- Home
- CVEs with nessus.description==An+update+for+kernel+is+now+available+for+Red+Hat+Enterprise+Linux+7.4+Extended+Update+Support.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+a+security+impact+of+Important.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+for+each+vulnerability+from+the+CVE+link%28s%29+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0ASecurity+Fix%28es%29+%3A%0A%0A%2A+A+flaw+named+FragmentSmack+was+found+in+the+way+the+Linux+kernel+handled+reassembly+of+fragmented+IPv4+and+IPv6+packets.+A+remote+attacker+could+use+this+flaw+to+trigger+time+and+calculation+expensive+fragment+reassembly+algorithm+by+sending+specially+crafted+packets+which+could+lead+to+a+CPU+saturation+and+hence+a+denial+of+service+on+the+system.+%28CVE-2018-5391%29%0A%0A%2A+kernel%3A+out-of-bounds+access+in+the+show_timer+function+in+kernel%2Ftime%2F+posix-timers.c+%28CVE-2017-18344%29%0A%0A%2A+kernel%3A+mm%3A+use-after-free+in+do_get_mempolicy+function+allows+local+DoS+or+other+unspecified+impact+%28CVE-2018-10675%29%0A%0A%2A+kernel%3A+Integer+overflow+in+Linux%27s+create_elf_tables+function+%28CVE-2018-14634%29%0A%0AFor+more+details+about+the+security+issue%28s%29%2C+including+the+impact%2C+a+CVSS+score%2C+and+other+related+information%2C+refer+to+the+CVE+page%28s%29+listed+in+the+References+section.%0A%0ARed+Hat+would+like+to+thank+Juha-Matti+Tilli+%28Aalto+University+-+Department+of+Communications+and+Networking+and+Nokia+Bell+Labs%29+for+reporting+CVE-2018-5391+and+Qualys+Research+Labs+for+reporting+CVE-2018-14634.%0A%0ABug+Fix%28es%29+%3A%0A%0AThese+updated+kernel+packages+include+also+numerous+bug+fixes.+Space+precludes+documenting+all+of+the+bug+fixes+in+this+advisory.+See+the+descriptions+in+the+related+Knowledge+Article%3A%0Ahttps%3A%2F%2Faccess.redhat.com%2Farticles%2F3684891
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top