ID CVE-2018-14646
Summary The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service.
References
Vulnerable Configurations
  • Linux Kernel 4.14
    cpe:2.3:o:linux:linux_kernel:4.14
  • Linux Kernel 4.15 Release Candidate 1
    cpe:2.3:o:linux:linux_kernel:4.15:rc1
  • Linux Kernel 4.15 Release Candidate 2
    cpe:2.3:o:linux:linux_kernel:4.15:rc2
  • Linux Kernel 4.15 Release Candidate 3
    cpe:2.3:o:linux:linux_kernel:4.15:rc3
  • Linux Kernel 4.15 Release Candidate 4
    cpe:2.3:o:linux:linux_kernel:4.15:rc4
  • Linux Kernel 4.15 Release Candidate 5
    cpe:2.3:o:linux:linux_kernel:4.15:rc5
  • Linux Kernel 4.15 Release Candidate 6
    cpe:2.3:o:linux:linux_kernel:4.15:rc6
  • Linux Kernel 4.15 Release Candidate 7
    cpe:2.3:o:linux:linux_kernel:4.15:rc7
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.5
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
CVSS
Base: 4.9
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZA-2018-085.NASL
    description According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - The Linux kernel was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-11
    plugin id 121101
    published 2019-01-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121101
    title Virtuozzo 7 : readykernel-patch (VZA-2018-085)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3843.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Christian Brauner for reporting this issue. Bug Fix(es) : * Previously, the kernel architectures for IBM z Systems were missing support to display the status of the Spectre v2 mitigations. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spectre_v2 file did not exist. With this update, the kernel now shows the status in the above mentioned file and as a result, the file now reports either 'Vulnerable' or 'Mitigation: execute trampolines' message. (BZ#1636884) * Previously, under certain conditions, the page direct reclaim code was occasionally stuck in a loop when waiting for the reclaim to finish. As a consequence, affected applications became unresponsive with no progress possible. This update fixes the bug by modifying the page direct reclaim code to bound the waiting time for the reclaim to finish. As a consequence, the affected applications no longer hang in the described scenario. (BZ# 1635132) * Previously, a packet was missing the User Datagram Protocol (UDP) payload checksum during a full checksum computation, if the hardware checksum was not applied. As a consequence, a packet with an incorrect checksum was dropped by a peer. With this update, the kernel includes the UDP payload checksum during the full checksum computation. As a result, the checksum is computed correctly and the packet can be received by the peer. (BZ#1635796) * Previously, on user setups running a mixed workload, the scheduler did not pick up tasks because the runqueues were throttled for a long time. As a consequence, the system became partially unresponsive. To fix this bug, the kernel now sets a flag in the cfs_bandwidth struct to secure better task distribution. As a result, the system no longer becomes unresponsive in the described scenario. (BZ#1640676) * Previously, clearing a CPU mask with the cgroups feature triggered the following warning : kernel: WARNING: CPU: 422 PID: 364940 at kernel/cpuset.c:955 update_cpumasks_hier+0x3af/0x410 As a consequence, the user's log file was flooded with similar warning messages as above. This update fixes the bug and the warning message no longer appears in the described scenario. (BZ#1644237) * Previously, a lot of CPU time was occasionally spent in the kernel during a teardown of a container with a lot of memory assigned. As a consequence, an increased risk of CPU soft lockups could occur due to higher latency of a CPU scheduler for other processes during the container teardown. To fix the problem, the kernel now adds a reschedule to the tight kernel loop. As a result, the CPU scheduler latency is not increased by the container teardown and there is not the increased risk of CPU soft lockups in the described scenario. (BZ#1644672) * When a user created a VLAN device, the kernel set the wanted_features set of the VLAN to the current features of the base device. As a consequence, when the base device got new features, the features were not propagated to the VLAN device. This update fixes the bug and the VLAN device receives the new features in the described scenario. Note that this only affects TCP Segmentation Offload (TSO). (BZ#1644674)
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 119758
    published 2018-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119758
    title RHEL 7 : kernel (RHSA-2018:3843)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3666.NASL
    description An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646. Bug Fix(es) : * The kernel-rt packages have been upgraded to the 3.10.0-957.1.2 source tree, which provides a number of bug fixes over the previous version. (BZ# 1632386)
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 119173
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119173
    title RHEL 7 : kernel-rt (RHSA-2018:3666)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20181127_KERNEL_ON_SL7_X.NASL
    description Security Fix(es) : - kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) - kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) Bug Fix(es) : See the descriptions in the related Knowledge Article :
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 119251
    published 2018-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119251
    title Scientific Linux Security Update : kernel on SL7.x x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-3651.NASL
    description From Red Hat Security Advisory 2018:3651 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646. Bug Fix(es) : These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714371
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 119247
    published 2018-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119247
    title Oracle Linux 7 : kernel (ELSA-2018-3651)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2019-1028.NASL
    description According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.(CVE-2018-10878) - An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames. This is related to cgw_csum_xor_rel. An unprivileged user can trigger a system crash (general protection fault).(CVE-2019-3701) - A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.(CVE-2018-10881) - A flaw was found in the Linux kernel's ext4 filesystem code. A stack-out-of-bounds write in ext4_update_inline_data() is possible when mounting and writing to a crafted ext4 image. An attacker could use this to cause a system crash and a denial of service.(CVE-2018-10880) - The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c.(CVE-2013-3076) - weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.(CVE-2018-1108) - An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.(CVE-2018-17972) - A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial of service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely.(CVE-2018-14633) - An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.(CVE-2018-16658) - In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.(CVE-2018-18690) - A security flaw was found in the Linux kernel in drivers/tty/n_tty.c which allows local attackers (ones who are able to access pseudo terminals) to lock them up and block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ handler.(CVE-2018-18386) - The Linux kernel was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service.(CVE-2018-14646) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-15
    plugin id 122201
    published 2019-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122201
    title EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1028)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-3651.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646. Bug Fix(es) : These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714371
    last seen 2019-02-21
    modified 2018-12-14
    plugin id 119662
    published 2018-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119662
    title CentOS 7 : kernel (CESA-2018:3651)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3651.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646. Bug Fix(es) : These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714371
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 119169
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119169
    title RHEL 7 : kernel (RHSA-2018:3651)
redhat via4
advisories
  • bugzilla
    id 1630124
    title CVE-2018-14646 kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment bpftool is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651035
        • comment bpftool is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20183083036
      • AND
        • comment kernel is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651015
        • comment kernel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842006
      • AND
        • comment kernel-abi-whitelists is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651005
        • comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131645028
      • AND
        • comment kernel-bootwrapper is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651031
        • comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842010
      • AND
        • comment kernel-debug is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651013
        • comment kernel-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842012
      • AND
        • comment kernel-debug-devel is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651011
        • comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842014
      • AND
        • comment kernel-devel is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651021
        • comment kernel-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842016
      • AND
        • comment kernel-doc is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651007
        • comment kernel-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842024
      • AND
        • comment kernel-headers is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651019
        • comment kernel-headers is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842008
      • AND
        • comment kernel-kdump is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651023
        • comment kernel-kdump is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842018
      • AND
        • comment kernel-kdump-devel is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651017
        • comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842020
      • AND
        • comment kernel-tools is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651029
        • comment kernel-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140678010
      • AND
        • comment kernel-tools-libs is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651033
        • comment kernel-tools-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140678012
      • AND
        • comment kernel-tools-libs-devel is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651027
        • comment kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140678020
      • AND
        • comment perf is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651025
        • comment perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100842022
      • AND
        • comment python-perf is earlier than 0:3.10.0-957.1.3.el7
          oval oval:com.redhat.rhsa:tst:20183651009
        • comment python-perf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111530020
    rhsa
    id RHSA-2018:3651
    released 2018-11-26
    severity Moderate
    title RHSA-2018:3651: kernel security, bug fix, and enhancement update (Moderate)
  • bugzilla
    id 1632386
    title kernel-rt: update to the RHEL7.6.z batch#1 source tree
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment kernel-rt is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666017
        • comment kernel-rt is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727006
      • AND
        • comment kernel-rt-debug is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666021
        • comment kernel-rt-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727014
      • AND
        • comment kernel-rt-debug-devel is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666013
        • comment kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727016
      • AND
        • comment kernel-rt-debug-kvm is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666011
        • comment kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20161051024
      • AND
        • comment kernel-rt-devel is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666015
        • comment kernel-rt-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727012
      • AND
        • comment kernel-rt-doc is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666005
        • comment kernel-rt-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727018
      • AND
        • comment kernel-rt-kvm is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666023
        • comment kernel-rt-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20161051016
      • AND
        • comment kernel-rt-trace is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666007
        • comment kernel-rt-trace is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727008
      • AND
        • comment kernel-rt-trace-devel is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666009
        • comment kernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727010
      • AND
        • comment kernel-rt-trace-kvm is earlier than 0:3.10.0-957.1.3.rt56.913.el7
          oval oval:com.redhat.rhsa:tst:20183666019
        • comment kernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20161051018
    rhsa
    id RHSA-2018:3666
    released 2018-11-26
    severity Moderate
    title RHSA-2018:3666: kernel-rt security and bug fix update (Moderate)
  • rhsa
    id RHSA-2018:3843
rpms
  • bpftool-0:3.10.0-957.1.3.el7
  • kernel-0:3.10.0-957.1.3.el7
  • kernel-abi-whitelists-0:3.10.0-957.1.3.el7
  • kernel-bootwrapper-0:3.10.0-957.1.3.el7
  • kernel-debug-0:3.10.0-957.1.3.el7
  • kernel-debug-devel-0:3.10.0-957.1.3.el7
  • kernel-devel-0:3.10.0-957.1.3.el7
  • kernel-doc-0:3.10.0-957.1.3.el7
  • kernel-headers-0:3.10.0-957.1.3.el7
  • kernel-kdump-0:3.10.0-957.1.3.el7
  • kernel-kdump-devel-0:3.10.0-957.1.3.el7
  • kernel-tools-0:3.10.0-957.1.3.el7
  • kernel-tools-libs-0:3.10.0-957.1.3.el7
  • kernel-tools-libs-devel-0:3.10.0-957.1.3.el7
  • perf-0:3.10.0-957.1.3.el7
  • python-perf-0:3.10.0-957.1.3.el7
  • kernel-rt-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-debug-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-debug-devel-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-debug-kvm-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-devel-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-doc-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-kvm-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-trace-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-trace-devel-0:3.10.0-957.1.3.rt56.913.el7
  • kernel-rt-trace-kvm-0:3.10.0-957.1.3.rt56.913.el7
refmap via4
confirm
Last major update 26-11-2018 - 14:29
Published 26-11-2018 - 14:29
Last modified 19-12-2018 - 10:41
Back to Top