- Home
- CVEs with nessus.description==An+update+for+kernel+is+now+available+for+Red+Hat+Enterprise+Linux+6.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+a+security+impact+of+Moderate.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+for+each+vulnerability+from+the+CVE+link%28s%29+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0ASecurity+Fix%28es%29+%3A%0A%0A%2A+Kernel+memory+corruption+due+to+a+buffer+overflow+was+found+in+brcmf_cfg80211_mgmt_tx%28%29+function+in+Linux+kernels+from+v3.9-rc1+to+v4.13-rc1.+The+vulnerability+can+be+triggered+by+sending+a+crafted+NL80211_CMD_FRAME+packet+via+netlink.+This+flaw+is+unlikely+to+be+triggered+remotely+as+certain+userspace+code+is+needed+for+this.+An+unprivileged+local+user+could+use+this+flaw+to+induce+kernel+memory+corruption+on+the+system%2C+leading+to+a+crash.+Due+to+the+nature+of+the+flaw%2C+privilege+escalation+cannot+be+fully+ruled+out%2C+although+it+is+unlikely.+%28CVE-2017-7541%2C+Moderate%29%0A%0ABug+Fix%28es%29+%3A%0A%0A%2A+Previously%2C+removal+of+a+rport+during+ISCSI+target+scanning+could+cause+a+kernel+panic.+This+was+happening+because+addition+of+STARGET_REMOVE+to+the+rport+state+introduced+a+race+condition+to+the+SCSI+code.+This+update+adds+the+STARGET_CREATED_REMOVE+state+as+a+possible+state+of+the+rport+and+appropriate+handling+of+that+state%2C+thus+fixing+the+bug.+As+a+result%2C+the+kernel+panic+no+longer+occurs+under+the+described+circumstances.+%28BZ%23+1472127%29%0A%0A%2A+Previously%2C+GFS2+contained+multiple+bugs+where+the+wrong+inode+was+assigned+to+GFS2+cluster-wide+locks+%28glocks%29%2C+or+the+assigned+inode+was+cleared+incorrectly.+Consequently%2C+kernel+panic+could+occur+when+using+GFS2.+With+this+update%2C+GFS2+has+been+fixed%2C+and+the+kernel+no+longer+panics+due+to+those+bugs.+%28BZ%231479397%29%0A%0A%2A+Previously%2C+VMs+with+memory+larger+than+64GB+running+on+Hyper-V+with+Windows+Server+hosts+reported+potential+memory+size+of+4TB+and+more%2C+but+could+not+use+more+than+64GB.+This+was+happening+because+the+Memory+Type+Range+Register+%28MTRR%29+for+memory+above+64GB+was+omitted.%0AWith+this+update%2C+the+%2Fproc%2Fmtrr+file+has+been+fixed+to+show+correct+base%2Fsize+if+they+are+more+than+44+bit+wide.+As+a+result%2C+the+whole+size+of+memory+is+now+available+as+expected+under+the+described+circumstances.+%28BZ%231482855%29
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top