- Home
- CVEs with nessus.description==Updated kernel-rt packages that fix two security issues and add one
enhancement are now available for Red Hat Enterprise MRG 2.
Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
The kernel-rt packages provide the Real Time Linux Kernel, which
enables fine-tuning for systems with extremely high determinism
requirements.
Security Fix(es) :
* kernel: Buffer over-read in keyring subsystem allows exposing
potentially sensitive information to local attacker (CVE-2017-13305)
* Kernel: FPU state information leakage via lazy FPU restore
(CVE-2018-3665)
For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.
Red Hat would like to thank Julian Stecklina (Amazon.de), Thomas
Prescher (cyberus-technology.de), and Zdenek Sojka (sysgo.com) for
reporting CVE-2018-3665.
Enhancement(s) :
* The kernel-rt packages have been upgraded to version
3.10.0-693.35.1.rt56.623, which provides a number of bug fixes over
the previous version. (BZ#1579972)
Users of kernel-rt are advised to upgrade to these updated packages,
which add this enhancement.
The system must be rebooted for this update to take effect.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top