rhsa-2018:2948
Vulnerability from csaf_redhat
Published
2018-10-30 12:05
Modified
2025-03-17 00:35
Summary
Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, aarch64)
* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)
* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)
Space precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article:
https://access.redhat.com/articles/3658021
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639; Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391; Qualys Research Labs for reporting CVE-2018-1120; David Rientjes (Google) for reporting CVE-2018-1000200; and Wen Xu for reporting CVE-2018-1092, CVE-2018-1094, and CVE-2018-1095. The CVE-2018-14619 issue was discovered by Florian Weimer (Red Hat) and Ondrej Mosnacek (Red Hat).
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, aarch64)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390)\n\n* A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)\n\nSpace precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article: \n\nhttps://access.redhat.com/articles/3658021\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639; Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391; Qualys Research Labs for reporting CVE-2018-1120; David Rientjes (Google) for reporting CVE-2018-1000200; and Wen Xu for reporting CVE-2018-1092, CVE-2018-1094, and CVE-2018-1095. The CVE-2018-14619 issue was discovered by Florian Weimer (Red Hat) and Ondrej Mosnacek (Red Hat).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:2948", url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/articles/3553061", url: "https://access.redhat.com/articles/3553061", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/ssbd", url: "https://access.redhat.com/security/vulnerabilities/ssbd", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/articles/3658021", url: "https://access.redhat.com/articles/3658021", }, { category: "external", summary: "1516257", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1516257", }, { category: "external", summary: "1528312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528312", }, { category: "external", summary: "1528323", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528323", }, { category: "external", summary: "1533909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1533909", }, { category: "external", summary: "1539508", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1539508", }, { category: "external", summary: "1539706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1539706", }, { category: "external", summary: "1541846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1541846", }, { category: "external", summary: "1547824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1547824", }, { category: "external", summary: "1548412", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548412", }, { category: "external", summary: "1550142", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1550142", }, { category: "external", summary: "1551051", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1551051", }, { category: "external", summary: "1551565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1551565", }, { category: "external", summary: "1552048", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552048", }, { category: "external", summary: "1553361", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553361", }, { category: "external", summary: "1560777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1560777", }, { category: "external", summary: "1560788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1560788", }, { category: "external", summary: "1560793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1560793", }, { category: "external", summary: "1566890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566890", }, { category: "external", summary: "1568744", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1568744", }, { category: "external", summary: "1571062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571062", }, { category: "external", summary: "1571623", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571623", }, { category: "external", summary: "1573699", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1573699", }, { category: "external", summary: "1575472", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1575472", }, { category: "external", summary: "1577408", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1577408", }, { category: "external", summary: "1583210", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1583210", }, { category: "external", summary: "1589324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1589324", }, { category: "external", summary: "1590215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590215", }, { category: "external", summary: "1590799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590799", }, { category: "external", summary: "1596795", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596795", }, { category: "external", summary: "1596802", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596802", }, { category: "external", summary: "1596806", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596806", }, { category: "external", summary: "1596812", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596812", }, { category: "external", summary: "1596828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596828", }, { category: "external", summary: "1596842", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596842", }, { category: "external", summary: "1596846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596846", }, { category: "external", summary: "1599161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1599161", }, { category: "external", summary: "1601704", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601704", }, { category: "external", summary: "1609664", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1609664", }, { category: "external", summary: "1610958", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1610958", }, { category: "external", summary: "1622004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1622004", }, { category: "external", summary: "1623067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1623067", }, { category: "external", summary: "1629636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1629636", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2948.json", }, ], title: "Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update", tracking: { current_release_date: "2025-03-17T00:35:32+00:00", generator: { date: "2025-03-17T00:35:32+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2018:2948", initial_release_date: "2018-10-30T12:05:20+00:00", revision_history: [ { date: "2018-10-30T12:05:20+00:00", number: "1", summary: "Initial version", }, { date: "2018-10-30T12:05:20+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-17T00:35:32+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", product: { name: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", product_id: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le", product: { name: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le", product_id: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-debug-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-debug-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-debug-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-debug@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "perf-0:4.14.0-115.el7a.ppc64le", product: { name: "perf-0:4.14.0-115.el7a.ppc64le", product_id: "perf-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/perf@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-devel-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-devel-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-devel-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-devel@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-tools-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-tools-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-tools-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-tools@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "python-perf-0:4.14.0-115.el7a.ppc64le", product: { name: "python-perf-0:4.14.0-115.el7a.ppc64le", product_id: "python-perf-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-perf@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.el7a?arch=ppc64le", }, }, }, { category: "product_version", name: "kernel-headers-0:4.14.0-115.el7a.ppc64le", product: { name: "kernel-headers-0:4.14.0-115.el7a.ppc64le", product_id: "kernel-headers-0:4.14.0-115.el7a.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-headers@4.14.0-115.el7a?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", product: { name: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", product_id: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.el7a?arch=noarch", }, }, }, { category: "product_version", name: "kernel-doc-0:4.14.0-115.el7a.noarch", product: { name: "kernel-doc-0:4.14.0-115.el7a.noarch", product_id: "kernel-doc-0:4.14.0-115.el7a.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-doc@4.14.0-115.el7a?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-alt-0:4.14.0-115.el7a.src", product: { name: "kernel-alt-0:4.14.0-115.el7a.src", product_id: "kernel-alt-0:4.14.0-115.el7a.src", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-alt@4.14.0-115.el7a?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", }, product_reference: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-alt-0:4.14.0-115.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", }, product_reference: "kernel-alt-0:4.14.0-115.el7a.src", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debug-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-devel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-doc-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", }, product_reference: "kernel-doc-0:4.14.0-115.el7a.noarch", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-headers-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-headers-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", }, product_reference: "perf-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "python-perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", }, product_reference: "python-perf-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", }, product_reference: "kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-alt-0:4.14.0-115.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", }, product_reference: "kernel-alt-0:4.14.0-115.el7a.src", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debug-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-devel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-doc-0:4.14.0-115.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", }, product_reference: "kernel-doc-0:4.14.0-115.el7a.noarch", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-headers-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-headers-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", }, product_reference: "kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", }, product_reference: "perf-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "perf-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "python-perf-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", }, product_reference: "python-perf-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, { category: "default_component_of", full_product_name: { name: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", }, product_reference: "python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", relates_to_product_reference: "7Server-optional-RHELALT-7.6", }, ], }, vulnerabilities: [ { cve: "CVE-2017-13166", cwe: { id: "CWE-266", name: "Incorrect Privilege Assignment", }, discovery_date: "2018-02-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1548412", }, ], notes: [ { category: "description", text: "A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space. This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace process, leading to privilege escalation.", title: "Vulnerability description", }, { category: "summary", text: "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-13166", }, { category: "external", summary: "RHBZ#1548412", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1548412", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-13166", url: "https://www.cve.org/CVERecord?id=CVE-2017-13166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-13166", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-13166", }, ], release_date: "2017-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { category: "workaround", details: "A systemtap script intercepting v4l2_compat_ioctl32() function of the [videodev] module and making it to return -ENOIOCTLCMD error value would work just fine, except breaking all 32bit video capturing software, but not 64bit ones.\n\nAlternatively, blacklisting [videodev] module will work too, but it will break all video capturing software.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation", }, { cve: "CVE-2017-16648", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2017-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1516257", }, ], notes: [ { category: "description", text: "The dvb frontend management subsystem in the Linux kernel contains a use-after-free which can allow a malicious user to write to memory that may be assigned to another kernel structure. This could create memory corruption, panic, or possibly other side affects.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7, MRG-2 and real-time kernels.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux kernel-alt package.\n\nFuture Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-16648", }, { category: "external", summary: "RHBZ#1516257", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1516257", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-16648", url: "https://www.cve.org/CVERecord?id=CVE-2017-16648", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-16648", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-16648", }, ], release_date: "2017-10-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c", }, { cve: "CVE-2017-17805", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2017-12-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528312", }, ], notes: [ { category: "description", text: "The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AF_ALG-based skcipher interface to cause a denial of service (uninitialized-memory free and kernel crash) or have an unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 are vulnerable.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17805", }, { category: "external", summary: "RHBZ#1528312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528312", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17805", url: "https://www.cve.org/CVERecord?id=CVE-2017-17805", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17805", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17805", }, ], release_date: "2017-11-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service", }, { cve: "CVE-2017-17806", cwe: { id: "CWE-391", name: "Unchecked Error Condition", }, discovery_date: "2017-12-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1528323", }, ], notes: [ { category: "description", text: "The HMAC implementation (crypto/hmac.c) in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3), to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.", title: "Vulnerability description", }, { category: "summary", text: "kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, its real-time kernel and Red Hat Enterprise MRG 2.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-17806", }, { category: "external", summary: "RHBZ#1528323", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1528323", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-17806", url: "https://www.cve.org/CVERecord?id=CVE-2017-17806", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-17806", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-17806", }, ], release_date: "2017-11-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service", }, { cve: "CVE-2017-18075", cwe: { id: "CWE-628", name: "Function Call with Incorrectly Specified Arguments", }, discovery_date: "2018-01-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1539508", }, ], notes: [ { category: "description", text: "crypto/pcrypt.c in the Linux kernel, before 4.14.13, mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, its real-time kernel and Red Hat Enterprise MRG 2, as the code with the flaw is not enabled and is not built in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18075", }, { category: "external", summary: "RHBZ#1539508", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1539508", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18075", url: "https://www.cve.org/CVERecord?id=CVE-2017-18075", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18075", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18075", }, ], release_date: "2017-12-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service", }, { cve: "CVE-2017-18208", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2018-03-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1551565", }, ], notes: [ { category: "description", text: "The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18208", }, { category: "external", summary: "RHBZ#1551565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1551565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18208", url: "https://www.cve.org/CVERecord?id=CVE-2017-18208", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18208", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18208", }, { category: "external", summary: "https://lwn.net/Articles/618064/", url: "https://lwn.net/Articles/618064/", }, { category: "external", summary: "https://www.kernel.org/doc/Documentation/filesystems/dax.txt", url: "https://www.kernel.org/doc/Documentation/filesystems/dax.txt", }, ], release_date: "2017-11-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service", }, { cve: "CVE-2017-18344", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-07-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1610958", }, ], notes: [ { category: "description", text: "The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function.", title: "Vulnerability description", }, { category: "summary", text: "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18344", }, { category: "external", summary: "RHBZ#1610958", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1610958", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18344", url: "https://www.cve.org/CVERecord?id=CVE-2017-18344", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18344", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18344", }, ], release_date: "2017-12-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { category: "workaround", details: "Attached to this bugzilla is a systemtap script that will prevent opening (and therefore reading) the /proc/<process>/timers file which is used to leak information.\n\nThe SystemTap script is relatively small and efficient, broken into 3 distinct sections as follows:\n\n--------\n\nprobe kernel.function(\"proc_timers_open@fs/proc/base.c\").return { \n // this is -EACCES\n\t$return = -13;\n message = sprintf(\"CVE-2017-18344 mitigation denied access to %s to %s(%d)\", file_name , execname(), pid());\n // print a warning message at KERN_INFO debug level\n printk(6, message);\n}\n\nprobe begin {\n printk(6, \"Mitigation for CVE-2017-18344 loaded.\\n\");\n}\n\n\nprobe end {\n printk(6, \"Mitigation for CVE-2017-18344 unloaded.\\n\");\n}\n\n\n---------\n\nFirst, the script places a probe at the return of the kernel function “proc_timers_open” when called. This modifies the return value to be EACCES which would return this value to userspace preventing this file from being opened. When the /proc/<pid>/timer file is attempted to be opened, a message will be logged to the kernel log subsystem showing the process and pid of the application attempting to access the timer file. \n\nThis file is not in widespread use at this time, although some applications may read from it to debug or understand their own timers that are set. This mitigation will not be useful in this context.\n\nFinally, the “probe begin” and “probe end” code blocks tell systemtap to add the supplied text to the kernel log buffer via the printk function. This creates an audit trail by registering in the system logs exactly when the mitigation is loaded and unloaded. This will need to be compiled with guru mode (-g parameter) to compile.\n\nThis will need to be loaded at each boot to remain effective. Red Hat Product security recommends updating to a patched kernel when it is available.\n\nRed Hat always seeks to provide both mitigations to disable attacks as well as the actual patches to treat the flaw. To learn more about SystemTap, and how it can be used in your management of your Red Hat systems, please refer to Using SystemTap[1] or one of our videos about it within our Customer Portal[2].\n\n1 - https://access.redhat.com/articles/17839\n2 - https://access.redhat.com/search/#/?q=systemtap", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c", }, { cve: "CVE-2018-1065", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-02-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1547824", }, ], notes: [ { category: "description", text: "A flaw was found in the netfilter/iptables subsystem. A user with the netfilter modification capabilities could insert a rule which could panic the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1065", }, { category: "external", summary: "RHBZ#1547824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1547824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1065", url: "https://www.cve.org/CVERecord?id=CVE-2018-1065", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1065", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1065", }, ], release_date: "2018-02-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash", }, { cve: "CVE-2018-1068", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2018-03-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1552048", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1068", }, { category: "external", summary: "RHBZ#1552048", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1552048", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1068", url: "https://www.cve.org/CVERecord?id=CVE-2018-1068", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1068", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1068", }, ], release_date: "2018-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c", }, { acknowledgments: [ { names: [ "Wen Xu", ], }, ], cve: "CVE-2018-1092", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-03-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1560777", }, ], notes: [ { category: "description", text: "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic.", title: "Vulnerability description", }, { category: "summary", text: "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1092", }, { category: "external", summary: "RHBZ#1560777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1560777", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1092", url: "https://www.cve.org/CVERecord?id=CVE-2018-1092", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1092", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1092", }, ], release_date: "2018-03-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image", }, { acknowledgments: [ { names: [ "Wen Xu", ], }, ], cve: "CVE-2018-1094", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-03-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1560788", }, ], notes: [ { category: "description", text: "The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/xattr.c:ext4_xattr_inode_hash() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a NULL pointer dereference with a crafted ext4 image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1094", }, { category: "external", summary: "RHBZ#1560788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1560788", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1094", url: "https://www.cve.org/CVERecord?id=CVE-2018-1094", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1094", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1094", }, ], release_date: "2018-03-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image", }, { acknowledgments: [ { names: [ "Wen Xu", ], }, ], cve: "CVE-2018-1095", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-03-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1560793", }, ], notes: [ { category: "description", text: "The Linux kernel is vulnerable to an out-of-bound access bug in the fs/posix_acl.c:get_acl() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a system crash or other unspecified impact with a crafted ext4 image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", title: "Vulnerability description", }, { category: "summary", text: "kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1095", }, { category: "external", summary: "RHBZ#1560793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1560793", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1095", url: "https://www.cve.org/CVERecord?id=CVE-2018-1095", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1095", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1095", }, ], release_date: "2018-03-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image", }, { cve: "CVE-2018-1118", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-05-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1573699", }, ], notes: [ { category: "description", text: "The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", title: "Vulnerability description", }, { category: "summary", text: "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1118", }, { category: "external", summary: "RHBZ#1573699", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1573699", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1118", url: "https://www.cve.org/CVERecord?id=CVE-2018-1118", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1118", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1118", }, ], release_date: "2018-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()", }, { acknowledgments: [ { names: [ "Qualys Research Labs", ], }, ], cve: "CVE-2018-1120", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2018-05-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1575472", }, ], notes: [ { category: "description", text: "By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).", title: "Vulnerability description", }, { category: "summary", text: "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1120", }, { category: "external", summary: "RHBZ#1575472", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1575472", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1120", url: "https://www.cve.org/CVERecord?id=CVE-2018-1120", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1120", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1120", }, { category: "external", summary: "http://seclists.org/oss-sec/2018/q2/122", url: "http://seclists.org/oss-sec/2018/q2/122", }, ], release_date: "2018-05-17T17:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 2.8, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service", }, { acknowledgments: [ { names: [ "Jann Horn", ], organization: "Google Project Zero", }, { names: [ "Ken Johnson", ], organization: "Microsoft Security Response Center", }, ], cve: "CVE-2018-3639", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-03-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566890", }, ], notes: [ { category: "description", text: "An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.", title: "Vulnerability description", }, { category: "summary", text: "hw: cpu: speculative store bypass", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/ssbd", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-3639", }, { category: "external", summary: "RHBZ#1566890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566890", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-3639", url: "https://www.cve.org/CVERecord?id=CVE-2018-3639", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-3639", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-3639", }, { category: "external", summary: "https://access.redhat.com/security/vulnerabilities/ssbd", url: "https://access.redhat.com/security/vulnerabilities/ssbd", }, { category: "external", summary: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", }, { category: "external", summary: "https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf", url: "https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf", }, { category: "external", summary: "https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf", url: "https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf", }, { category: "external", summary: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html", }, ], release_date: "2018-05-21T21:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hw: cpu: speculative store bypass", }, { cve: "CVE-2018-5344", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2018-01-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1533909", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2.\n\nFuture Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-5344", }, { category: "external", summary: "RHBZ#1533909", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1533909", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-5344", url: "https://www.cve.org/CVERecord?id=CVE-2018-5344", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-5344", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-5344", }, ], release_date: "2018-01-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service", }, { acknowledgments: [ { names: [ "Juha-Matti Tilli", ], organization: "Aalto University - Department of Communications and Networking and Nokia Bell Labs", }, ], cve: "CVE-2018-5390", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-07-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601704", }, ], notes: [ { category: "description", text: "A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.", title: "Vulnerability description", }, { category: "summary", text: "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-5390", }, { category: "external", summary: "RHBZ#1601704", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601704", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-5390", url: "https://www.cve.org/CVERecord?id=CVE-2018-5390", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-5390", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-5390", }, { category: "external", summary: "https://access.redhat.com/articles/3553061", url: "https://access.redhat.com/articles/3553061", }, { category: "external", summary: "https://www.kb.cert.org/vuls/id/962459", url: "https://www.kb.cert.org/vuls/id/962459", }, { category: "external", summary: "https://www.spinics.net/lists/netdev/msg514742.html", url: "https://www.spinics.net/lists/netdev/msg514742.html", }, ], release_date: "2018-08-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)", }, { acknowledgments: [ { names: [ "Juha-Matti Tilli", ], organization: "Aalto University - Department of Communications and Networking and Nokia Bell Labs", }, ], cve: "CVE-2018-5391", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-07-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1609664", }, ], notes: [ { category: "description", text: "A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-5391", }, { category: "external", summary: "RHBZ#1609664", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1609664", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-5391", url: "https://www.cve.org/CVERecord?id=CVE-2018-5391", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-5391", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-5391", }, { category: "external", summary: "https://access.redhat.com/articles/3553061", url: "https://access.redhat.com/articles/3553061", }, { category: "external", summary: "https://www.kb.cert.org/vuls/id/641765", url: "https://www.kb.cert.org/vuls/id/641765", }, ], release_date: "2018-08-14T16:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { category: "workaround", details: "One may change the default 4MB and 3MB values of net.ipv4.ipfrag_high_thresh and net.ipv4.ipfrag_low_thresh (and their ipv6 counterparts net.ipv6.ipfrag_high_thresh and net.ipv6.ipfrag_low_thresh) to 256 kB and 192 kB (respectively) or below. Tests show some to significant CPU saturation drop during an attack, depending on a hardware, configuration and environment.\n\nThere can be some impact on performance though, due to ipfrag_high_thresh of 262144 bytes, as only two 64K fragments can fit in the reassembly queue at the same time. For example, there is a risk of breaking applications that rely on large UDP packets.\n\nSee the Mitigation section in the https://access.redhat.com/articles/3553061 article for the script to quickly change to/from default and lower settings.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)", }, { cve: "CVE-2018-5750", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-01-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1539706", }, ], notes: [ { category: "description", text: "The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2, as KASLR feature is not present or enabled in these products.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-5750", }, { category: "external", summary: "RHBZ#1539706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1539706", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-5750", url: "https://www.cve.org/CVERecord?id=CVE-2018-5750", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-5750", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-5750", }, ], release_date: "2017-12-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass", }, { cve: "CVE-2018-5803", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-03-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1551051", }, ], notes: [ { category: "description", text: "An error in the \"_sctp_make_chunk()\" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-5803", }, { category: "external", summary: "RHBZ#1551051", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1551051", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-5803", url: "https://www.cve.org/CVERecord?id=CVE-2018-5803", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-5803", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-5803", }, ], release_date: "2018-02-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service", }, { cve: "CVE-2018-5848", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, discovery_date: "2018-05-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590799", }, ], notes: [ { category: "description", text: "In the function wmi_set_ie() in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the ‘ie_len’ argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", title: "Vulnerability description", }, { category: "summary", text: "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-5848", }, { category: "external", summary: "RHBZ#1590799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-5848", url: "https://www.cve.org/CVERecord?id=CVE-2018-5848", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-5848", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-5848", }, ], release_date: "2017-12-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption", }, { cve: "CVE-2018-7566", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2018-01-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1550142", }, ], notes: [ { category: "description", text: "ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, and this may lead to UAF or out-of-bound access.", title: "Vulnerability description", }, { category: "summary", text: "kernel: race condition in snd_seq_write() may lead to UAF or OOB-access", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7566", }, { category: "external", summary: "RHBZ#1550142", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1550142", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7566", url: "https://www.cve.org/CVERecord?id=CVE-2018-7566", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7566", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7566", }, ], release_date: "2018-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: race condition in snd_seq_write() may lead to UAF or OOB-access", }, { cve: "CVE-2018-7757", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-03-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1553361", }, ], notes: [ { category: "description", text: "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-7757", }, { category: "external", summary: "RHBZ#1553361", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1553361", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-7757", url: "https://www.cve.org/CVERecord?id=CVE-2018-7757", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-7757", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-7757", }, ], release_date: "2018-03-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c", }, { cve: "CVE-2018-8781", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2018-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1571062", }, ], notes: [ { category: "description", text: "A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-8781", }, { category: "external", summary: "RHBZ#1571062", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571062", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-8781", url: "https://www.cve.org/CVERecord?id=CVE-2018-8781", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-8781", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-8781", }, ], release_date: "2018-03-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space", }, { cve: "CVE-2018-9363", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2018-08-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1623067", }, ], notes: [ { category: "description", text: "A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report() in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Buffer overflow in hidp_process_report", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "RHBZ#1623067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1623067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-9363", url: "https://www.cve.org/CVERecord?id=CVE-2018-9363", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-9363", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-9363", }, ], release_date: "2018-08-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Buffer overflow in hidp_process_report", }, { cve: "CVE-2018-10322", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1571623", }, ], notes: [ { category: "description", text: "The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel can cause a NULL pointer dereference in xfs_ilock_attr_map_shared function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10322", }, { category: "external", summary: "RHBZ#1571623", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571623", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10322", url: "https://www.cve.org/CVERecord?id=CVE-2018-10322", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10322", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10322", }, ], release_date: "2018-04-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service", }, { cve: "CVE-2018-10877", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596795", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel ext4 filesystem. An out-of-bound access is possible in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "RHBZ#1596795", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596795", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10877", url: "https://www.cve.org/CVERecord?id=CVE-2018-10877", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10877", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10877", }, ], release_date: "2018-04-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image", }, { cve: "CVE-2018-10878", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596802", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "RHBZ#1596802", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596802", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10878", url: "https://www.cve.org/CVERecord?id=CVE-2018-10878", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10878", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10878", }, ], release_date: "2018-05-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image", }, { cve: "CVE-2018-10879", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596806", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "RHBZ#1596806", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596806", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10879", url: "https://www.cve.org/CVERecord?id=CVE-2018-10879", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10879", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10879", }, ], release_date: "2018-06-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file", }, { cve: "CVE-2018-10880", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596812", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's ext4 filesystem code. A stack-out-of-bounds write in ext4_update_inline_data() is possible when mounting and writing to a crafted ext4 image. An attacker could use this to cause a system crash and a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: stack-out-of-bounds write in ext4_update_inline_data function", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "RHBZ#1596812", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596812", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10880", url: "https://www.cve.org/CVERecord?id=CVE-2018-10880", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10880", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10880", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: stack-out-of-bounds write in ext4_update_inline_data function", }, { cve: "CVE-2018-10881", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596828", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "RHBZ#1596828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596828", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10881", url: "https://www.cve.org/CVERecord?id=CVE-2018-10881", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10881", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10881", }, ], release_date: "2018-06-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image", }, { cve: "CVE-2018-10882", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596842", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in the fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: stack-out-of-bounds write infs/jbd2/transaction.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "RHBZ#1596842", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596842", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10882", url: "https://www.cve.org/CVERecord?id=CVE-2018-10882", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10882", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10882", }, ], release_date: "2018-06-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: stack-out-of-bounds write infs/jbd2/transaction.c", }, { cve: "CVE-2018-10883", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1596846", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "Vulnerability description", }, { category: "summary", text: "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "RHBZ#1596846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1596846", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10883", url: "https://www.cve.org/CVERecord?id=CVE-2018-10883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10883", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10883", }, ], release_date: "2018-06-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function", }, { cve: "CVE-2018-10940", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2018-05-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1577408", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel, before 4.16.6 where the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "Vulnerability description", }, { category: "summary", text: "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "RHBZ#1577408", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1577408", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10940", url: "https://www.cve.org/CVERecord?id=CVE-2018-10940", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10940", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10940", }, ], release_date: "2018-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c", }, { cve: "CVE-2018-11506", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2018-05-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1583210", }, ], notes: [ { category: "description", text: "The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel allows local users to cause a denial of service via a stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-11506", }, { category: "external", summary: "RHBZ#1583210", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1583210", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-11506", url: "https://www.cve.org/CVERecord?id=CVE-2018-11506", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-11506", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-11506", }, ], release_date: "2018-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact", }, { cve: "CVE-2018-12232", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590215", }, ], notes: [ { category: "description", text: "A NULL pointer dereference issue was found in the Linux kernel. If the close() and fchownat() system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-12232", }, { category: "external", summary: "RHBZ#1590215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590215", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-12232", url: "https://www.cve.org/CVERecord?id=CVE-2018-12232", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-12232", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-12232", }, ], release_date: "2018-06-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor", }, { cve: "CVE-2018-13405", cwe: { id: "CWE-284", name: "Improper Access Control", }, discovery_date: "2018-07-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1599161", }, ], notes: [ { category: "description", text: "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-13405", }, { category: "external", summary: "RHBZ#1599161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1599161", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-13405", url: "https://www.cve.org/CVERecord?id=CVE-2018-13405", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-13405", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-13405", }, ], release_date: "2018-07-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members", }, { acknowledgments: [ { names: [ "Florian Weimer", "Ondrej Mosnacek", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2018-14619", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2018-08-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1622004", }, ], notes: [ { category: "description", text: "A flaw was found in the crypto subsystem that allowed an attacker \r\nto crash the system or possibly escalate privileges with a specially crafted program.", title: "Vulnerability description", }, { category: "summary", text: "kernel: crash (possible privesc) in kernel crypto api.", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14619", }, { category: "external", summary: "RHBZ#1622004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1622004", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14619", url: "https://www.cve.org/CVERecord?id=CVE-2018-14619", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14619", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14619", }, { category: "external", summary: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc", url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc", }, ], release_date: "2018-08-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: crash (possible privesc) in kernel crypto api.", }, { cve: "CVE-2018-14641", cwe: { id: "CWE-456", name: "Missing Initialization of a Variable", }, discovery_date: "2018-09-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1629636", }, ], notes: [ { category: "description", text: "A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14641", }, { category: "external", summary: "RHBZ#1629636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1629636", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14641", url: "https://www.cve.org/CVERecord?id=CVE-2018-14641", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14641", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14641", }, ], release_date: "2018-09-18T09:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()", }, { cve: "CVE-2018-1000026", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2018-02-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1541846", }, ], notes: [ { category: "description", text: "Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service (DoS) attacks via a packet with a gso_size larger than ~9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet", title: "Vulnerability summary", }, { category: "other", text: "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, as supported configurations are not affected.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000026", }, { category: "external", summary: "RHBZ#1541846", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1541846", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000026", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000026", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000026", }, ], release_date: "2018-01-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet", }, { acknowledgments: [ { names: [ "David Rientjes", ], organization: "Google", }, ], cve: "CVE-2018-1000200", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-04-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1568744", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel where an out of memory (oom) killing of a process that has large spans of mlocked memory can result in deferencing a NULL pointer, leading to denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: NULL pointer dereference on OOM kill of large mlocked process", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000200", }, { category: "external", summary: "RHBZ#1568744", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1568744", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000200", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000200", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000200", }, ], release_date: "2018-04-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: NULL pointer dereference on OOM kill of large mlocked process", }, { cve: "CVE-2018-1000204", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2018-06-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1589324", }, ], notes: [ { category: "description", text: "A malformed SG_IO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Infoleak caused by incorrect handling of the SG_IO ioctl", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000204", }, { category: "external", summary: "RHBZ#1589324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1589324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000204", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000204", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000204", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000204", }, ], release_date: "2018-05-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-10-30T12:05:20+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:2948", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.el7a.ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: Infoleak caused by incorrect handling of the SG_IO ioctl", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.