[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2018:1062 -- centos 7 kernel-abi-whitelists

ID: oval:org.secpod.oval:def:204791Date: (C)2018-05-25   (M)2024-02-19
Class: PATCHFamily: unix




The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * kernel: Buffer overflow in firewire driver via crafted incoming packets * kernel: Use-after-free vulnerability in DCCP socket * Kernel: kvm: nVMX: L2 guest could access hardware CR8 register * kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation * kernel: media: use-after-free in [tuner-xc2028] media driver * kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl * kernel: Incorrect type conversion for size during dma allocation * kernel: memory leak when merging buffers in SCSI IO vectors * kernel: vfs: BUG in truncate_inode_pages_range and fuse client * kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c * kernel: net: double-free and memory corruption in get_net_ns_by_id * kernel: Use-after-free in snd_seq_ioctl_create_port * kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure * kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity * kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow * kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c * kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject allows local users to cause a denial of service * kernel: kvm: Reachable BUG on out-of-bounds guest IRQ * Kernel: KVM: DoS via write flood to I/O port 0x80 * kernel: Stack information leak in the EFS element * kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add function potentially allowing KASLR bypass * kernel: Race condition in sound system can lead to denial of service * kernel: multiple Low security impact security issues Red Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Google Project Zero for reporting CVE-2017-5754; Mohamed Ghannam for reporting CVE-2017-8824; Jim Mattson for reporting CVE-2017-12154; Vitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli for reporting CVE-2017-15126; Kirill Tkhai for reporting CVE-2017-15129; Jan H. Schonherr for reporting CVE-2017-1000252; and Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was discovered by Miklos Szeredi and the CVE-2017-15116 issue was discovered by ChunYu Wang . For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

Platform:
CentOS 7
Product:
kernel-abi-whitelists
kernel-doc
Reference:
CESA-2018:1062
CVE-2018-1000004
CVE-2018-6927
CVE-2018-5750
CVE-2017-1000410
CVE-2017-1000407
CVE-2017-1000252
CVE-2017-18270
CVE-2017-18203
CVE-2017-18017
CVE-2017-17558
CVE-2017-17449
CVE-2017-17448
CVE-2017-15274
CVE-2017-15265
CVE-2017-15129
CVE-2017-15127
CVE-2017-15126
CVE-2017-15121
CVE-2017-15116
CVE-2017-14140
CVE-2017-13305
CVE-2017-13166
CVE-2017-12190
CVE-2017-12154
CVE-2017-9725
CVE-2017-8824
CVE-2017-7294
CVE-2016-8633
CVE-2016-7913
CVE-2016-3672
CVE-2018-1066
CVE-2017-5754
CVE-2017-5715
CVE    33
CVE-2016-8633
CVE-2016-7913
CVE-2017-15127
CVE-2017-15126
...
CPE    3
cpe:/a:linux:kernel-abi-whitelists
cpe:/a:linux:kernel-doc
cpe:/o:centos:centos:7

© SecPod Technologies