rhsa-2018_3096
Vulnerability from csaf_redhat
Published
2018-10-30 12:31
Modified
2024-11-05 20:48
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)
* kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344)
* kernel: Integer overflow in udl_fb_mmap() can allow attackers to execute code in kernel space (CVE-2018-8781)
* kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902)
* kernel: Missing check in inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)
* kernel: AIO write triggers integer overflow in some protocols (CVE-2015-8830)
* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861)
* kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661)
* kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial of service (CVE-2017-17805)
* kernel: Inifinite loop vulnerability in madvise_willneed() function allows local denial of service (CVE-2017-18208)
* kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service (CVE-2018-1120)
* kernel: a null pointer dereference in dccp_write_xmit() leads to a system crash (CVE-2018-1130)
* kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial of service (CVE-2018-5344)
* kernel: Missing length check of payload in _sctp_make_chunk() function allows denial of service (CVE-2018-5803)
* kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption (CVE-2018-5848)
* kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image (CVE-2018-10878)
* kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet (CVE-2018-1000026)
* kernel: Information leak when handling NM entries containing NUL (CVE-2016-4913)
* kernel: Mishandling mutex within libsas allowing local Denial of Service (CVE-2017-18232)
* kernel: NULL pointer dereference in ext4_process_freed_data() when mounting crafted ext4 image (CVE-2018-1092)
* kernel: NULL pointer dereference in ext4_xattr_inode_hash() causes crash with crafted ext4 image (CVE-2018-1094)
* kernel: vhost: Information disclosure in vhost.c:vhost_new_msg() (CVE-2018-1118)
* kernel: Denial of service in resv_map_release function in mm/hugetlb.c (CVE-2018-7740)
* kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c (CVE-2018-7757)
* kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service (CVE-2018-10322)
* kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file (CVE-2018-10879)
* kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image (CVE-2018-10881)
* kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function (CVE-2018-10883)
* kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c (CVE-2018-10940)
Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391; Trend Micro Zero Day Initiative for reporting CVE-2018-10902; Qualys Research Labs for reporting CVE-2018-1120; Evgenii Shatokhin (Virtuozzo Team) for reporting CVE-2018-1130; and Wen Xu for reporting CVE-2018-1092 and CVE-2018-1094.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)\n\n* kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344)\n\n* kernel: Integer overflow in udl_fb_mmap() can allow attackers to execute code in kernel space (CVE-2018-8781)\n\n* kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902)\n\n* kernel: Missing check in inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)\n\n* kernel: AIO write triggers integer overflow in some protocols (CVE-2015-8830)\n\n* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861)\n\n* kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661)\n\n* kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial of service (CVE-2017-17805)\n\n* kernel: Inifinite loop vulnerability in madvise_willneed() function allows local denial of service (CVE-2017-18208)\n\n* kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service (CVE-2018-1120)\n\n* kernel: a null pointer dereference in dccp_write_xmit() leads to a system crash (CVE-2018-1130)\n\n* kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial of service (CVE-2018-5344)\n\n* kernel: Missing length check of payload in _sctp_make_chunk() function allows denial of service (CVE-2018-5803)\n\n* kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption (CVE-2018-5848)\n\n* kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image (CVE-2018-10878)\n\n* kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet (CVE-2018-1000026)\n\n* kernel: Information leak when handling NM entries containing NUL (CVE-2016-4913)\n\n* kernel: Mishandling mutex within libsas allowing local Denial of Service (CVE-2017-18232)\n\n* kernel: NULL pointer dereference in ext4_process_freed_data() when mounting crafted ext4 image (CVE-2018-1092)\n\n* kernel: NULL pointer dereference in ext4_xattr_inode_hash() causes crash with crafted ext4 image (CVE-2018-1094)\n\n* kernel: vhost: Information disclosure in vhost.c:vhost_new_msg() (CVE-2018-1118)\n\n* kernel: Denial of service in resv_map_release function in mm/hugetlb.c (CVE-2018-7740)\n\n* kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c (CVE-2018-7757)\n\n* kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service (CVE-2018-10322)\n\n* kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file (CVE-2018-10879)\n\n* kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image (CVE-2018-10881)\n\n* kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function (CVE-2018-10883)\n\n* kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c (CVE-2018-10940)\n\nRed Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391; Trend Micro Zero Day Initiative for reporting CVE-2018-10902; Qualys Research Labs for reporting CVE-2018-1120; Evgenii Shatokhin (Virtuozzo Team) for reporting CVE-2018-1130; and Wen Xu for reporting CVE-2018-1092 and CVE-2018-1094.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:3096", "url": "https://access.redhat.com/errata/RHSA-2018:3096" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/articles/3553061", "url": "https://access.redhat.com/articles/3553061" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.6_Release_Notes/index.html", "url": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.6_Release_Notes/index.html" }, { "category": "external", "summary": "1314275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314275" }, { "category": "external", "summary": "1337528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528" }, { "category": "external", "summary": "1481136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481136" }, { "category": "external", "summary": "1510602", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510602" }, { "category": "external", "summary": "1512875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512875" }, { "category": "external", "summary": "1528312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528312" }, { "category": "external", "summary": "1533909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533909" }, { "category": "external", "summary": "1541846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541846" }, { "category": "external", "summary": "1551051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551051" }, { "category": "external", "summary": "1551565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551565" }, { "category": "external", "summary": "1552867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552867" }, { "category": "external", "summary": "1553351", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553351" }, { "category": "external", "summary": "1553361", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553361" }, { "category": "external", "summary": "1558066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558066" }, { "category": "external", "summary": "1560777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560777" }, { "category": "external", "summary": "1560788", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788" }, { "category": "external", "summary": "1563994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563994" }, { "category": "external", "summary": "1569910", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569910" }, { "category": "external", "summary": "1571062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571062" }, { "category": "external", "summary": "1571623", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571623" }, { "category": "external", "summary": "1573699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573699" }, { "category": "external", "summary": "1575472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575472" }, { "category": "external", "summary": "1576419", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576419" }, { "category": "external", "summary": "1577408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577408" }, { "category": "external", "summary": "1590720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590720" }, { "category": "external", "summary": "1590799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590799" }, { "category": "external", "summary": "1596802", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596802" }, { "category": "external", "summary": "1596806", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596806" }, { "category": "external", "summary": "1596828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596828" }, { "category": "external", "summary": "1596846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596846" }, { "category": "external", "summary": "1599161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599161" }, { "category": "external", "summary": "1608672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1608672" }, { "category": "external", "summary": "1609664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664" }, { "category": "external", "summary": "1610958", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610958" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_3096.json" } ], "title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-05T20:48:46+00:00", "generator": { "date": "2024-11-05T20:48:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2018:3096", "initial_release_date": "2018-10-30T12:31:39+00:00", "revision_history": [ { "date": "2018-10-30T12:31:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-10-30T12:31:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T20:48:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-957.rt56.910.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-957.rt56.910.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "product": { "name": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "product_id": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-957.rt56.910.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.src", "product": { "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.src", "product_id": "kernel-rt-0:3.10.0-957.rt56.910.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-957.rt56.910.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-957.rt56.910.el7.src", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.src as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-957.rt56.910.el7.src", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-8830", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2016-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1314275" } ], "notes": [ { "category": "description", "text": "Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: AIO write triggers integer overflow in some protocols", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, as the related AIO vector code is not present in this product.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7. Future Linux kernel updates for the respective releases might address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux MRG-2. This flaw is not currently planned to be addressed in future updates due to MRG-2 being an EUS release. For additional information, refer to the Extended Update Support (EUS) Guide: https://access.redhat.com/articles/rhel-eus.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-8830" }, { "category": "external", "summary": "RHBZ#1314275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314275" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8830", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8830" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8830", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8830" }, { "category": "external", "summary": "http://seclists.org/oss-sec/2016/q2/479", "url": "http://seclists.org/oss-sec/2016/q2/479" }, { "category": "external", "summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=735", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=735" } ], "release_date": "2015-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: AIO write triggers integer overflow in some protocols" }, { "cve": "CVE-2016-4913", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2016-05-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1337528" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel. Payloads of NM entries are not supposed to contain NUL. When such entry is processed, only the part prior to the first NUL goes into the concatenation (i.e. the directory entry name being encoded by a bunch of NM entries). The process stops when the amount collected so far + the claimed amount in the current NM entry exceed 254. However, the value returned as the total length is the sum of *claimed* sizes, not the actual amount collected. And that\u0027s what will be passed to readdir() callback as the name length - 8Kb __copy_to_user() from a buffer allocated by __get_free_page().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Information leak when handling NM entries containing NUL", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7. Future Linux kernel updates for the respective releases might address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-4913" }, { "category": "external", "summary": "RHBZ#1337528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4913", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4913" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4913", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4913" } ], "release_date": "2016-05-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Information leak when handling NM entries containing NUL" }, { "cve": "CVE-2017-0861", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-11-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1563994" } ], "notes": [ { "category": "description", "text": "Use-after-free vulnerability in the snd_pcm_info() function in the ALSA subsystem in the Linux kernel allows attackers to induce a kernel memory corruption and possibly crash or lock up a system. Due to the nature of the flaw, a privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-0861" }, { "category": "external", "summary": "RHBZ#1563994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563994" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-0861", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0861" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-0861", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0861" } ], "release_date": "2017-12-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation" }, { "cve": "CVE-2017-10661", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2017-08-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1481136" } ], "notes": [ { "category": "description", "text": "A race condition was found in the Linux kernel before version 4.11-rc1 in \u0027fs/timerfd.c\u0027 file which allows a local user to cause a kernel list corruption or use-after-free via simultaneous operations with a file descriptor which leverage improper \u0027might_cancel\u0027 queuing. An unprivileged local user could use this flaw to cause a denial of service of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Handling of might_cancel queueing is not properly pretected against race", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue affects Red Hat Enterprise Linux 6 and 7. Future updates for the respective releases may address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux MRG-2. This flaw is not currently planned to be addressed in future updates due to MRG-2 being an EUS release. For additional information, refer to the Extended Update Support (EUS) Guide: https://access.redhat.com/articles/rhel-eus.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-10661" }, { "category": "external", "summary": "RHBZ#1481136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481136" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-10661", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10661" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-10661", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-10661" } ], "release_date": "2017-02-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Handling of might_cancel queueing is not properly pretected against race" }, { "cve": "CVE-2017-17805", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-12-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528312" } ], "notes": [ { "category": "description", "text": "The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AF_ALG-based skcipher interface to cause a denial of service (uninitialized-memory free and kernel crash) or have an unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 are vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17805" }, { "category": "external", "summary": "RHBZ#1528312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528312" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17805", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17805" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17805", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17805" } ], "release_date": "2017-11-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service" }, { "cve": "CVE-2017-18208", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2018-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1551565" } ], "notes": [ { "category": "description", "text": "The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18208" }, { "category": "external", "summary": "RHBZ#1551565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18208", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18208" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18208" }, { "category": "external", "summary": "https://lwn.net/Articles/618064/", "url": "https://lwn.net/Articles/618064/" }, { "category": "external", "summary": "https://www.kernel.org/doc/Documentation/filesystems/dax.txt", "url": "https://www.kernel.org/doc/Documentation/filesystems/dax.txt" } ], "release_date": "2017-11-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service" }, { "cve": "CVE-2017-18232", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "discovery_date": "2018-03-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1558066" } ], "notes": [ { "category": "description", "text": "The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Mishandling mutex within libsas allowing local Denial of Service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18232" }, { "category": "external", "summary": "RHBZ#1558066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558066" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18232", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18232" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18232", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18232" } ], "release_date": "2017-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Mishandling mutex within libsas allowing local Denial of Service" }, { "cve": "CVE-2017-18344", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2018-07-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1610958" } ], "notes": [ { "category": "description", "text": "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel doesn\u0027t properly validate the sigevent-\u003esigev_notify field, which leads to out-of-bounds access in the show_timer function.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18344" }, { "category": "external", "summary": "RHBZ#1610958", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610958" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18344", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18344" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18344", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18344" } ], "release_date": "2017-12-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" }, { "category": "workaround", "details": "Attached to this bugzilla is a systemtap script that will prevent opening (and therefore reading) the /proc/\u003cprocess\u003e/timers file which is used to leak information.\n\nThe SystemTap script is relatively small and efficient, broken into 3 distinct sections as follows:\n\n--------\n\nprobe kernel.function(\"proc_timers_open@fs/proc/base.c\").return { \n // this is -EACCES\n\t$return = -13;\n message = sprintf(\"CVE-2017-18344 mitigation denied access to %s to %s(%d)\", file_name , execname(), pid());\n // print a warning message at KERN_INFO debug level\n printk(6, message);\n}\n\nprobe begin {\n printk(6, \"Mitigation for CVE-2017-18344 loaded.\\n\");\n}\n\n\nprobe end {\n printk(6, \"Mitigation for CVE-2017-18344 unloaded.\\n\");\n}\n\n\n---------\n\nFirst, the script places a probe at the return of the kernel function \u201cproc_timers_open\u201d when called. This modifies the return value to be EACCES which would return this value to userspace preventing this file from being opened. When the /proc/\u003cpid\u003e/timer file is attempted to be opened, a message will be logged to the kernel log subsystem showing the process and pid of the application attempting to access the timer file. \n\nThis file is not in widespread use at this time, although some applications may read from it to debug or understand their own timers that are set. This mitigation will not be useful in this context.\n\nFinally, the \u201cprobe begin\u201d and \u201cprobe end\u201d code blocks tell systemtap to add the supplied text to the kernel log buffer via the printk function. This creates an audit trail by registering in the system logs exactly when the mitigation is loaded and unloaded. This will need to be compiled with guru mode (-g parameter) to compile.\n\nThis will need to be loaded at each boot to remain effective. Red Hat Product security recommends updating to a patched kernel when it is available.\n\nRed Hat always seeks to provide both mitigations to disable attacks as well as the actual patches to treat the flaw. To learn more about SystemTap, and how it can be used in your management of your Red Hat systems, please refer to Using SystemTap[1] or one of our videos about it within our Customer Portal[2].\n\n1 - https://access.redhat.com/articles/17839\n2 - https://access.redhat.com/search/#/?q=systemtap", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c" }, { "cve": "CVE-2017-18360", "cwe": { "id": "CWE-369", "name": "Divide By Zero" }, "discovery_date": "2019-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1671343" } ], "notes": [ { "category": "description", "text": "A division-by-zero in set_termios(), when debugging is enabled, was found in the Linux kernel. When the [io_ti] driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the change_port_settings() in the drivers/usb/serial/io_ti.c so that the divisor value becomes zero and causes a system crash resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18360" }, { "category": "external", "summary": "RHBZ#1671343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671343" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18360", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18360" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18360", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18360" } ], "release_date": "2017-05-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Division by zero in change_port_settings in drivers/usb/serial/io_ti.c resulting in a denial of service" }, { "acknowledgments": [ { "names": [ "Wen Xu" ] } ], "cve": "CVE-2018-1092", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-03-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1560777" } ], "notes": [ { "category": "description", "text": "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1092" }, { "category": "external", "summary": "RHBZ#1560777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1092", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1092" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1092", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1092" } ], "release_date": "2018-03-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image" }, { "acknowledgments": [ { "names": [ "Wen Xu" ] } ], "cve": "CVE-2018-1094", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-03-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1560788" } ], "notes": [ { "category": "description", "text": "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/xattr.c:ext4_xattr_inode_hash() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a NULL pointer dereference with a crafted ext4 image.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1094" }, { "category": "external", "summary": "RHBZ#1560788", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560788" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1094", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1094" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1094" } ], "release_date": "2018-03-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image" }, { "cve": "CVE-2018-1118", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-05-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1573699" } ], "notes": [ { "category": "description", "text": "The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1118" }, { "category": "external", "summary": "RHBZ#1573699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573699" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1118", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1118" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1118", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1118" } ], "release_date": "2018-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()" }, { "acknowledgments": [ { "names": [ "Qualys Research Labs" ] } ], "cve": "CVE-2018-1120", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2018-05-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1575472" } ], "notes": [ { "category": "description", "text": "By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1120" }, { "category": "external", "summary": "RHBZ#1575472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1120", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1120" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1120", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1120" }, { "category": "external", "summary": "http://seclists.org/oss-sec/2018/q2/122", "url": "http://seclists.org/oss-sec/2018/q2/122" } ], "release_date": "2018-05-17T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service" }, { "acknowledgments": [ { "names": [ "Evgenii Shatokhin" ], "organization": "Virtuozzo Team" } ], "cve": "CVE-2018-1130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-04-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1576419" } ], "notes": [ { "category": "description", "text": "A null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in the Linux kernel allows a local user to cause a denial of service by a number of certain crafted system calls.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1130" }, { "category": "external", "summary": "RHBZ#1576419", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576419" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1130", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1130" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1130", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1130" } ], "release_date": "2018-03-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash" }, { "cve": "CVE-2018-5344", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1533909" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5344" }, { "category": "external", "summary": "RHBZ#1533909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533909" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5344", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5344" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5344", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5344" } ], "release_date": "2018-01-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service" }, { "acknowledgments": [ { "names": [ "Juha-Matti Tilli" ], "organization": "Aalto University - Department of Communications and Networking and Nokia Bell Labs" } ], "cve": "CVE-2018-5391", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-07-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1609664" } ], "notes": [ { "category": "description", "text": "A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5391" }, { "category": "external", "summary": "RHBZ#1609664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5391", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5391" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5391", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5391" }, { "category": "external", "summary": "https://access.redhat.com/articles/3553061", "url": "https://access.redhat.com/articles/3553061" }, { "category": "external", "summary": "https://www.kb.cert.org/vuls/id/641765", "url": "https://www.kb.cert.org/vuls/id/641765" } ], "release_date": "2018-08-14T16:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" }, { "category": "workaround", "details": "One may change the default 4MB and 3MB values of net.ipv4.ipfrag_high_thresh and net.ipv4.ipfrag_low_thresh (and their ipv6 counterparts net.ipv6.ipfrag_high_thresh and net.ipv6.ipfrag_low_thresh) to 256 kB and 192 kB (respectively) or below. Tests show some to significant CPU saturation drop during an attack, depending on a hardware, configuration and environment.\n\nThere can be some impact on performance though, due to ipfrag_high_thresh of 262144 bytes, as only two 64K fragments can fit in the reassembly queue at the same time. For example, there is a risk of breaking applications that rely on large UDP packets.\n\nSee the Mitigation section in the https://access.redhat.com/articles/3553061 article for the script to quickly change to/from default and lower settings.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)" }, { "cve": "CVE-2018-5803", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1551051" } ], "notes": [ { "category": "description", "text": "An error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5803" }, { "category": "external", "summary": "RHBZ#1551051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5803", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5803" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5803", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5803" } ], "release_date": "2018-02-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service" }, { "cve": "CVE-2018-5848", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2018-05-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1590799" } ], "notes": [ { "category": "description", "text": "In the function wmi_set_ie() in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the \u2018ie_len\u2019 argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5848" }, { "category": "external", "summary": "RHBZ#1590799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590799" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5848", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5848" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5848", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5848" } ], "release_date": "2017-12-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption" }, { "cve": "CVE-2018-7740", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2018-03-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1552867" } ], "notes": [ { "category": "description", "text": "The resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Denial of service in resv_map_release function in mm/hugetlb.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7740" }, { "category": "external", "summary": "RHBZ#1552867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552867" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7740", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7740" } ], "release_date": "2018-03-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Denial of service in resv_map_release function in mm/hugetlb.c" }, { "cve": "CVE-2018-7757", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1553361" } ], "notes": [ { "category": "description", "text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7757" }, { "category": "external", "summary": "RHBZ#1553361", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553361" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7757", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7757" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7757" } ], "release_date": "2018-03-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c" }, { "cve": "CVE-2018-8781", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2018-04-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1571062" } ], "notes": [ { "category": "description", "text": "A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8781" }, { "category": "external", "summary": "RHBZ#1571062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8781", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8781" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8781", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8781" } ], "release_date": "2018-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space" }, { "cve": "CVE-2018-10322", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-04-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1571623" } ], "notes": [ { "category": "description", "text": "The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel can cause a NULL pointer dereference in xfs_ilock_attr_map_shared function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10322" }, { "category": "external", "summary": "RHBZ#1571623", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571623" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10322", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10322" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10322", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10322" } ], "release_date": "2018-04-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service" }, { "cve": "CVE-2018-10878", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2018-06-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1596802" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10878" }, { "category": "external", "summary": "RHBZ#1596802", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596802" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10878", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10878" } ], "release_date": "2018-05-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image" }, { "cve": "CVE-2018-10879", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-06-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1596806" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10879" }, { "category": "external", "summary": "RHBZ#1596806", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596806" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10879", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10879" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10879", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10879" } ], "release_date": "2018-06-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file" }, { "cve": "CVE-2018-10881", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2018-06-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1596828" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10881" }, { "category": "external", "summary": "RHBZ#1596828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596828" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10881", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10881" } ], "release_date": "2018-06-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image" }, { "cve": "CVE-2018-10883", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2018-06-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1596846" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10883" }, { "category": "external", "summary": "RHBZ#1596846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10883", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10883" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10883", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10883" } ], "release_date": "2018-06-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function" }, { "acknowledgments": [ { "names": [ "Trend Micro Zero Day Initiative" ] } ], "cve": "CVE-2018-10902", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-06-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1590720" } ], "notes": [ { "category": "description", "text": "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: MIDI driver race condition leads to a double-free", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw affects all current shipping releases of Red Hat Enterprise Linux. This flaw requires real or emulated midi hardware available in the system. Fixes will be delivered when available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10902" }, { "category": "external", "summary": "RHBZ#1590720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590720" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10902", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10902" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10902", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10902" } ], "release_date": "2018-08-21T03:28:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: MIDI driver race condition leads to a double-free" }, { "cve": "CVE-2018-10940", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2018-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1577408" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel, before 4.16.6 where the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10940" }, { "category": "external", "summary": "RHBZ#1577408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577408" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10940", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10940" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10940", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10940" } ], "release_date": "2018-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c" }, { "cve": "CVE-2018-13405", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2018-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1599161" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-13405" }, { "category": "external", "summary": "RHBZ#1599161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599161" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-13405", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13405" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13405", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13405" } ], "release_date": "2018-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members" }, { "cve": "CVE-2018-18690", "cwe": { "id": "CWE-391", "name": "Unchecked Error Condition" }, "discovery_date": "2018-10-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1643988" } ], "notes": [ { "category": "description", "text": "In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: filesystem corruption due to an unchecked error condition during an xfs attribute change", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-18690" }, { "category": "external", "summary": "RHBZ#1643988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-18690", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18690" } ], "release_date": "2018-03-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: filesystem corruption due to an unchecked error condition during an xfs attribute change" }, { "cve": "CVE-2018-1000026", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2018-02-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1541846" } ], "notes": [ { "category": "description", "text": "Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service (DoS) attacks via a packet with a gso_size larger than ~9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, as supported configurations are not affected.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1000026" }, { "category": "external", "summary": "RHBZ#1541846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000026", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000026" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026" } ], "release_date": "2018-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-10-30T12:31:39+00:00", "details": "For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:3096" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-NFV-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-NFV-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-NFV-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.src", "7Server-RT-7.6:kernel-rt-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-doc-0:3.10.0-957.rt56.910.el7.noarch", "7Server-RT-7.6:kernel-rt-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-devel-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-0:3.10.0-957.rt56.910.el7.x86_64", "7Server-RT-7.6:kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.rt56.910.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.