CESA-2018:2846 -- centos 6 kernel,python-perf,perfID: oval:org.secpod.oval:def:204889 | Date: (C)2018-10-12 (M)2024-02-19 |
Class: PATCH | Family: unix |
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. * kernel: Integer overflow in Linux"s create_elf_tables function For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Juha-Matti Tilli for reporting CVE-2018-5391 and Qualys Research Labs for reporting CVE-2018-14634. Bug Fix: These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3635371
Product: |
kernel |
python-perf |
perf |