var-201805-0950
Vulnerability from variot
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. Some operating systems and hypervisors Intel There is a problem that does not expect a debug exception in the hardware architecture, or does not handle it properly. Inappropriate checking or handling for exceptional situations (CWE-703) - CVE-2018-8897 Intel Software Developer Manual (SDM) Vol. SDM Vol 3A section 2.3 According to the debug exception EFLAGS Register IF flag (Interrupt Enable Flag) Is not prohibited. So in certain situations, certain Intel x86-64 Ring level after using architecture-specific instructions 3 Running on OS From component , Higher ring level ( many OS In the ring level 0) Debug exceptions pointing to the data in are enabled. This allows the attacker to API May be used to access sensitive memory information or manipulate high privileged operating system functions.An authenticated attacker could obtain sensitive data in memory and manipulate higher privileged operating system functions. Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Intel Architecture (processor architecture) is a CPU specification developed by Intel Corporation for its processor. There are security vulnerabilities in the operating systems of multiple vendors. Systems from the following vendors are affected: Apple; DragonFly BSD Project; FreeBSD Project; Linux Kernel; Microsoft; Red Hat; SUSE Linux; Ubuntu; Vmware; Xen. 7.2) - noarch, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:1319-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1319 Issue date: 2018-05-08 CVE Names: CVE-2017-7645 CVE-2017-8824 CVE-2017-13166 CVE-2017-18017 CVE-2017-1000410 CVE-2018-8897 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
hw: cpu: speculative execution permission faults handling (CVE-2017-5754)
-
Kernel: error in exception handling leads to DoS (CVE-2018-8897)
-
kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)
-
kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)
-
kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166)
-
kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017)
-
kernel: Stack information leak in the EFS element (CVE-2017-1000410)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies 1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element 1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling 1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c 1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
ppc64: kernel-2.6.32-696.28.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm kernel-devel-2.6.32-696.28.1.el6.ppc64.rpm kernel-headers-2.6.32-696.28.1.el6.ppc64.rpm perf-2.6.32-696.28.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
s390x: kernel-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-devel-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm kernel-devel-2.6.32-696.28.1.el6.s390x.rpm kernel-headers-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-696.28.1.el6.s390x.rpm perf-2.6.32-696.28.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
ppc64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm python-perf-2.6.32-696.28.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm
s390x: kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm python-perf-2.6.32-696.28.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: kernel-2.6.32-696.28.1.el6.src.rpm
i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm
x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-7645 https://access.redhat.com/security/cve/CVE-2017-8824 https://access.redhat.com/security/cve/CVE-2017-13166 https://access.redhat.com/security/cve/CVE-2017-18017 https://access.redhat.com/security/cve/CVE-2017-1000410 https://access.redhat.com/security/cve/CVE-2018-8897 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3431591
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFa8fO8XlSAg2UNWIIRAnN0AKCBdjdw1bC12xju0GwoOedA1L8osACaA1Ze 4IKrbiFeHd+C9bqCjUFX4pw= =3psi -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Kernel Live Patch Security Notice LSN-0038-1 May 8, 2018
linux vulnerability
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |
Summary:
On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux kernel version 4.4.0-124.148. These CVEs are both related to the way that the linux kernel handles certain interrupt and exception instructions. The issue can be triggered by an unprivileged user.
The fix for this problem requires modification of the interrupt descriptor tables (IDT), and modification of the interrupt handlers. Livepatch is unable to safely modify these areas, so upgrading to a corrected kernel and rebooting is required to fix the problem.
References: CVE-2018-1087, CVE-2018-8897
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. (BZ#1549768)
CVE-2018-10471
An error was discovered in the mitigations against Meltdown which
could result in denial of service.
CVE-2018-10472
Anthony Perard discovered that incorrect parsing of CDROM images
can result in information disclosure.
CVE-2018-10981
Jan Beulich discovered that malformed device models could result
in denial of service.
CVE-2018-10982
Roger Pau Monne discovered that incorrect handling of high precision
event timers could result in denial of service and potentially
privilege escalation.
For the stable distribution (stretch), these problems have been fixed in version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8 TjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC XZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca uw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2 M/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6 E4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL m3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7 Z939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain gs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk rC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN IoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3 p+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU= =KAUD -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001
Security Update 2018-001 addresses the following:
Crash Reporter Available for: macOS High Sierra 10.13.4 Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved error handling. CVE-2018-4206: Ian Beer of Google Project Zero
Kernel Available for: macOS High Sierra 10.13.4 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: In some circumstances, some operating systems may not expect or properly handle an Intel architecture debug exception after certain instructions. The issue appears to be from an undocumented side effect of the instructions. CVE-2018-8897: Andy Lutomirski, Nick Peterson (linkedin.com/in/everdox) of Everdox Tech LLC Entry added May 8, 2018
LinkPresentation Available for: macOS High Sierra 10.13.4 Impact: Processing a maliciously crafted text message may lead to UI spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897.
A list of bugs fixed in this update is available in the Technical Notes book: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht ml/technical_notes/
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot 1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning 1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default 1422676 - [Test Only] Test Ansible playbook for registration 1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version} 1433394 - kdump could fill up /var filesystem while writing to /var/crash 1443965 - Libvirt is disabled on RHVH host 1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation 1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released 1489567 - Host Software tab does not show exact RHVH version anymore 1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2 1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest. 1503148 - [RFE] translate between basic ntp configurations and chrony configurations 1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete 1534855 - RHVH brand is missing on cockpit login screen.
Bug Fix(es):
-
The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1554253)
-
6.5) - x86_64
-
(BZ#1554256)
4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0950",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "7.1"
},
{
"model": "xen",
"scope": "eq",
"trust": 1.0,
"vendor": "xen",
"version": null
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "freebsd",
"scope": "lt",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "6.2.0"
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "5.2"
},
{
"model": "enterprise virtualization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "7.3"
},
{
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "7.2"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "6.5"
},
{
"model": "freebsd",
"scope": "gte",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.4"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "7.4"
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.8"
},
{
"model": "11.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.28"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.7"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.1"
},
{
"model": "10.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.7"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.1"
},
{
"model": "vsphere integrated containers",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.38"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-6.7"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.5"
},
{
"model": "11.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.12"
},
{
"model": "dsm",
"scope": "eq",
"trust": 0.3,
"vendor": "synology",
"version": "6.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.64"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.10"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "kernel 4.10-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.56"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.105"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.9"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.125"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.11"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.1"
},
{
"model": "11.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.3.0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "11.2-prerelease",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.78"
},
{
"model": "10.4-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.65"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.47"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.2"
},
{
"model": "virtual dsm",
"scope": "eq",
"trust": 0.3,
"vendor": "synology",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.82"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise linux extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.1"
},
{
"model": "vsphere integrated containers",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.2"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.22"
},
{
"model": "vsphere integrated containers",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.3.1"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.55"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.42"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13"
},
{
"model": "enterprise linux long life 5.9.server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "dsm",
"scope": "eq",
"trust": 0.3,
"vendor": "synology",
"version": "6.0"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.91"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11"
},
{
"model": "vsphere integrated containers",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63-2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.50"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.6"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.3.1"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "17.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.15"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.0-28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.13"
},
{
"model": "kernel 4.10-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.4"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "11.2"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "10.4-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux esm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.11"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.11"
},
{
"model": "windows server for itanium-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.13.4"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "10.4-release-p9",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.14"
},
{
"model": "kernel 4.12-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14"
},
{
"model": "mrg realtime for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.3"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.4"
},
{
"model": "vsphere data protection",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.9"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.68"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.23"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.7"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.74"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.14"
},
{
"model": "skynas",
"scope": "eq",
"trust": 0.3,
"vendor": "synology",
"version": "0"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2.4.1"
},
{
"model": "vsphere integrated containers",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.54"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.1"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.1"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.7"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.7"
},
{
"model": "macos security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2018"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.6"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.8"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.57"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.53"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.1"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.71"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.52"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.4"
},
{
"model": "11.1-release-p10",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.1"
},
{
"model": "10.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
}
],
"sources": [
{
"db": "BID",
"id": "104071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.13.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "147550"
},
{
"db": "PACKETSTORM",
"id": "147540"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147545"
},
{
"db": "PACKETSTORM",
"id": "147548"
},
{
"db": "PACKETSTORM",
"id": "147646"
},
{
"db": "PACKETSTORM",
"id": "147539"
},
{
"db": "PACKETSTORM",
"id": "147542"
}
],
"trust": 0.8
},
"cve": "CVE-2018-8897",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-138929",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-8897",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-138929",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138929"
},
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. Some operating systems and hypervisors Intel There is a problem that does not expect a debug exception in the hardware architecture, or does not handle it properly. Inappropriate checking or handling for exceptional situations (CWE-703) - CVE-2018-8897 Intel Software Developer Manual (SDM) Vol. SDM Vol 3A section 2.3 According to the debug exception EFLAGS Register IF flag (Interrupt Enable Flag) Is not prohibited. So in certain situations, certain Intel x86-64 Ring level after using architecture-specific instructions 3 Running on OS From component , Higher ring level ( many OS In the ring level 0) Debug exceptions pointing to the data in are enabled. This allows the attacker to API May be used to access sensitive memory information or manipulate high privileged operating system functions.An authenticated attacker could obtain sensitive data in memory and manipulate higher privileged operating system functions. Microsoft Windows is prone to a local privilege-escalation vulnerability. \nAn attacker can exploit this issue to execute arbitrary code with elevated privileges. Intel Architecture (processor architecture) is a CPU specification developed by Intel Corporation for its processor. There are security vulnerabilities in the operating systems of multiple vendors. Systems from the following vendors are affected: Apple; DragonFly BSD Project; FreeBSD Project; Linux Kernel; Microsoft; Red Hat; SUSE Linux; Ubuntu; Vmware; Xen. 7.2) - noarch, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:1319-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:1319\nIssue date: 2018-05-08\nCVE Names: CVE-2017-7645 CVE-2017-8824 CVE-2017-13166 \n CVE-2017-18017 CVE-2017-1000410 CVE-2018-8897 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* hw: cpu: speculative execution permission faults handling (CVE-2017-5754)\n\n* Kernel: error in exception handling leads to DoS (CVE-2018-8897)\n\n* kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)\n\n* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)\n\n* kernel: v4l2: disabled memory access protection mechanism allowing\nprivilege escalation (CVE-2017-13166)\n\n* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in\nnet/netfilter/xt_TCPMSS.c (CVE-2017-18017)\n\n* kernel: Stack information leak in the EFS element (CVE-2017-1000410)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nRed Hat would like to thank Google Project Zero for reporting\nCVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for\nreporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and\nArmis Labs for reporting CVE-2017-1000410. \n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space\nprecludes documenting all of these bug fixes in this advisory. See the bug\nfix descriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3431591\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies\n1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element\n1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c\n1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation\n1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-headers-2.6.32-696.28.1.el6.i686.rpm\nperf-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-headers-2.6.32-696.28.1.el6.i686.rpm\nperf-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debug-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-devel-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-headers-2.6.32-696.28.1.el6.ppc64.rpm\nperf-2.6.32-696.28.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debug-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm\nkernel-devel-2.6.32-696.28.1.el6.s390x.rpm\nkernel-headers-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-696.28.1.el6.s390x.rpm\nperf-2.6.32-696.28.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nppc64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\npython-perf-2.6.32-696.28.1.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\npython-perf-2.6.32-696.28.1.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nkernel-2.6.32-696.28.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-headers-2.6.32-696.28.1.el6.i686.rpm\nperf-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm\nkernel-doc-2.6.32-696.28.1.el6.noarch.rpm\nkernel-firmware-2.6.32-696.28.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-devel-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-headers-2.6.32-696.28.1.el6.x86_64.rpm\nperf-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\npython-perf-2.6.32-696.28.1.el6.i686.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-2.6.32-696.28.1.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-7645\nhttps://access.redhat.com/security/cve/CVE-2017-8824\nhttps://access.redhat.com/security/cve/CVE-2017-13166\nhttps://access.redhat.com/security/cve/CVE-2017-18017\nhttps://access.redhat.com/security/cve/CVE-2017-1000410\nhttps://access.redhat.com/security/cve/CVE-2018-8897\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/3431591\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFa8fO8XlSAg2UNWIIRAnN0AKCBdjdw1bC12xju0GwoOedA1L8osACaA1Ze\n4IKrbiFeHd+C9bqCjUFX4pw=\n=3psi\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nKernel Live Patch Security Notice LSN-0038-1\nMay 8, 2018\n\nlinux vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu:\n\n| Series | Base kernel | Arch | flavors |\n|------------------+--------------+----------+------------------|\n| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |\n| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |\n| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |\n| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |\n\nSummary:\n\nOn May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux\nkernel version 4.4.0-124.148. These CVEs are both related to the way that\nthe linux kernel handles certain interrupt and exception instructions. The issue\ncan be triggered by an unprivileged user. \n\nThe fix for this problem requires modification of the interrupt descriptor\ntables (IDT), and modification of the interrupt handlers. Livepatch is \nunable to safely modify these areas, so upgrading to a corrected kernel\nand rebooting is required to fix the problem. \n\nReferences:\nCVE-2018-1087, CVE-2018-8897\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n(BZ#1549768)\n\n4. \n\nCVE-2018-10471\n\n An error was discovered in the mitigations against Meltdown which\n could result in denial of service. \n\nCVE-2018-10472\n\n Anthony Perard discovered that incorrect parsing of CDROM images\n can result in information disclosure. \n\nCVE-2018-10981\n\n Jan Beulich discovered that malformed device models could result\n in denial of service. \n\nCVE-2018-10982\n\n Roger Pau Monne discovered that incorrect handling of high precision\n event timers could result in denial of service and potentially\n privilege escalation. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6. \n\nWe recommend that you upgrade your xen packages. \n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8\nTjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC\nXZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca\nuw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2\nM/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6\nE4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL\nm3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7\nZ939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain\ngs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk\nrC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN\nIoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3\np+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU=\n=KAUD\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-05-08-1 Additional information for\nAPPLE-SA-2018-04-24-2 Security Update 2018-001\n\nSecurity Update 2018-001 addresses the following:\n\nCrash Reporter\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to gain elevated privileges\nDescription: A memory corruption issue was addressed with improved\nerror handling. \nCVE-2018-4206: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: macOS High Sierra 10.13.4\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: In some circumstances, some operating systems may not\nexpect or properly handle an Intel architecture debug exception\nafter certain instructions. The issue appears to be from an\nundocumented side effect of the instructions. \nCVE-2018-8897: Andy Lutomirski, Nick Peterson\n(linkedin.com/in/everdox) of Everdox Tech LLC\nEntry added May 8, 2018\n\nLinkPresentation\nAvailable for: macOS High Sierra 10.13.4\nImpact: Processing a maliciously crafted text message may lead to UI\nspoofing\nDescription: A spoofing issue existed in the handling of URLs. This\nissue was addressed with improved input validation. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. \n\nIncludes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111,\nkernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897. \n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht\nml/technical_notes/\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n1357247 - rhvh 4: reboot after install shows \"4m[terminated]\" and takes long to reboot\n1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning\n1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default\n1422676 - [Test Only] Test Ansible playbook for registration\n1429485 - [RFE] Imgbased layers should be named with \u0027%{name}-%{version}-%{release}\u0027 instead of %{name}-%{version}\n1433394 - kdump could fill up /var filesystem while writing to /var/crash\n1443965 - Libvirt is disabled on RHVH host\n1454536 - HostedEngine setup fails if RHV-H timezone \u003c UTC set during installation\n1474268 - RHVH host displays \"upgrade available\" information on the engine after registering until an update is released\n1489567 - Host Software tab does not show exact RHVH version anymore\n1501161 - The version displays as \"4.1\" for subscribed product with RHVH 4.2\n1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest. \n1503148 - [RFE] translate between basic ntp configurations and chrony configurations\n1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete\n1534855 - RHVH brand is missing on cockpit login screen. \n\nBug Fix(es):\n\n* The kernel build requirements have been updated to the GNU Compiler\nCollection (GCC) compiler version that has the support for Retpolines. The\nRetpolines mechanism is a software construct that leverages specific\nknowledge of the underlying hardware to mitigate the branch target\ninjection, also known as Spectre variant 2 vulnerability described in\nCVE-2017-5715. (BZ#1554253)\n\n4. 6.5) - x86_64\n\n3. (BZ#1554256)\n\n4",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8897"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"db": "BID",
"id": "104071"
},
{
"db": "VULHUB",
"id": "VHN-138929"
},
{
"db": "PACKETSTORM",
"id": "147550"
},
{
"db": "PACKETSTORM",
"id": "147540"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147552"
},
{
"db": "PACKETSTORM",
"id": "147545"
},
{
"db": "PACKETSTORM",
"id": "147548"
},
{
"db": "PACKETSTORM",
"id": "147651"
},
{
"db": "PACKETSTORM",
"id": "147533"
},
{
"db": "PACKETSTORM",
"id": "147646"
},
{
"db": "PACKETSTORM",
"id": "147539"
},
{
"db": "PACKETSTORM",
"id": "147542"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-138929",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138929"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-8897",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#631579",
"trust": 2.2
},
{
"db": "BID",
"id": "104071",
"trust": 1.4
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2018/05/08/4",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2018/05/08/1",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040849",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040882",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040744",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040866",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1040861",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "44697",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "45024",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU98401336",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003031",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "147542",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147550",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147539",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147548",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147541",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147536",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-138929",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147540",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147552",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147545",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147651",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147646",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138929"
},
{
"db": "BID",
"id": "104071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"db": "PACKETSTORM",
"id": "147550"
},
{
"db": "PACKETSTORM",
"id": "147540"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147552"
},
{
"db": "PACKETSTORM",
"id": "147545"
},
{
"db": "PACKETSTORM",
"id": "147548"
},
{
"db": "PACKETSTORM",
"id": "147651"
},
{
"db": "PACKETSTORM",
"id": "147533"
},
{
"db": "PACKETSTORM",
"id": "147646"
},
{
"db": "PACKETSTORM",
"id": "147539"
},
{
"db": "PACKETSTORM",
"id": "147542"
},
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"id": "VAR-201805-0950",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-138929"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:34:13.151000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Intel 64 and IA-32 Architectures Software Developer Manuals",
"trust": 0.8,
"url": "https://software.intel.com/en-us/articles/intel-sdm"
},
{
"title": "NV18-013",
"trust": 0.8,
"url": "https://jpn.nec.com/security-info/secinfo/nv18-013.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138929"
},
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.kb.cert.org/vuls/id/631579"
},
{
"trust": 1.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8897"
},
{
"trust": 1.4,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8897"
},
{
"trust": 1.4,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074"
},
{
"trust": 1.4,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-18:06.debugreg.asc"
},
{
"trust": 1.4,
"url": "https://usn.ubuntu.com/3641-1/"
},
{
"trust": 1.4,
"url": "https://usn.ubuntu.com/3641-2/"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1319"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1346"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1347"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1350"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1352"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1353"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1355"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1524"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/104071"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20180927-0002/"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx234679"
},
{
"trust": 1.1,
"url": "https://www.synology.com/support/security/synology_sa_18_21"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4196"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/44697/"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/45024/"
},
{
"trust": 1.1,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"trust": 1.1,
"url": "http://openwall.com/lists/oss-security/2018/05/08/1"
},
{
"trust": 1.1,
"url": "http://openwall.com/lists/oss-security/2018/05/08/4"
},
{
"trust": 1.1,
"url": "https://github.com/can1357/cve-2018-8897/"
},
{
"trust": 1.1,
"url": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"trust": 1.1,
"url": "https://patchwork.kernel.org/patch/10386677/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht208742"
},
{
"trust": 1.1,
"url": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html"
},
{
"trust": 1.1,
"url": "https://xenbits.xen.org/xsa/advisory-260.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1318"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1345"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1348"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1349"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1351"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1354"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040744"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040849"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040861"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040866"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1040882"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2018-8897"
},
{
"trust": 1.0,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8897"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98401336/index.html"
},
{
"trust": 0.8,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/vulnerabilities/pop_ss"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1087"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208742"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/may/msg00001.html"
},
{
"trust": 0.3,
"url": "https://www.synology.com/en-global/support/security/synology_sa_18_21"
},
{
"trust": 0.3,
"url": "https://kb.vmware.com/s/article/54988"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-1087"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000199"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1000199"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026amp;revision=333368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-18017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-8824"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3431591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18017"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-13166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-1000410"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8824"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000410"
},
{
"trust": 0.1,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/pop_ss"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-16939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10471"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/xen"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10472"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10982"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10981"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4206"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4187"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1111"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1088"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1111"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-5754"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138929"
},
{
"db": "BID",
"id": "104071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"db": "PACKETSTORM",
"id": "147550"
},
{
"db": "PACKETSTORM",
"id": "147540"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147552"
},
{
"db": "PACKETSTORM",
"id": "147545"
},
{
"db": "PACKETSTORM",
"id": "147548"
},
{
"db": "PACKETSTORM",
"id": "147651"
},
{
"db": "PACKETSTORM",
"id": "147533"
},
{
"db": "PACKETSTORM",
"id": "147646"
},
{
"db": "PACKETSTORM",
"id": "147539"
},
{
"db": "PACKETSTORM",
"id": "147542"
},
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-138929"
},
{
"db": "BID",
"id": "104071"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"db": "PACKETSTORM",
"id": "147550"
},
{
"db": "PACKETSTORM",
"id": "147540"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147552"
},
{
"db": "PACKETSTORM",
"id": "147545"
},
{
"db": "PACKETSTORM",
"id": "147548"
},
{
"db": "PACKETSTORM",
"id": "147651"
},
{
"db": "PACKETSTORM",
"id": "147533"
},
{
"db": "PACKETSTORM",
"id": "147646"
},
{
"db": "PACKETSTORM",
"id": "147539"
},
{
"db": "PACKETSTORM",
"id": "147542"
},
{
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-138929"
},
{
"date": "2018-05-08T00:00:00",
"db": "BID",
"id": "104071"
},
{
"date": "2018-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"date": "2018-05-08T23:57:37",
"db": "PACKETSTORM",
"id": "147550"
},
{
"date": "2018-05-08T23:52:29",
"db": "PACKETSTORM",
"id": "147540"
},
{
"date": "2018-05-08T20:33:37",
"db": "PACKETSTORM",
"id": "147535"
},
{
"date": "2018-05-09T17:44:38",
"db": "PACKETSTORM",
"id": "147552"
},
{
"date": "2018-05-08T23:55:04",
"db": "PACKETSTORM",
"id": "147545"
},
{
"date": "2018-05-08T23:56:36",
"db": "PACKETSTORM",
"id": "147548"
},
{
"date": "2018-05-16T07:54:27",
"db": "PACKETSTORM",
"id": "147651"
},
{
"date": "2018-05-08T20:32:15",
"db": "PACKETSTORM",
"id": "147533"
},
{
"date": "2018-05-15T22:06:13",
"db": "PACKETSTORM",
"id": "147646"
},
{
"date": "2018-05-08T23:52:05",
"db": "PACKETSTORM",
"id": "147539"
},
{
"date": "2018-05-08T23:54:00",
"db": "PACKETSTORM",
"id": "147542"
},
{
"date": "2018-05-08T18:29:00.547000",
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-138929"
},
{
"date": "2018-05-17T06:00:00",
"db": "BID",
"id": "104071"
},
{
"date": "2018-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003031"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-8897"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "104071"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Issue with not properly handling hardware architecture debug exceptions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003031"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "104071"
}
],
"trust": 0.3
}
}