2018-6927, Low)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Mohamed Ghannam for reporting CVE-2017-8824; Jim Mattson (Google.com) for reporting CVE-2017-12154; Vitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli (Engineering) for reporting CVE-2017-15126; Kirill Tkhai for reporting CVE-2017-15129; Jan H. Sch\u00f6nherr (Amazon) for reporting CVE-2017-1000252; and Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was discovered by Miklos Szeredi (Red Hat) and the CVE-2017-15116 issue was discovered by ChunYu Wang (Red Hat).\n\nAdditional Changes:\n\nSee the Red Hat Enterprise Linux 7.5 Release Notes linked from References.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0676", "url": "https://access.redhat.com/errata/RHSA-2018:0676" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.5_Release_Notes/index.html", "url": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.5_Release_Notes/index.html" }, { "category": "external", "summary": "1292927", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292927" }, { "category": "external", "summary": "1324749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324749" }, { "category": "external", "summary": "1391490", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490" }, { "category": "external", "summary": "1401061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1401061" }, { "category": "external", "summary": "1402885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402885" }, { "category": "external", "summary": "1430418", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430418" }, { "category": "external", "summary": "1436798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436798" }, { "category": "external", "summary": "1448770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448770" }, { "category": "external", "summary": "1452589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452589" }, { "category": "external", "summary": "1462329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462329" }, { "category": "external", "summary": "1488329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488329" }, { "category": "external", "summary": "1489088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489088" }, { "category": "external", "summary": "1490781", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490781" }, { "category": "external", "summary": "1491224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491224" }, { "category": "external", "summary": "1495089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495089" }, { "category": "external", "summary": "1500894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500894" }, { "category": "external", "summary": "1501878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501878" }, { "category": "external", "summary": "1503749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503749" }, { "category": "external", "summary": "1506255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506255" }, { "category": "external", "summary": "1507270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507270" }, { "category": "external", "summary": "1509264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509264" }, { "category": "external", "summary": "1514609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514609" }, { "category": "external", "summary": "1518274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518274" }, { "category": "external", "summary": "1518638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518638" }, { "category": "external", "summary": "1519160", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519160" }, { "category": "external", "summary": "1519591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519591" }, { "category": "external", "summary": "1520328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520328" }, { "category": "external", "summary": "1520893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520893" }, { "category": "external", "summary": "1523481", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523481" }, { "category": "external", "summary": "1525218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525218" }, { "category": "external", "summary": "1525474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525474" }, { "category": "external", "summary": "1525762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525762" }, { "category": "external", "summary": "1525768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525768" }, { "category": "external", "summary": "1531135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531135" }, { "category": "external", "summary": "1531174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531174" }, { "category": "external", "summary": "1535315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535315" }, { "category": "external", "summary": "1539706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539706" }, { "category": "external", "summary": "1544612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544612" }, { "category": "external", "summary": "1548412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548412" }, { "category": "external", "summary": "1550811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550811" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0676.json" } ], "title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T03:02:40+00:00", "generator": { "date": "2024-11-15T03:02:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0676", "initial_release_date": "2018-04-10T09:01:12+00:00", "revision_history": [ { "date": "2018-04-10T09:01:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-04-10T09:01:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T03:02:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-862.rt56.804.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product_id": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-862.rt56.804.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "product": { "name": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "product_id": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-862.rt56.804.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.src", "product": { "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.src", "product_id": "kernel-rt-0:3.10.0-862.rt56.804.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-862.rt56.804.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-862.rt56.804.el7.src", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.src as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-862.rt56.804.el7.src", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.5" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-3672", "cwe": { "id": "CWE-341", "name": "Predictable from Observable State" }, "discovery_date": "2016-04-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1324749" } ], "notes": [ { "category": "description", "text": "A weakness was found in the Linux ASLR implementation. Any user able to running 32-bit applications in a x86 machine can disable ASLR by setting the RLIMIT_STACK resource to unlimited.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: unlimiting the stack disables ASLR", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3672" }, { "category": "external", "summary": "RHBZ#1324749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324749" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3672", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3672" }, { "category": "external", "summary": "http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html", "url": "http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html" }, { "category": "external", "summary": "http://seclists.org/bugtraq/2016/Apr/34", "url": "http://seclists.org/bugtraq/2016/Apr/34" } ], "release_date": "2016-04-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: unlimiting the stack disables ASLR" }, { "cve": "CVE-2016-7913", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2016-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1402885" } ], "notes": [ { "category": "description", "text": "The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: media: use-after-free in [tuner-xc2028] media driver", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 as the code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-7913" }, { "category": "external", "summary": "RHBZ#1402885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402885" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7913", "url": "https://www.cve.org/CVERecord?id=CVE-2016-7913" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7913", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7913" } ], "release_date": "2016-01-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: media: use-after-free in [tuner-xc2028] media driver" }, { "acknowledgments": [ { "names": [ "Eyal Itkin" ] } ], "cve": "CVE-2016-8633", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2016-11-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1391490" } ], "notes": [ { "category": "description", "text": "A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver [firewire-net] in a fragment handling code in the Linux kernel. The vulnerability exists since firewire supported IPv4, i.e. since version 2.6.31 (year 2009) till version v4.9-rc4. A maliciously formed fragment with a respectively large datagram offset would cause a memcpy() past the datagram buffer, which would cause a system panic or possible arbitrary code execution.\r\n\r\nThe flaw requires [firewire-net] module to be loaded and is remotely exploitable from connected firewire devices, but not over a local network.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Buffer overflow in firewire driver via crafted incoming packets", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG 2.x. This issue has been rated as having Moderate security impact. Future Linux kernel updates for the respective releases might address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-8633" }, { "category": "external", "summary": "RHBZ#1391490", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391490" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8633", "url": "https://www.cve.org/CVERecord?id=CVE-2016-8633" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8633", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8633" } ], "release_date": "2016-11-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: Buffer overflow in firewire driver via crafted incoming packets" }, { "cve": "CVE-2017-7294", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-03-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1436798" } ], "notes": [ { "category": "description", "text": "An out-of-bounds write vulnerability was found in the Linux kernel\u0027s vmw_surface_define_ioctl() function, in the \u0027drivers/gpu/drm/vmwgfx/vmwgfx_surface.c\u0027 file. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code where the flaw was found is not present in this product.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7294" }, { "category": "external", "summary": "RHBZ#1436798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436798" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7294", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7294" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7294", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7294" } ], "release_date": "2017-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()" }, { "acknowledgments": [ { "names": [ "Mohamed Ghannam" ] } ], "cve": "CVE-2017-8824", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1519591" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Use-after-free vulnerability in DCCP socket", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, Red Hat Enterprise MRG 2 and real-time kernels. Future updates for the respective releases may address this issue.\n\nThis issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 for ARM and Red Hat Enterprise Linux 7 for Power LE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-8824" }, { "category": "external", "summary": "RHBZ#1519591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-8824", "url": "https://www.cve.org/CVERecord?id=CVE-2017-8824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-8824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8824" } ], "release_date": "2017-12-05T05:43:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: Use-after-free vulnerability in DCCP socket" }, { "cve": "CVE-2017-9725", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "discovery_date": "2017-09-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1489088" } ], "notes": [ { "category": "description", "text": "A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Incorrect type conversion for size during dma allocation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9725" }, { "category": "external", "summary": "RHBZ#1489088", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489088" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9725", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9725" }, { "category": "external", "summary": "https://source.android.com/security/bulletin/2017-09-01", "url": "https://source.android.com/security/bulletin/2017-09-01" } ], "release_date": "2015-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Incorrect type conversion for size during dma allocation" }, { "acknowledgments": [ { "names": [ "Jim Mattson" ], "organization": "Google.com" } ], "cve": "CVE-2017-12154", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-09-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1491224" } ], "notes": [ { "category": "description", "text": "Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization (nVMX) feature enabled (nested=1), is vulnerable to a crash due to disabled external interrupts. As L2 guest could access (r/w) hardware CR8 register of the host(L0). In a nested visualization setup, L2 guest user could use this flaw to potentially crash the host(L0) resulting in DoS.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of the kernel package as shipped with\nRed Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12154" }, { "category": "external", "summary": "RHBZ#1491224", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491224" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12154", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12154" } ], "release_date": "2017-09-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:S/C:N/I:N/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register" }, { "acknowledgments": [ { "names": [ "Vitaly Mayatskih" ] } ], "cve": "CVE-2017-12190", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2017-09-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1495089" } ], "notes": [ { "category": "description", "text": "It was found that in the Linux kernel through v4.14-rc5, bio_map_user_iov() and bio_unmap_user() in \u0027block/bio.c\u0027 do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bio_add_pc_page() merges them into one, but the page reference is never dropped, causing a memory leak and possible system lockup due to out-of-memory condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: memory leak when merging buffers in SCSI IO vectors", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12190" }, { "category": "external", "summary": "RHBZ#1495089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495089" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12190", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12190" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12190", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12190" } ], "release_date": "2017-09-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: memory leak when merging buffers in SCSI IO vectors" }, { "cve": "CVE-2017-13166", "cwe": { "id": "CWE-266", "name": "Incorrect Privilege Assignment" }, "discovery_date": "2018-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1548412" } ], "notes": [ { "category": "description", "text": "A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space. This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace process, leading to privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13166" }, { "category": "external", "summary": "RHBZ#1548412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548412" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13166", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13166" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13166", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13166" } ], "release_date": "2017-07-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" }, { "category": "workaround", "details": "A systemtap script intercepting v4l2_compat_ioctl32() function of the [videodev] module and making it to return -ENOIOCTLCMD error value would work just fine, except breaking all 32bit video capturing software, but not 64bit ones.\n\nAlternatively, blacklisting [videodev] module will work too, but it will break all video capturing software.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation" }, { "cve": "CVE-2017-13305", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2018-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1581637" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of valid_master_desc() in which a memory buffer would be compared to a userspace value with an incorrect size of comparison. By bruteforcing the comparison, an attacker could determine what was in memory after the description and possibly obtain sensitive information from kernel memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-13305" }, { "category": "external", "summary": "RHBZ#1581637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581637" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-13305", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13305" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13305", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13305" } ], "release_date": "2017-06-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker" }, { "cve": "CVE-2017-14140", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2017-09-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1488329" } ], "notes": [ { "category": "description", "text": "The move_pages system call in mm/migrate.c in the Linux kernel doesn\u0027t check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Missing permission check in move_pages system call", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-14140" }, { "category": "external", "summary": "RHBZ#1488329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488329" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-14140", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14140" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-14140", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14140" } ], "release_date": "2017-08-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Missing permission check in move_pages system call" }, { "acknowledgments": [ { "names": [ "ChunYu Wang" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-15116", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2017-08-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1514609" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s random number generator API. A null pointer dereference in the rngapi_reset function may result in denial of service, crashing the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Null pointer dereference in rngapi_reset function", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 5 and 6 and kernel-alt.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15116" }, { "category": "external", "summary": "RHBZ#1514609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15116", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15116" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15116", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15116" } ], "release_date": "2017-08-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Null pointer dereference in rngapi_reset function" }, { "acknowledgments": [ { "names": [ "Miklos Szeredi" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-15121", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-10-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1520893" } ], "notes": [ { "category": "description", "text": "A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: vfs: BUG in truncate_inode_pages_range() and fuse client", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 7 for ARM and Red Hat Enterprise Linux 7 for Power LE.\n\nThis issue affects the versions of the Linux kernel as shipped with 6, 7 and Red Hat Enterprise MRG 2. Future updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15121" }, { "category": "external", "summary": "RHBZ#1520893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520893" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15121", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15121" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15121", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15121" } ], "release_date": "2017-12-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: vfs: BUG in truncate_inode_pages_range() and fuse client" }, { "acknowledgments": [ { "names": [ "Andrea Arcangeli" ], "organization": "Red Hat Engineering", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-15126", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2017-12-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1523481" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s handling of fork failure when dealing with event messages in the userfaultfd code. Failure to fork correctly can create a fork event that will be removed from an already freed list of events.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 7, realtime, MRG-2 prior to version kernel-3.10.0-781.\n\nThe kernel-alt package already as shipped contains this fix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15126" }, { "category": "external", "summary": "RHBZ#1523481", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523481" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15126", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15126" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15126", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15126" } ], "release_date": "2017-12-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c" }, { "cve": "CVE-2017-15127", "cwe": { "id": "CWE-460", "name": "Improper Cleanup on Thrown Exception" }, "discovery_date": "2017-12-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1525218" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel when freeing pages in hugetlbfs. This could trigger a local denial of service by crashing the kernel.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15127" }, { "category": "external", "summary": "RHBZ#1525218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525218" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15127", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15127" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15127", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15127" } ], "release_date": "2017-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c" }, { "acknowledgments": [ { "names": [ "Kirill Tkhai" ] } ], "cve": "CVE-2017-15129", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2017-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1531174" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in a network namespaces code affecting the Linux kernel since v4.0-rc1 through v4.15-rc5. The function get_net_ns_by_id() does not check for the net::count value after it has found a peer network in netns_ids idr which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: double-free and memory corruption in get_net_ns_by_id()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 and 6 as the code with the flaw is not present in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15129" }, { "category": "external", "summary": "RHBZ#1531174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531174" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15129", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15129" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15129", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15129" } ], "release_date": "2017-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: double-free and memory corruption in get_net_ns_by_id()" }, { "cve": "CVE-2017-15265", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501878" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Use-after-free in snd_seq_ioctl_create_port()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 5,6, 7, realtime and MRG-2.\n\nRed Hat Enterprise Linux 5 has transitioned to Production phase 3. \nDuring the Production 3 Phase, Critical impact Security Advisories (RHSAs) \nand selected Urgent Priority Bug Fix Advisories (RHBAs) may be released \nas they become available.\n\nThe official life cycle policy can be reviewed here:\n\nhttp://redhat.com/rhel/lifecycle\n\nFuture Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15265" }, { "category": "external", "summary": "RHBZ#1501878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501878" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15265", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15265" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15265", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15265" } ], "release_date": "2017-10-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" }, { "category": "workaround", "details": "It is possible to prevent the affected code from being loaded by blacklisting the kernel module snd_seq. Instructions relating to how to blacklist a kernel module are shown here: https://access.redhat.com/solutions/41278 \n\nAlternatively a custom permission set can be created by udev, the correct permissions will depend on your use case. Please contact Red Hat customer support for creating a rule set that can minimize flaw exposure.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Use-after-free in snd_seq_ioctl_create_port()" }, { "cve": "CVE-2017-15274", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2017-10-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1500391" } ], "notes": [ { "category": "description", "text": "A flaw was found in the implementation of associative arrays where the add_key systemcall and KEYCTL_UPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer dereference (kernel oops).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dereferencing NULL payload with nonzero length", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise\nLinux 5,6,7, MRG-2 and realtime kernels.\n\nRed Hat Enterprise Linux 5 has transitioned to Production phase 3. \nDuring the Production 3 Phase, Critical impact Security Advisories (RHSAs) \nand selected Urgent Priority Bug Fix Advisories (RHBAs) may be released \nas they become available.\n\nAt this time this bug is not meet this critera and is unlikley to be fixed\nfor these releases.\n\nThe official life cycle policy can be reviewed here:\n\nhttp://redhat.com/rhel/lifecycle\n\nFuture Linux kernel updates for the products in production phase 1 and 2, namely Red Hat Enterprise\nLinux 6, 7 and MRG-2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15274" }, { "category": "external", "summary": "RHBZ#1500391", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500391" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15274", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15274" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15274", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15274" } ], "release_date": "2017-06-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: dereferencing NULL payload with nonzero length" }, { "cve": "CVE-2017-17448", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1525768" } ], "notes": [ { "category": "description", "text": "The net/netfilter/nfnetlink_cthelper.c function in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations. This allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2, as a code with the flaw is not present or is not built in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17448" }, { "category": "external", "summary": "RHBZ#1525768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525768" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17448", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17448" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17448", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17448" } ], "release_date": "2017-12-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure" }, { "cve": "CVE-2017-17449", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2017-12-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1525762" } ], "notes": [ { "category": "description", "text": "The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel, through 4.14.4, does not restrict observations of Netlink messages to a single net namespace, when CONFIG_NLMON is enabled. This allows local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, as a code with the flaw is not present or is not built in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17449" }, { "category": "external", "summary": "RHBZ#1525762", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525762" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17449", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17449" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17449", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17449" } ], "release_date": "2017-12-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity" }, { "cve": "CVE-2017-17558", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2017-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1525474" } ], "notes": [ { "category": "description", "text": "The usb_destroy_configuration() function, in \u0027drivers/usb/core/config.c\u0027 in the USB core subsystem, in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces before attempting to release resources. This allows local users to cause a denial of service, due to out-of-bounds write access, or possibly have unspecified other impact via a crafted USB device. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17558" }, { "category": "external", "summary": "RHBZ#1525474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525474" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17558", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17558" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17558", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17558" } ], "release_date": "2017-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow" }, { "cve": "CVE-2017-18017", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2018-01-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1531135" } ], "notes": [ { "category": "description", "text": "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18017" }, { "category": "external", "summary": "RHBZ#1531135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18017", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18017" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18017", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18017" } ], "release_date": "2018-01-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c" }, { "cve": "CVE-2017-18203", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1550811" } ], "notes": [ { "category": "description", "text": "The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dm_get_from_kobject() which can be caused by local users leveraging a race condition with __dm_destroy() during creation and removal of DM devices. Only privileged local users (with CAP_SYS_ADMIN capability) can directly perform the ioctl operations for dm device creation and removal and this would typically be outside the direct control of the unprivileged attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, as the code with the flaw is not present in this product.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18203" }, { "category": "external", "summary": "RHBZ#1550811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550811" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18203", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18203" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18203", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18203" } ], "release_date": "2017-11-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service" }, { "acknowledgments": [ { "names": [ "Jan H. Sch\u00f6nherr" ], "organization": "Amazon" } ], "cve": "CVE-2017-1000252", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "discovery_date": "2017-09-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490781" } ], "notes": [ { "category": "description", "text": "A reachable assertion failure flaw was found in the Linux kernel built with KVM virtualisation(CONFIG_KVM) support with Virtual Function I/O feature (CONFIG_VFIO) enabled. This failure could occur if a malicious guest device sent a virtual interrupt (guest IRQ) with a larger (\u003e1024) index value.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7. Future kernel updates for Red Hat Enterprise Linux 7 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-1000252" }, { "category": "external", "summary": "RHBZ#1490781", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490781" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000252", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000252" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000252", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000252" } ], "release_date": "2017-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:S/C:N/I:N/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ" }, { "cve": "CVE-2017-1000407", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "discovery_date": "2017-11-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1520328" } ], "notes": [ { "category": "description", "text": "Linux kernel Virtualization Module (CONFIG_KVM) for the Intel processor family (CONFIG_KVM_INTEL) is vulnerable to a DoS issue. It could occur if a guest was to flood the I/O port 0x80 with write requests. A guest user could use this flaw to crash the host kernel resulting in DoS.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: KVM: DoS via write flood to I/O port 0x80", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-1000407" }, { "category": "external", "summary": "RHBZ#1520328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520328" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000407", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000407", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000407" } ], "release_date": "2017-12-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Kernel: KVM: DoS via write flood to I/O port 0x80" }, { "acknowledgments": [ { "names": [ "Armis Labs" ] } ], "cve": "CVE-2017-1000410", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2017-11-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1519160" } ], "notes": [ { "category": "description", "text": "A flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Stack information leak in the EFS element", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat\nEnterprise Linux 5.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-1000410" }, { "category": "external", "summary": "RHBZ#1519160", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519160" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000410", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000410" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000410", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000410" } ], "release_date": "2017-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Stack information leak in the EFS element" }, { "cve": "CVE-2018-5750", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-01-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1539706" } ], "notes": [ { "category": "description", "text": "The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2, as KASLR feature is not present or enabled in these products.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5750" }, { "category": "external", "summary": "RHBZ#1539706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5750", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5750" } ], "release_date": "2017-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass" }, { "cve": "CVE-2018-6927", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2018-02-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1544612" } ], "notes": [ { "category": "description", "text": "The futex_requeue function in kernel/futex.c in the Linux kernel, before 4.14.15, might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impacts by triggering a negative wake or requeue value. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-6927" }, { "category": "external", "summary": "RHBZ#1544612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6927", "url": "https://www.cve.org/CVERecord?id=CVE-2018-6927" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6927", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6927" } ], "release_date": "2018-02-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact" }, { "cve": "CVE-2018-1000004", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2018-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1535315" } ], "notes": [ { "category": "description", "text": "In the Linux kernel versions 4.12, 3.10, 2.6, and possibly earlier, a race condition vulnerability exists in the sound system allowing for a potential deadlock and memory corruption due to use-after-free condition and thus denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Race condition in sound system can lead to denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the version of Linux kernel package as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1000004" }, { "category": "external", "summary": "RHBZ#1535315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535315" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000004", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000004" } ], "release_date": "2018-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-04-10T09:01:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0676" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-NFV-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-NFV-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-NFV-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.src", "7Server-RT-7.5:kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch", "7Server-RT-7.5:kernel-rt-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-devel-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-0:3.10.0-862.rt56.804.el7.x86_64", "7Server-RT-7.5:kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Race condition in sound system can lead to denial of service" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.