var-201801-1708
Vulnerability from variot
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. Linux Kernel Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Linux kernel versions prior to 4.11, and 4.9.x prior to 4.9.36 are vulnerable. 6) - i386, x86_64
Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591
Security Fix(es):
- An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639)
Note: This issue is present in hardware and cannot be fully fixed via software update. To be fully functional, up-to-date CPU microcode applied on the system might be required.
In this update, mitigation for PowerPC architecture is provided. Bugs fixed (https://bugzilla.redhat.com/):
1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
-
7) - noarch, x86_64
-
Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2018:1062-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1062 Issue date: 2018-04-10 CVE Names: CVE-2016-3672 CVE-2016-7913 CVE-2016-8633 CVE-2017-7294 CVE-2017-8824 CVE-2017-9725 CVE-2017-12154 CVE-2017-12190 CVE-2017-13166 CVE-2017-14140 CVE-2017-15116 CVE-2017-15121 CVE-2017-15126 CVE-2017-15127 CVE-2017-15129 CVE-2017-15265 CVE-2017-17448 CVE-2017-17449 CVE-2017-17558 CVE-2017-18017 CVE-2017-18203 CVE-2017-1000252 CVE-2017-1000407 CVE-2017-1000410 CVE-2018-5750 CVE-2018-6927 CVE-2018-1000004 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Security Fix(es):
-
hw: cpu: speculative execution permission faults handling (CVE-2017-5754, Important, KVM for Power)
-
kernel: Buffer overflow in firewire driver via crafted incoming packets (CVE-2016-8633, Important)
-
kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824, Important)
-
Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register (CVE-2017-12154, Important)
-
kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166, Important)
-
kernel: media: use-after-free in [tuner-xc2028] media driver (CVE-2016-7913, Moderate)
-
kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294, Moderate)
-
kernel: Incorrect type conversion for size during dma allocation (CVE-2017-9725, Moderate)
-
kernel: memory leak when merging buffers in SCSI IO vectors (CVE-2017-12190, Moderate)
-
kernel: vfs: BUG in truncate_inode_pages_range() and fuse client (CVE-2017-15121, Moderate)
-
kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c (CVE-2017-15126, Moderate)
-
kernel: net: double-free and memory corruption in get_net_ns_by_id() (CVE-2017-15129, Moderate)
-
kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265, Moderate)
-
kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure (CVE-2017-17448, Moderate)
-
kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity (CVE-2017-17449, Moderate)
-
kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow (CVE-2017-17558, Moderate)
-
kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017, Moderate)
-
kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203, Moderate)
-
kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ (CVE-2017-1000252, Moderate)
-
Kernel: KVM: DoS via write flood to I/O port 0x80 (CVE-2017-1000407, Moderate)
-
kernel: Stack information leak in the EFS element (CVE-2017-1000410, Moderate)
-
kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass (CVE-2018-5750, Moderate)
-
kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004, Moderate)
-
kernel: multiple Low security impact security issues (CVE-2016-3672, CVE-2017-14140, CVE-2017-15116, CVE-2017-15127, CVE-2018-6927, Low)
Red Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Google Project Zero for reporting CVE-2017-5754; Mohamed Ghannam for reporting CVE-2017-8824; Jim Mattson (Google.com) for reporting CVE-2017-12154; Vitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli (Engineering) for reporting CVE-2017-15126; Kirill Tkhai for reporting CVE-2017-15129; Jan H. SchAPnherr (Amazon) for reporting CVE-2017-1000252; and Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was discovered by Miklos Szeredi (Red Hat) and the CVE-2017-15116 issue was discovered by ChunYu Wang (Red Hat).
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1132610 - nfsd does not release free space of a file created with dd oflag=direct where there was no space left on device even after manual deletion 1324749 - CVE-2016-3672 kernel: unlimiting the stack disables ASLR 1334439 - Unable to disable IPv6 DAD or Optimistic DAD for all interfaces 1372079 - ixgbe nic is falsely advertising MII support 1391490 - CVE-2016-8633 kernel: Buffer overflow in firewire driver via crafted incoming packets 1402885 - CVE-2016-7913 kernel: media: use-after-free in [tuner-xc2028] media driver 1436798 - CVE-2017-7294 kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() 1450205 - Gratuitous ARP updates received in span of 2-3 seconds time frame are all ignored 1458032 - [Intel 7.5 Bug] KVMGT: Bogus PCI BAR emulation 1460213 - cls_matchall: kernel panic when used with classful qdiscs 1461282 - kernel: ICMP rate limiting is too aggressive on loopback 1471875 - soft lockups during unmount when dentry cache is very large 1488329 - CVE-2017-14140 kernel: Missing permission check in move_pages system call 1489088 - CVE-2017-9725 kernel: Incorrect type conversion for size during dma allocation 1489542 - Behavior change in autofs expiry timer when a path walk is done following commit from BZ 1413523 1490673 - Kernel Panic always happen immediately whenever make "debug.panic_on_rcu_stall=1" set on RHEL7.4 1490781 - CVE-2017-1000252 kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ 1491224 - CVE-2017-12154 Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register 1493125 - [RFE] Kernel address space layout randomization [KASLR] qemu support (kernel) 1495089 - CVE-2017-12190 kernel: memory leak when merging buffers in SCSI IO vectors 1496836 - [RH 7.5 bug] Request for upstream commit 3664847d95e6 to be merged into RHEL 7.5/7.4 1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port() 1502601 - [Hyper-V][RHEL7.4] hang when thaw on microsoft hyper-v 1506382 - deadlock in nfs v4 client init 1507025 - [ESXi][RHEL7.5]x86/vmware: Skip timer_irq_works() check on VMware 1507026 - [ESXi][RHEL7.5]x86/vmware: Skip lapic calibration on VMware. 1514609 - CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function 1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element 1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling 1520328 - CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80 1520893 - CVE-2017-15121 kernel: vfs: BUG in truncate_inode_pages_range() and fuse client 1523481 - CVE-2017-15126 kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c 1525218 - CVE-2017-15127 kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c 1525474 - CVE-2017-17558 kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow 1525762 - CVE-2017-17449 kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity 1525768 - CVE-2017-17448 kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure 1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c 1531174 - CVE-2017-15129 kernel: net: double-free and memory corruption in get_net_ns_by_id() 1534272 - md: raid0 device creation prints blank line to journalctl 1535315 - CVE-2018-1000004 kernel: Race condition in sound system can lead to denial of service 1539706 - CVE-2018-5750 kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass 1542013 - RHEL-7.5: Cannot set port mirroring onto two interface 1544612 - CVE-2018-6927 kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact 1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation 1550811 - CVE-2017-18203 kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
ppc64: kernel-3.10.0-862.el7.ppc64.rpm kernel-bootwrapper-3.10.0-862.el7.ppc64.rpm kernel-debug-3.10.0-862.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debug-devel-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm kernel-devel-3.10.0-862.el7.ppc64.rpm kernel-headers-3.10.0-862.el7.ppc64.rpm kernel-tools-3.10.0-862.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-tools-libs-3.10.0-862.el7.ppc64.rpm perf-3.10.0-862.el7.ppc64.rpm perf-debuginfo-3.10.0-862.el7.ppc64.rpm python-perf-3.10.0-862.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64.rpm
ppc64le: kernel-3.10.0-862.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.el7.ppc64le.rpm kernel-debug-3.10.0-862.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm kernel-devel-3.10.0-862.el7.ppc64le.rpm kernel-headers-3.10.0-862.el7.ppc64le.rpm kernel-tools-3.10.0-862.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.el7.ppc64le.rpm perf-3.10.0-862.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.el7.ppc64le.rpm python-perf-3.10.0-862.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm
s390x: kernel-3.10.0-862.el7.s390x.rpm kernel-debug-3.10.0-862.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.el7.s390x.rpm kernel-debug-devel-3.10.0-862.el7.s390x.rpm kernel-debuginfo-3.10.0-862.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.el7.s390x.rpm kernel-devel-3.10.0-862.el7.s390x.rpm kernel-headers-3.10.0-862.el7.s390x.rpm kernel-kdump-3.10.0-862.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.el7.s390x.rpm perf-3.10.0-862.el7.s390x.rpm perf-debuginfo-3.10.0-862.el7.s390x.rpm python-perf-3.10.0-862.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.el7.s390x.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: kernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-862.el7.ppc64.rpm perf-debuginfo-3.10.0-862.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFazIO0XlSAg2UNWIIRAsrvAKC6oeVVzqbL2khLh037fNiseMvX+QCfS3iv EDnvsFcBpZQPFqATi/MtziA= =lsfK -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================== Ubuntu Security Notice USN-3583-2 February 23, 2018
linux-lts-trusty vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM
Details:
USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. An attacker could construct a malicious file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-0750)
It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-0861)
It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service (system crash) in the host OS. (CVE-2017-1000407)
Bo Zhang discovered that the netlink wireless configuration interface in the Linux kernel did not properly validate attributes when handling certain requests. A local attacker with the CAP_NET_ADMIN could use this to cause a denial of service (system crash). (CVE-2017-12153)
Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel did not properly track reference counts when merging buffers. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-12190)
It was discovered that the key management subsystem in the Linux kernel did not properly restrict key reads on negatively instantiated keys. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-12192)
It was discovered that an integer overflow existed in the sysfs interface for the QLogic 24xx+ series SCSI driver in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2017-14051)
Otto Ebeling discovered that the memory manager in the Linux kernel did not properly check the effective UID in some situations. A local attacker could use this to expose sensitive information. (CVE-2017-14140)
It was discovered that the ATI Radeon framebuffer driver in the Linux kernel did not properly initialize a data structure returned to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-14156)
ChunYu Wang discovered that the iSCSI transport implementation in the Linux kernel did not properly validate data structures. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-14489)
James Patrick-Evans discovered a race condition in the LEGO USB Infrared Tower driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code, (CVE-2017-15115)
It was discovered that the key management subsystem in the Linux kernel did not properly handle NULL payloads with non-zero length values. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-15274)
It was discovered that the Bluebooth Network Encapsulation Protocol (BNEP) implementation in the Linux kernel did not validate the type of socket passed in the BNEPCONNADD ioctl(). A local attacker with the CAP_NET_ADMIN privilege could use this to cause a denial of service (system crash) or possibly execute arbitrary code. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16525)
It was discovered that the netfilter passive OS fingerprinting (xt_osf) module did not properly perform access control checks. A local attacker could improperly modify the systemwide OS fingerprint list. (CVE-2017-17450)
It was discovered that the HMAC implementation did not validate the state of the underlying cryptographic hash algorithm. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. A remote attacker could use this to cause a denial of service (system crash). (CVE-2017-18017)
Gareth Evans discovered that the shm IPC subsystem in the Linux kernel did not properly restrict mapping page zero. A local privileged attacker could use this to execute arbitrary code. (CVE-2017-5669)
It was discovered that an integer overflow vulnerability existing in the IPv6 implementation in the Linux kernel. A local attacker could use this to cause a denial of service (infinite loop). (CVE-2017-7542)
Tommi Rantala and Brad Spengler discovered that the memory manager in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism. A local attacker with access to /dev/mem could use this to expose sensitive information or possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8824)
Mohamed Ghannam discovered a null pointer dereference in the RDS (Reliable Datagram Sockets) protocol implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-5333)
ee3/4ePS discovered that a race condition existed in loop block device implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-5344)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: linux-image-3.13.0-142-generic 3.13.0-142.191~precise1 linux-image-3.13.0-142-generic-lpae 3.13.0-142.191~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.142.133 linux-image-generic-lts-trusty 3.13.0.142.133
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/usn/usn-3583-2 https://usn.ubuntu.com/usn/usn-3583-1 CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153, CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140, CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115, CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450, CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-7542, CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1708",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.19"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.10.108"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.2.99"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "eos",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": "4.20.1fx-virtual-router"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux enterprise module for public cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.76"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.11"
},
{
"model": "linux enterprise high availability extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.17"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "caas platform",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.2"
},
{
"model": "linux enterprise live patching",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "arx",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "6.2.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.10"
},
{
"model": "linux enterprise high availability",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.2"
},
{
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "cloud magnum orchestration",
"scope": "eq",
"trust": 1.0,
"vendor": "openstack",
"version": "7"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "arx",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "6.4.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.18.60"
},
{
"model": "linux enterprise real time extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.16.54"
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.11"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.1.43"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux enterprise real time extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.9,
"vendor": "linux",
"version": "4.10.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.9,
"vendor": "linux",
"version": "4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.9,
"vendor": "linux",
"version": "4.10.15"
},
{
"model": "kernel",
"scope": "lt",
"trust": 0.8,
"vendor": "linux",
"version": "4.9.x"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.8,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "4.10.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.80"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.65"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.42"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.88"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.48"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.0-57"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.87"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.90"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.53"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.71"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.67"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.40"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.70"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.76"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.47"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.82"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.55"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.50"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.59"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.75"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.66"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.64"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.93"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.57"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.64"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.56"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.43"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.61"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.65"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.42"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.41"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.39"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.58"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.52"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.86"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.78"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.58"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.10"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.17"
},
{
"model": "mrg realtime for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.69"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.33"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.98"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.7"
}
],
"sources": [
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:linux:linux_kernel",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147146"
}
],
"trust": 0.4
},
"cve": "CVE-2017-18017",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-18017",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-109097",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18017",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-18017",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18017",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-18017",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-145",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-109097",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-18017",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. Linux Kernel Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Linux Kernel is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. \nLinux kernel versions prior to 4.11, and 4.9.x prior to 4.9.36 are vulnerable. 6) - i386, x86_64\n\n3. \n\nRed Hat would like to thank Google Project Zero for reporting\nCVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for\nreporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and\nArmis Labs for reporting CVE-2017-1000410. \n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space\nprecludes documenting all of these bug fixes in this advisory. See the bug\nfix descriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3431591\n\n4. \n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2018-3639)\n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. To be fully functional, up-to-date CPU\nmicrocode applied on the system might be required. \n\nIn this update, mitigation for PowerPC architecture is provided. Bugs fixed (https://bugzilla.redhat.com/):\n\n1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n\n6. 7) - noarch, x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security, bug fix, and enhancement update\nAdvisory ID: RHSA-2018:1062-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:1062\nIssue date: 2018-04-10\nCVE Names: CVE-2016-3672 CVE-2016-7913 CVE-2016-8633 \n CVE-2017-7294 CVE-2017-8824 CVE-2017-9725 \n CVE-2017-12154 CVE-2017-12190 CVE-2017-13166 \n CVE-2017-14140 CVE-2017-15116 CVE-2017-15121 \n CVE-2017-15126 CVE-2017-15127 CVE-2017-15129 \n CVE-2017-15265 CVE-2017-17448 CVE-2017-17449 \n CVE-2017-17558 CVE-2017-18017 CVE-2017-18203 \n CVE-2017-1000252 CVE-2017-1000407 CVE-2017-1000410 \n CVE-2018-5750 CVE-2018-6927 CVE-2018-1000004 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. \n\nSecurity Fix(es):\n\n* hw: cpu: speculative execution permission faults handling (CVE-2017-5754,\nImportant, KVM for Power)\n\n* kernel: Buffer overflow in firewire driver via crafted incoming packets\n(CVE-2016-8633, Important)\n\n* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824,\nImportant)\n\n* Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register\n(CVE-2017-12154, Important)\n\n* kernel: v4l2: disabled memory access protection mechanism allowing\nprivilege escalation (CVE-2017-13166, Important)\n\n* kernel: media: use-after-free in [tuner-xc2028] media driver\n(CVE-2016-7913, Moderate)\n\n* kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()\n(CVE-2017-7294, Moderate)\n\n* kernel: Incorrect type conversion for size during dma allocation\n(CVE-2017-9725, Moderate)\n\n* kernel: memory leak when merging buffers in SCSI IO vectors\n(CVE-2017-12190, Moderate)\n\n* kernel: vfs: BUG in truncate_inode_pages_range() and fuse client\n(CVE-2017-15121, Moderate)\n\n* kernel: Use-after-free in userfaultfd_event_wait_completion function in\nuserfaultfd.c (CVE-2017-15126, Moderate)\n\n* kernel: net: double-free and memory corruption in get_net_ns_by_id()\n(CVE-2017-15129, Moderate)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265,\nModerate)\n\n* kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c\nallows for unprivileged access to systemwide nfnl_cthelper_list structure\n(CVE-2017-17448, Moderate)\n\n* kernel: Missing namespace check in net/netlink/af_netlink.c allows for\nnetwork monitors to observe systemwide activity (CVE-2017-17449, Moderate)\n\n* kernel: Unallocated memory access by malicious USB device via\nbNumInterfaces overflow (CVE-2017-17558, Moderate)\n\n* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in\nnet/netfilter/xt_TCPMSS.c (CVE-2017-18017, Moderate)\n\n* kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows\nlocal users to cause a denial of service (CVE-2017-18203, Moderate)\n\n* kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ\n(CVE-2017-1000252, Moderate)\n\n* Kernel: KVM: DoS via write flood to I/O port 0x80 (CVE-2017-1000407,\nModerate)\n\n* kernel: Stack information leak in the EFS element (CVE-2017-1000410,\nModerate)\n\n* kernel: Kernel address information leak in\ndrivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing\nKASLR bypass (CVE-2018-5750, Moderate)\n\n* kernel: Race condition in sound system can lead to denial of service\n(CVE-2018-1000004, Moderate)\n\n * kernel: multiple Low security impact security issues (CVE-2016-3672,\nCVE-2017-14140, CVE-2017-15116, CVE-2017-15127, CVE-2018-6927, Low)\n\nRed Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Google\nProject Zero for reporting CVE-2017-5754; Mohamed Ghannam for reporting\nCVE-2017-8824; Jim Mattson (Google.com) for reporting CVE-2017-12154;\nVitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli\n(Engineering) for reporting CVE-2017-15126; Kirill Tkhai for reporting\nCVE-2017-15129; Jan H. SchAPnherr (Amazon) for reporting CVE-2017-1000252;\nand Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was\ndiscovered by Miklos Szeredi (Red Hat) and the CVE-2017-15116 issue was\ndiscovered by ChunYu Wang (Red Hat). \n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.5 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1132610 - nfsd does not release free space of a file created with dd oflag=direct where there was no space left on device even after manual deletion\n1324749 - CVE-2016-3672 kernel: unlimiting the stack disables ASLR\n1334439 - Unable to disable IPv6 DAD or Optimistic DAD for all interfaces\n1372079 - ixgbe nic is falsely advertising MII support\n1391490 - CVE-2016-8633 kernel: Buffer overflow in firewire driver via crafted incoming packets\n1402885 - CVE-2016-7913 kernel: media: use-after-free in [tuner-xc2028] media driver\n1436798 - CVE-2017-7294 kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()\n1450205 - Gratuitous ARP updates received in span of 2-3 seconds time frame are all ignored\n1458032 - [Intel 7.5 Bug] KVMGT: Bogus PCI BAR emulation\n1460213 - cls_matchall: kernel panic when used with classful qdiscs\n1461282 - kernel: ICMP rate limiting is too aggressive on loopback\n1471875 - soft lockups during unmount when dentry cache is very large\n1488329 - CVE-2017-14140 kernel: Missing permission check in move_pages system call\n1489088 - CVE-2017-9725 kernel: Incorrect type conversion for size during dma allocation\n1489542 - Behavior change in autofs expiry timer when a path walk is done following commit from BZ 1413523\n1490673 - Kernel Panic always happen immediately whenever make \"debug.panic_on_rcu_stall=1\" set on RHEL7.4\n1490781 - CVE-2017-1000252 kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ\n1491224 - CVE-2017-12154 Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register\n1493125 - [RFE] Kernel address space layout randomization [KASLR] qemu support (kernel)\n1495089 - CVE-2017-12190 kernel: memory leak when merging buffers in SCSI IO vectors\n1496836 - [RH 7.5 bug] Request for upstream commit 3664847d95e6 to be merged into RHEL 7.5/7.4\n1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port()\n1502601 - [Hyper-V][RHEL7.4] hang when thaw on microsoft hyper-v\n1506382 - deadlock in nfs v4 client init\n1507025 - [ESXi][RHEL7.5]x86/vmware: Skip timer_irq_works() check on VMware\n1507026 - [ESXi][RHEL7.5]x86/vmware: Skip lapic calibration on VMware. \n1514609 - CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function\n1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element\n1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n1520328 - CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80\n1520893 - CVE-2017-15121 kernel: vfs: BUG in truncate_inode_pages_range() and fuse client\n1523481 - CVE-2017-15126 kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c\n1525218 - CVE-2017-15127 kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c\n1525474 - CVE-2017-17558 kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow\n1525762 - CVE-2017-17449 kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity\n1525768 - CVE-2017-17448 kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure\n1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c\n1531174 - CVE-2017-15129 kernel: net: double-free and memory corruption in get_net_ns_by_id()\n1534272 - md: raid0 device creation prints blank line to journalctl\n1535315 - CVE-2018-1000004 kernel: Race condition in sound system can lead to denial of service\n1539706 - CVE-2018-5750 kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass\n1542013 - RHEL-7.5: Cannot set port mirroring onto two interface\n1544612 - CVE-2018-6927 kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact\n1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation\n1550811 - CVE-2017-18203 kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-862.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.el7.noarch.rpm\nkernel-doc-3.10.0-862.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.el7.x86_64.rpm\nkernel-debug-3.10.0-862.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-devel-3.10.0-862.el7.x86_64.rpm\nkernel-headers-3.10.0-862.el7.x86_64.rpm\nkernel-tools-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.el7.x86_64.rpm\nperf-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-862.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.el7.noarch.rpm\nkernel-doc-3.10.0-862.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.el7.x86_64.rpm\nkernel-debug-3.10.0-862.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-devel-3.10.0-862.el7.x86_64.rpm\nkernel-headers-3.10.0-862.el7.x86_64.rpm\nkernel-tools-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.el7.x86_64.rpm\nperf-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-862.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.el7.noarch.rpm\nkernel-doc-3.10.0-862.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-862.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-862.el7.ppc64.rpm\nkernel-debug-3.10.0-862.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-862.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-862.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm\nkernel-devel-3.10.0-862.el7.ppc64.rpm\nkernel-headers-3.10.0-862.el7.ppc64.rpm\nkernel-tools-3.10.0-862.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-862.el7.ppc64.rpm\nperf-3.10.0-862.el7.ppc64.rpm\nperf-debuginfo-3.10.0-862.el7.ppc64.rpm\npython-perf-3.10.0-862.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-862.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-862.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-862.el7.ppc64le.rpm\nkernel-debug-3.10.0-862.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm\nkernel-devel-3.10.0-862.el7.ppc64le.rpm\nkernel-headers-3.10.0-862.el7.ppc64le.rpm\nkernel-tools-3.10.0-862.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-862.el7.ppc64le.rpm\nperf-3.10.0-862.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.el7.ppc64le.rpm\npython-perf-3.10.0-862.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-862.el7.s390x.rpm\nkernel-debug-3.10.0-862.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.s390x.rpm\nkernel-debug-devel-3.10.0-862.el7.s390x.rpm\nkernel-debuginfo-3.10.0-862.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-862.el7.s390x.rpm\nkernel-devel-3.10.0-862.el7.s390x.rpm\nkernel-headers-3.10.0-862.el7.s390x.rpm\nkernel-kdump-3.10.0-862.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-862.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-862.el7.s390x.rpm\nperf-3.10.0-862.el7.s390x.rpm\nperf-debuginfo-3.10.0-862.el7.s390x.rpm\npython-perf-3.10.0-862.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-862.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-862.el7.x86_64.rpm\nkernel-debug-3.10.0-862.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-devel-3.10.0-862.el7.x86_64.rpm\nkernel-headers-3.10.0-862.el7.x86_64.rpm\nkernel-tools-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.el7.x86_64.rpm\nperf-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-862.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-862.el7.ppc64.rpm\nperf-debuginfo-3.10.0-862.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-862.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-862.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-862.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-862.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.el7.noarch.rpm\nkernel-doc-3.10.0-862.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.el7.x86_64.rpm\nkernel-debug-3.10.0-862.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-devel-3.10.0-862.el7.x86_64.rpm\nkernel-headers-3.10.0-862.el7.x86_64.rpm\nkernel-tools-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.el7.x86_64.rpm\nperf-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFazIO0XlSAg2UNWIIRAsrvAKC6oeVVzqbL2khLh037fNiseMvX+QCfS3iv\nEDnvsFcBpZQPFqATi/MtziA=\n=lsfK\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ==========================================================================\nUbuntu Security Notice USN-3583-2\nFebruary 23, 2018\n\nlinux-lts-trusty vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM\n\nDetails:\n\nUSN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu\n12.04 ESM. An attacker could\nconstruct a malicious file system that, when mounted, could cause a denial\nof service (system crash) or possibly execute arbitrary code. \n(CVE-2017-0750)\n\nIt was discovered that a race condition leading to a use-after-free\nvulnerability existed in the ALSA PCM subsystem of the Linux kernel. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2017-0861)\n\nIt was discovered that the KVM implementation in the Linux kernel allowed\npassthrough of the diagnostic I/O port 0x80. An attacker in a guest VM\ncould use this to cause a denial of service (system crash) in the host OS. \n(CVE-2017-1000407)\n\nBo Zhang discovered that the netlink wireless configuration interface in\nthe Linux kernel did not properly validate attributes when handling certain\nrequests. A local attacker with the CAP_NET_ADMIN could use this to cause a\ndenial of service (system crash). (CVE-2017-12153)\n\nVitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel\ndid not properly track reference counts when merging buffers. A local\nattacker could use this to cause a denial of service (memory exhaustion). \n(CVE-2017-12190)\n\nIt was discovered that the key management subsystem in the Linux kernel did\nnot properly restrict key reads on negatively instantiated keys. A local\nattacker could use this to cause a denial of service (system crash). \n(CVE-2017-12192)\n\nIt was discovered that an integer overflow existed in the sysfs interface\nfor the QLogic 24xx+ series SCSI driver in the Linux kernel. A local\nprivileged attacker could use this to cause a denial of service (system\ncrash). (CVE-2017-14051)\n\nOtto Ebeling discovered that the memory manager in the Linux kernel did not\nproperly check the effective UID in some situations. A local attacker could\nuse this to expose sensitive information. (CVE-2017-14140)\n\nIt was discovered that the ATI Radeon framebuffer driver in the Linux\nkernel did not properly initialize a data structure returned to user space. \nA local attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2017-14156)\n\nChunYu Wang discovered that the iSCSI transport implementation in the Linux\nkernel did not properly validate data structures. A local attacker could\nuse this to cause a denial of service (system crash). (CVE-2017-14489)\n\nJames Patrick-Evans discovered a race condition in the LEGO USB Infrared\nTower driver in the Linux kernel. A physically proximate attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code, (CVE-2017-15115)\n\nIt was discovered that the key management subsystem in the Linux kernel did\nnot properly handle NULL payloads with non-zero length values. A local\nattacker could use this to cause a denial of service (system crash). \n(CVE-2017-15274)\n\nIt was discovered that the Bluebooth Network Encapsulation Protocol (BNEP)\nimplementation in the Linux kernel did not validate the type of socket\npassed in the BNEPCONNADD ioctl(). A local attacker with the CAP_NET_ADMIN\nprivilege could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2017-16525)\n\nIt was discovered that the netfilter passive OS fingerprinting (xt_osf)\nmodule did not properly perform access control checks. A local attacker\ncould improperly modify the systemwide OS fingerprint list. \n(CVE-2017-17450)\n\nIt was discovered that the HMAC implementation did not validate the state\nof the underlying cryptographic hash algorithm. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. A remote attacker could use\nthis to cause a denial of service (system crash). (CVE-2017-18017)\n\nGareth Evans discovered that the shm IPC subsystem in the Linux kernel did\nnot properly restrict mapping page zero. A local privileged attacker could\nuse this to execute arbitrary code. (CVE-2017-5669)\n\nIt was discovered that an integer overflow vulnerability existing in the\nIPv6 implementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (infinite loop). (CVE-2017-7542)\n\nTommi Rantala and Brad Spengler discovered that the memory manager in the\nLinux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection\nmechanism. A local attacker with access to /dev/mem could use this to\nexpose sensitive information or possibly execute arbitrary code. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2017-8824)\n\nMohamed Ghannam discovered a null pointer dereference in the RDS (Reliable\nDatagram Sockets) protocol implementation of the Linux kernel. A local\nattacker could use this to cause a denial of service (system crash). \n(CVE-2018-5333)\n\nee3/4ePS discovered that a race condition existed in loop block device\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-5344)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n linux-image-3.13.0-142-generic 3.13.0-142.191~precise1\n linux-image-3.13.0-142-generic-lpae 3.13.0-142.191~precise1\n linux-image-generic-lpae-lts-trusty 3.13.0.142.133\n linux-image-generic-lts-trusty 3.13.0.142.133\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://usn.ubuntu.com/usn/usn-3583-2\n https://usn.ubuntu.com/usn/usn-3583-1\n CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153,\n CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140,\n CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115,\n CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450,\n CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-7542,\n CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147146"
},
{
"db": "PACKETSTORM",
"id": "146535"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18017",
"trust": 3.4
},
{
"db": "BID",
"id": "102367",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2918",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1089",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0570",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147936",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-109097",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-18017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147113",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147146",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146535",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147146"
},
{
"db": "PACKETSTORM",
"id": "146535"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"id": "VAR-201801-1708",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T21:27:28.198000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ChangeLog-4.9.36",
"trust": 0.8,
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36"
},
{
"title": "netfilter: xt_TCPMSS: add more sanity tests on tcph-\u003edoff",
"trust": 0.8,
"url": "https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"title": "Linux Kernel Archives",
"trust": 0.8,
"url": "http://www.kernel.org"
},
{
"title": "netfilter: xt_TCPMSS: add more sanity tests on tcph-\u003edoff",
"trust": 0.8,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"title": "Linux kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77460"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20181737 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20181319 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20181170 - Security Advisory"
},
{
"title": "IBM: IBM Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4762a13ce766481780ca81e6d0ac6aca"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20181130 - Security Advisory"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem models V840 and V9000",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=7e9caa3ad3bc08db914510b615544169"
},
{
"title": "Red Hat: CVE-2017-18017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2017-18017"
},
{
"title": "Red Hat: Important: kernel-rt security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20180676 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20181062 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3583-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3583-2"
},
{
"title": "Symantec Security Advisories: Linux Kernel Aug 2017 - Sep 2018 Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=b3193a96468975c04eb9f136ca9abec4"
},
{
"title": "Debian Security Advisories: DSA-4187-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=c1e7a2b9a6a788d0d58529e52dc12cc3"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f5bb2b180c7c77e5a02747a1f31830d9"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=ae57a14ec914f60b7203332a77613077"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=05b5bbd6fb289370b459faf1f4e3919d"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2017-18017 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/darngcode/about-linux-Azure "
},
{
"title": "network-magic",
"trust": 0.1,
"url": "https://github.com/intrajp/network-magic "
},
{
"title": "hiboma",
"trust": 0.1,
"url": "https://github.com/hiboma/hiboma "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://patchwork.ozlabs.org/patch/746618/"
},
{
"trust": 2.0,
"url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1739765"
},
{
"trust": 2.0,
"url": "https://github.com/torvalds/linux/commit/2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"trust": 2.0,
"url": "https://lkml.org/lkml/2017/4/2/13"
},
{
"trust": 2.0,
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/changelog-4.9.36"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:0676"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1062"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1319"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:1737"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102367"
},
{
"trust": 1.7,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.7,
"url": "https://support.f5.com/csp/article/k18352029"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"trust": 1.7,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/4577-security-advisory-34"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:1130"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2018:1170"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3583-1"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/3583-1/"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3583-2"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/3583-2/"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18017"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18017"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10957179"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2918/"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10957179"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78218"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10957177"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76030"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-18017"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8824"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "http://www.kernel.org/"
},
{
"trust": 0.3,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901"
},
{
"trust": 0.3,
"url": "https://www.oracle.com/technetwork/topics/security/linuxbulletinapr2018-4431087.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13166"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-8824"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13166"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-1000410"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000410"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14140"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000407"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12190"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-12154"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12154"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15265"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-15265"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-15129"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-17449"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7913"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-6927"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1000004"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-7913"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-15121"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-15126"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15116"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-17558"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-12190"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17449"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-3672"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8633"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9725"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-18203"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-1000252"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-17448"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3672"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17448"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15126"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-9725"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-14140"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17558"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-1000407"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15121"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8633"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15129"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15127"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-15116"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-1000252"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-5750"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-7294"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18203"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7294"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000004"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-15127"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-8897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3431591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3461451"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-17053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-0750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5344"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-0861"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15274"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15115"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14156"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15868"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-15102"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3583-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14051"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5669"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17806"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3583-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17450"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147146"
},
{
"db": "PACKETSTORM",
"id": "146535"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-109097"
},
{
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"db": "BID",
"id": "102367"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"db": "PACKETSTORM",
"id": "147535"
},
{
"db": "PACKETSTORM",
"id": "147936"
},
{
"db": "PACKETSTORM",
"id": "147113"
},
{
"db": "PACKETSTORM",
"id": "147146"
},
{
"db": "PACKETSTORM",
"id": "146535"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-109097"
},
{
"date": "2018-01-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"date": "2018-01-03T00:00:00",
"db": "BID",
"id": "102367"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"date": "2018-05-08T20:33:37",
"db": "PACKETSTORM",
"id": "147535"
},
{
"date": "2018-05-30T19:49:32",
"db": "PACKETSTORM",
"id": "147936"
},
{
"date": "2018-04-11T01:22:55",
"db": "PACKETSTORM",
"id": "147113"
},
{
"date": "2018-04-11T15:57:05",
"db": "PACKETSTORM",
"id": "147146"
},
{
"date": "2018-02-23T16:10:26",
"db": "PACKETSTORM",
"id": "146535"
},
{
"date": "2018-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"date": "2018-01-03T06:29:00.517000",
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-19T00:00:00",
"db": "VULHUB",
"id": "VHN-109097"
},
{
"date": "2023-01-19T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18017"
},
{
"date": "2018-05-02T12:00:00",
"db": "BID",
"id": "102367"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011875"
},
{
"date": "2021-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-145"
},
{
"date": "2024-04-24T13:40:09.260000",
"db": "NVD",
"id": "CVE-2017-18017"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel Uses freed memory vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-145"
}
],
"trust": 0.6
}
}
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.