CVE-2018-8897 - A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Develop

CVE-2018-8897

Summary

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.

References

Vulnerable Configurations

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*
cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*
cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*
cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.7:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.11.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.3:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*
cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*
cpe:2.3:o:freebsd:freebsd:11.0:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p10:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p10:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p11:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p11:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p12:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p12:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p13:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p13:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p15:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p15:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p16:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p16:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p9:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:p9:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-362

CAPEC

Leveraging Race Conditions
The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with his version and cause the system to read the malicious file.
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

bugzilla

id	1568477
title	CVE-2018-1000199 kernel: ptrace() incorrect error handling leads to corruption and DoS

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

comment kernel earlier than 0:3.10.0-862.2.3.el7 is currently running
oval oval:com.redhat.rhsa:tst:20181318031
comment kernel earlier than 0:3.10.0-862.2.3.el7 is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20181318032

AND
comment kernel is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318001
comment kernel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842002

AND

comment kernel-abi-whitelists is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318003
comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131645004

AND

comment kernel-bootwrapper is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318005
comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842004

AND

comment kernel-debug is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318007
comment kernel-debug is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842006

AND

comment kernel-debug-devel is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318009
comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842008

AND

comment kernel-devel is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318011
comment kernel-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842010

AND
comment kernel-doc is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318013
comment kernel-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842012

AND

comment kernel-headers is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318015
comment kernel-headers is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842016

AND

comment kernel-kdump is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318017
comment kernel-kdump is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842018

AND

comment kernel-kdump-devel is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318019
comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842020

AND

comment kernel-tools is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318021
comment kernel-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140678022

AND

comment kernel-tools-libs is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318023
comment kernel-tools-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140678024

AND

comment kernel-tools-libs-devel is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318025
comment kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20140678026

AND
comment perf is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318027
comment perf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842022

AND

comment python-perf is earlier than 0:3.10.0-862.2.3.el7
oval oval:com.redhat.rhsa:tst:20181318029
comment python-perf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111530024

rhsa

id	RHSA-2018:1318
released	2018-05-08
severity	Important
title	RHSA-2018:1318: kernel security, bug fix, and enhancement update (Important)

bugzilla

id	1567074
title	CVE-2018-8897 Kernel: error in exception handling leads to DoS

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

comment kernel earlier than 0:2.6.32-696.28.1.el6 is currently running
oval oval:com.redhat.rhsa:tst:20181319027
comment kernel earlier than 0:2.6.32-696.28.1.el6 is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20181319028

AND
comment kernel is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319001
comment kernel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842002

AND

comment kernel-abi-whitelists is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319003
comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20131645004

AND

comment kernel-bootwrapper is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319005
comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842004

AND

comment kernel-debug is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319007
comment kernel-debug is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842006

AND

comment kernel-debug-devel is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319009
comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842008

AND

comment kernel-devel is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319011
comment kernel-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842010

AND

comment kernel-doc is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319013
comment kernel-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842012

AND

comment kernel-firmware is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319015
comment kernel-firmware is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842014

AND

comment kernel-headers is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319017
comment kernel-headers is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842016

AND

comment kernel-kdump is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319019
comment kernel-kdump is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842018

AND

comment kernel-kdump-devel is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319021
comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842020

AND
comment perf is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319023
comment perf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20100842022

AND

comment python-perf is earlier than 0:2.6.32-696.28.1.el6
oval oval:com.redhat.rhsa:tst:20181319025
comment python-perf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111530024

rhsa

id	RHSA-2018:1319
released	2018-05-08
severity	Important
title	RHSA-2018:1319: kernel security and bug fix update (Important)

bugzilla

id	1567074
title	CVE-2018-8897 Kernel: error in exception handling leads to DoS

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

comment kernel earlier than 0:2.6.18-431.el5 is currently running
oval oval:com.redhat.rhsa:tst:20181353025
comment kernel earlier than 0:2.6.18-431.el5 is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20181353026

AND
comment kernel is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353001
comment kernel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314002
AND
comment kernel-PAE is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353003
comment kernel-PAE is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314004

AND

comment kernel-PAE-devel is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353005
comment kernel-PAE-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314006

AND
comment kernel-debug is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353007
comment kernel-debug is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314008

AND

comment kernel-debug-devel is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353009
comment kernel-debug-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314010

AND
comment kernel-devel is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353011
comment kernel-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314012
AND
comment kernel-doc is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353013
comment kernel-doc is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314014

AND

comment kernel-headers is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353015
comment kernel-headers is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314016

AND
comment kernel-kdump is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353017
comment kernel-kdump is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314018

AND

comment kernel-kdump-devel is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353019
comment kernel-kdump-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314020

AND
comment kernel-xen is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353021
comment kernel-xen is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314022

AND

comment kernel-xen-devel is earlier than 0:2.6.18-431.el5
oval oval:com.redhat.rhsa:tst:20181353023
comment kernel-xen-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20080314024

rhsa

id	RHSA-2018:1353
released	2018-05-08
severity	Moderate
title	RHSA-2018:1353: kernel security update (Moderate)

bugzilla

id	1568477
title	CVE-2018-1000199 kernel: ptrace() incorrect error handling leads to corruption and DoS

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

comment kernel-rt earlier than 0:3.10.0-862.2.3.rt56.806.el7 is currently running
oval oval:com.redhat.rhsa:tst:20181318031
comment kernel-rt earlier than 0:3.10.0-862.2.3.rt56.806.el7 is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20181355022

AND

comment kernel-rt is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355001
comment kernel-rt is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727002

AND

comment kernel-rt-debug is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355003
comment kernel-rt-debug is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727004

AND

comment kernel-rt-debug-devel is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355005
comment kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727006

AND

comment kernel-rt-debug-kvm is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355007
comment kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20160212008

AND

comment kernel-rt-devel is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355009
comment kernel-rt-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727008

AND

comment kernel-rt-doc is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355011
comment kernel-rt-doc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727010

AND

comment kernel-rt-kvm is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355013
comment kernel-rt-kvm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20160212014

AND

comment kernel-rt-trace is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355015
comment kernel-rt-trace is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727012

AND

comment kernel-rt-trace-devel is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355017
comment kernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20150727014

AND

comment kernel-rt-trace-kvm is earlier than 0:3.10.0-862.2.3.rt56.806.el7
oval oval:com.redhat.rhsa:tst:20181355019
comment kernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20160212020

rhsa

id	RHSA-2018:1355
released	2018-05-08
severity	Important
title	RHSA-2018:1355: kernel-rt security and bug fix update (Important)

rhsa
id RHSA-2018:1345
rhsa
id RHSA-2018:1346
rhsa
id RHSA-2018:1347
rhsa
id RHSA-2018:1348
rhsa
id RHSA-2018:1349
rhsa
id RHSA-2018:1350
rhsa
id RHSA-2018:1351
rhsa
id RHSA-2018:1352
rhsa
id RHSA-2018:1354
rhsa
id RHSA-2018:1524

rpms

kernel-0:3.10.0-862.2.3.el7
kernel-abi-whitelists-0:3.10.0-862.2.3.el7
kernel-bootwrapper-0:3.10.0-862.2.3.el7
kernel-debug-0:3.10.0-862.2.3.el7
kernel-debug-debuginfo-0:3.10.0-862.2.3.el7
kernel-debug-devel-0:3.10.0-862.2.3.el7
kernel-debuginfo-0:3.10.0-862.2.3.el7
kernel-debuginfo-common-ppc64-0:3.10.0-862.2.3.el7
kernel-debuginfo-common-ppc64le-0:3.10.0-862.2.3.el7
kernel-debuginfo-common-s390x-0:3.10.0-862.2.3.el7
kernel-debuginfo-common-x86_64-0:3.10.0-862.2.3.el7
kernel-devel-0:3.10.0-862.2.3.el7
kernel-doc-0:3.10.0-862.2.3.el7
kernel-headers-0:3.10.0-862.2.3.el7
kernel-kdump-0:3.10.0-862.2.3.el7
kernel-kdump-debuginfo-0:3.10.0-862.2.3.el7
kernel-kdump-devel-0:3.10.0-862.2.3.el7
kernel-tools-0:3.10.0-862.2.3.el7
kernel-tools-debuginfo-0:3.10.0-862.2.3.el7
kernel-tools-libs-0:3.10.0-862.2.3.el7
kernel-tools-libs-devel-0:3.10.0-862.2.3.el7
perf-0:3.10.0-862.2.3.el7
perf-debuginfo-0:3.10.0-862.2.3.el7
python-perf-0:3.10.0-862.2.3.el7
python-perf-debuginfo-0:3.10.0-862.2.3.el7
kernel-0:2.6.32-696.28.1.el6
kernel-abi-whitelists-0:2.6.32-696.28.1.el6
kernel-bootwrapper-0:2.6.32-696.28.1.el6
kernel-debug-0:2.6.32-696.28.1.el6
kernel-debug-debuginfo-0:2.6.32-696.28.1.el6
kernel-debug-devel-0:2.6.32-696.28.1.el6
kernel-debuginfo-0:2.6.32-696.28.1.el6
kernel-debuginfo-common-i686-0:2.6.32-696.28.1.el6
kernel-debuginfo-common-ppc64-0:2.6.32-696.28.1.el6
kernel-debuginfo-common-s390x-0:2.6.32-696.28.1.el6
kernel-debuginfo-common-x86_64-0:2.6.32-696.28.1.el6
kernel-devel-0:2.6.32-696.28.1.el6
kernel-doc-0:2.6.32-696.28.1.el6
kernel-firmware-0:2.6.32-696.28.1.el6
kernel-headers-0:2.6.32-696.28.1.el6
kernel-kdump-0:2.6.32-696.28.1.el6
kernel-kdump-debuginfo-0:2.6.32-696.28.1.el6
kernel-kdump-devel-0:2.6.32-696.28.1.el6
perf-0:2.6.32-696.28.1.el6
perf-debuginfo-0:2.6.32-696.28.1.el6
python-perf-0:2.6.32-696.28.1.el6
python-perf-debuginfo-0:2.6.32-696.28.1.el6
kernel-0:3.10.0-693.25.4.el7
kernel-abi-whitelists-0:3.10.0-693.25.4.el7
kernel-bootwrapper-0:3.10.0-693.25.4.el7
kernel-debug-0:3.10.0-693.25.4.el7
kernel-debug-debuginfo-0:3.10.0-693.25.4.el7
kernel-debug-devel-0:3.10.0-693.25.4.el7
kernel-debuginfo-0:3.10.0-693.25.4.el7
kernel-debuginfo-common-ppc64-0:3.10.0-693.25.4.el7
kernel-debuginfo-common-ppc64le-0:3.10.0-693.25.4.el7
kernel-debuginfo-common-s390x-0:3.10.0-693.25.4.el7
kernel-debuginfo-common-x86_64-0:3.10.0-693.25.4.el7
kernel-devel-0:3.10.0-693.25.4.el7
kernel-doc-0:3.10.0-693.25.4.el7
kernel-headers-0:3.10.0-693.25.4.el7
kernel-kdump-0:3.10.0-693.25.4.el7
kernel-kdump-debuginfo-0:3.10.0-693.25.4.el7
kernel-kdump-devel-0:3.10.0-693.25.4.el7
kernel-tools-0:3.10.0-693.25.4.el7
kernel-tools-debuginfo-0:3.10.0-693.25.4.el7
kernel-tools-libs-0:3.10.0-693.25.4.el7
kernel-tools-libs-devel-0:3.10.0-693.25.4.el7
perf-0:3.10.0-693.25.4.el7
perf-debuginfo-0:3.10.0-693.25.4.el7
python-perf-0:3.10.0-693.25.4.el7
python-perf-debuginfo-0:3.10.0-693.25.4.el7
kernel-0:2.6.32-573.55.2.el6
kernel-abi-whitelists-0:2.6.32-573.55.2.el6
kernel-bootwrapper-0:2.6.32-573.55.2.el6
kernel-debug-0:2.6.32-573.55.2.el6
kernel-debug-debuginfo-0:2.6.32-573.55.2.el6
kernel-debug-devel-0:2.6.32-573.55.2.el6
kernel-debuginfo-0:2.6.32-573.55.2.el6
kernel-debuginfo-common-i686-0:2.6.32-573.55.2.el6
kernel-debuginfo-common-ppc64-0:2.6.32-573.55.2.el6
kernel-debuginfo-common-s390x-0:2.6.32-573.55.2.el6
kernel-debuginfo-common-x86_64-0:2.6.32-573.55.2.el6
kernel-devel-0:2.6.32-573.55.2.el6
kernel-doc-0:2.6.32-573.55.2.el6
kernel-firmware-0:2.6.32-573.55.2.el6
kernel-headers-0:2.6.32-573.55.2.el6
kernel-kdump-0:2.6.32-573.55.2.el6
kernel-kdump-debuginfo-0:2.6.32-573.55.2.el6
kernel-kdump-devel-0:2.6.32-573.55.2.el6
perf-0:2.6.32-573.55.2.el6
perf-debuginfo-0:2.6.32-573.55.2.el6
python-perf-0:2.6.32-573.55.2.el6
python-perf-debuginfo-0:2.6.32-573.55.2.el6
kernel-0:3.10.0-327.66.3.el7
kernel-abi-whitelists-0:3.10.0-327.66.3.el7
kernel-bootwrapper-0:3.10.0-327.66.3.el7
kernel-debug-0:3.10.0-327.66.3.el7
kernel-debug-debuginfo-0:3.10.0-327.66.3.el7
kernel-debug-devel-0:3.10.0-327.66.3.el7
kernel-debuginfo-0:3.10.0-327.66.3.el7
kernel-debuginfo-common-ppc64le-0:3.10.0-327.66.3.el7
kernel-debuginfo-common-x86_64-0:3.10.0-327.66.3.el7
kernel-devel-0:3.10.0-327.66.3.el7
kernel-doc-0:3.10.0-327.66.3.el7
kernel-headers-0:3.10.0-327.66.3.el7
kernel-tools-0:3.10.0-327.66.3.el7
kernel-tools-debuginfo-0:3.10.0-327.66.3.el7
kernel-tools-libs-0:3.10.0-327.66.3.el7
kernel-tools-libs-devel-0:3.10.0-327.66.3.el7
perf-0:3.10.0-327.66.3.el7
perf-debuginfo-0:3.10.0-327.66.3.el7
python-perf-0:3.10.0-327.66.3.el7
python-perf-debuginfo-0:3.10.0-327.66.3.el7
kernel-0:3.10.0-514.48.3.el7
kernel-abi-whitelists-0:3.10.0-514.48.3.el7
kernel-bootwrapper-0:3.10.0-514.48.3.el7
kernel-debug-0:3.10.0-514.48.3.el7
kernel-debug-debuginfo-0:3.10.0-514.48.3.el7
kernel-debug-devel-0:3.10.0-514.48.3.el7
kernel-debuginfo-0:3.10.0-514.48.3.el7
kernel-debuginfo-common-ppc64-0:3.10.0-514.48.3.el7
kernel-debuginfo-common-ppc64le-0:3.10.0-514.48.3.el7
kernel-debuginfo-common-s390x-0:3.10.0-514.48.3.el7
kernel-debuginfo-common-x86_64-0:3.10.0-514.48.3.el7
kernel-devel-0:3.10.0-514.48.3.el7
kernel-doc-0:3.10.0-514.48.3.el7
kernel-headers-0:3.10.0-514.48.3.el7
kernel-kdump-0:3.10.0-514.48.3.el7
kernel-kdump-debuginfo-0:3.10.0-514.48.3.el7
kernel-kdump-devel-0:3.10.0-514.48.3.el7
kernel-tools-0:3.10.0-514.48.3.el7
kernel-tools-debuginfo-0:3.10.0-514.48.3.el7
kernel-tools-libs-0:3.10.0-514.48.3.el7
kernel-tools-libs-devel-0:3.10.0-514.48.3.el7
perf-0:3.10.0-514.48.3.el7
perf-debuginfo-0:3.10.0-514.48.3.el7
python-perf-0:3.10.0-514.48.3.el7
python-perf-debuginfo-0:3.10.0-514.48.3.el7
kernel-0:2.6.32-358.88.2.el6
kernel-debug-0:2.6.32-358.88.2.el6
kernel-debug-debuginfo-0:2.6.32-358.88.2.el6
kernel-debug-devel-0:2.6.32-358.88.2.el6
kernel-debuginfo-0:2.6.32-358.88.2.el6
kernel-debuginfo-common-x86_64-0:2.6.32-358.88.2.el6
kernel-devel-0:2.6.32-358.88.2.el6
kernel-doc-0:2.6.32-358.88.2.el6
kernel-firmware-0:2.6.32-358.88.2.el6
kernel-headers-0:2.6.32-358.88.2.el6
perf-0:2.6.32-358.88.2.el6
perf-debuginfo-0:2.6.32-358.88.2.el6
python-perf-0:2.6.32-358.88.2.el6
python-perf-debuginfo-0:2.6.32-358.88.2.el6
kernel-0:2.6.32-431.89.2.el6
kernel-abi-whitelists-0:2.6.32-431.89.2.el6
kernel-debug-0:2.6.32-431.89.2.el6
kernel-debug-debuginfo-0:2.6.32-431.89.2.el6
kernel-debug-devel-0:2.6.32-431.89.2.el6
kernel-debuginfo-0:2.6.32-431.89.2.el6
kernel-debuginfo-common-x86_64-0:2.6.32-431.89.2.el6
kernel-devel-0:2.6.32-431.89.2.el6
kernel-doc-0:2.6.32-431.89.2.el6
kernel-firmware-0:2.6.32-431.89.2.el6
kernel-headers-0:2.6.32-431.89.2.el6
perf-0:2.6.32-431.89.2.el6
perf-debuginfo-0:2.6.32-431.89.2.el6
python-perf-0:2.6.32-431.89.2.el6
python-perf-debuginfo-0:2.6.32-431.89.2.el6
kernel-0:2.6.32-504.68.2.el6
kernel-abi-whitelists-0:2.6.32-504.68.2.el6
kernel-debug-0:2.6.32-504.68.2.el6
kernel-debug-debuginfo-0:2.6.32-504.68.2.el6
kernel-debug-devel-0:2.6.32-504.68.2.el6
kernel-debuginfo-0:2.6.32-504.68.2.el6
kernel-debuginfo-common-x86_64-0:2.6.32-504.68.2.el6
kernel-devel-0:2.6.32-504.68.2.el6
kernel-doc-0:2.6.32-504.68.2.el6
kernel-firmware-0:2.6.32-504.68.2.el6
kernel-headers-0:2.6.32-504.68.2.el6
perf-0:2.6.32-504.68.2.el6
perf-debuginfo-0:2.6.32-504.68.2.el6
python-perf-0:2.6.32-504.68.2.el6
python-perf-debuginfo-0:2.6.32-504.68.2.el6
kernel-0:2.6.18-348.39.2.el5
kernel-PAE-0:2.6.18-348.39.2.el5
kernel-PAE-debuginfo-0:2.6.18-348.39.2.el5
kernel-PAE-devel-0:2.6.18-348.39.2.el5
kernel-debug-0:2.6.18-348.39.2.el5
kernel-debug-debuginfo-0:2.6.18-348.39.2.el5
kernel-debug-devel-0:2.6.18-348.39.2.el5
kernel-debuginfo-0:2.6.18-348.39.2.el5
kernel-debuginfo-common-0:2.6.18-348.39.2.el5
kernel-devel-0:2.6.18-348.39.2.el5
kernel-doc-0:2.6.18-348.39.2.el5
kernel-headers-0:2.6.18-348.39.2.el5
kernel-xen-0:2.6.18-348.39.2.el5
kernel-xen-debuginfo-0:2.6.18-348.39.2.el5
kernel-xen-devel-0:2.6.18-348.39.2.el5
kernel-0:2.6.18-431.el5
kernel-PAE-0:2.6.18-431.el5
kernel-PAE-debuginfo-0:2.6.18-431.el5
kernel-PAE-devel-0:2.6.18-431.el5
kernel-debug-0:2.6.18-431.el5
kernel-debug-debuginfo-0:2.6.18-431.el5
kernel-debug-devel-0:2.6.18-431.el5
kernel-debuginfo-0:2.6.18-431.el5
kernel-debuginfo-common-0:2.6.18-431.el5
kernel-devel-0:2.6.18-431.el5
kernel-doc-0:2.6.18-431.el5
kernel-headers-0:2.6.18-431.el5
kernel-kdump-0:2.6.18-431.el5
kernel-kdump-debuginfo-0:2.6.18-431.el5
kernel-kdump-devel-0:2.6.18-431.el5
kernel-xen-0:2.6.18-431.el5
kernel-xen-debuginfo-0:2.6.18-431.el5
kernel-xen-devel-0:2.6.18-431.el5
kernel-rt-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-debug-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-debug-debuginfo-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-debug-devel-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-debuginfo-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-devel-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-doc-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-firmware-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-trace-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-trace-debuginfo-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-trace-devel-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-vanilla-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-vanilla-debuginfo-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-vanilla-devel-1:3.10.0-693.25.4.rt56.613.el6rt
kernel-rt-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debug-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debug-debuginfo-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debug-devel-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debug-kvm-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debuginfo-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-devel-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-doc-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-kvm-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-kvm-debuginfo-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-trace-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-trace-debuginfo-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-trace-devel-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-trace-kvm-0:3.10.0-862.2.3.rt56.806.el7
kernel-rt-trace-kvm-debuginfo-0:3.10.0-862.2.3.rt56.806.el7
imgbased-0:1.0.16-0.1.el7ev
ovirt-node-ng-nodectl-0:4.2.0-0.20170814.0.el7
python-imgbased-0:1.0.16-0.1.el7ev
redhat-release-virtualization-host-0:4.2-3.0.el7
redhat-virtualization-host-image-update-0:4.2-20180508.0.el7_5
redhat-virtualization-host-image-update-placeholder-0:4.2-3.0.el7
redhat-virtualization-host-image-update-0:3.6-20180521.0.el7_3
rhev-hypervisor7-0:7.3-20180521.1.el6ev
rhev-hypervisor7-0:7.3-20180521.1.el7ev

refmap via4

bid	104071
cert-vn	VU#631579
confirm	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897 https://security.netapp.com/advisory/ntap-20180927-0002/ https://support.citrix.com/article/CTX234679 https://www.synology.com/support/security/Synology_SA_18_21
debian	DSA-4196 DSA-4201
exploit-db	44697 45024
misc	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9 http://openwall.com/lists/oss-security/2018/05/08/1 http://openwall.com/lists/oss-security/2018/05/08/4 https://bugzilla.redhat.com/show_bug.cgi?id=1567074 https://github.com/can1357/CVE-2018-8897/ https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9 https://patchwork.kernel.org/patch/10386677/ https://support.apple.com/HT208742 https://svnweb.freebsd.org/base?view=revision&revision=333368 https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html https://xenbits.xen.org/xsa/advisory-260.html
mlist	[debian-lts-announce] 20180525 [SECURITY] [DLA 1383-1] xen security update [debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update [debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update
sectrack	1040744 1040849 1040861 1040866 1040882
ubuntu	USN-3641-1 USN-3641-2

Last major update

03-10-2019 - 00:03

Published

08-05-2018 - 18:29

Last modified

03-10-2019 - 00:03