RHSA-2018:1319-01 -- Redhat kernel, perfID: oval:org.secpod.oval:def:502286 | Date: (C)2018-05-11 (M)2024-02-19 |
Class: PATCH | Family: unix |
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * hw: cpu: speculative execution permission faults handling * Kernel: error in exception handling leads to DoS * kernel: nfsd: Incorrect handling of long RPC replies * kernel: Use-after-free vulnerability in DCCP socket * kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation * kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c * kernel: Stack information leak in the EFS element For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410. Bug Fix: These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591
Platform: |
Red Hat Enterprise Linux 6 |