2017-12-13
ALT-BU-2017-3560-1
Branch p8 update bulletin.
Package kernel-image-std-def updated to version 4.9.68-alt0.M80P.1 for branch p8 in task 196417.
Closed vulnerabilities
Published: 2017-11-29
BDU:2018-00614
Уязвимость функции __oom_reap_task_mm ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Severity: HIGH (7.0)
Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2018-02-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-18202
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.
Severity: HIGH (7.0)
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=687cb0884a714ff484d038e9190edc874edcf146
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=687cb0884a714ff484d038e9190edc874edcf146
- 103161
- 103161
- RHSA-2018:2772
- RHSA-2018:2772
- https://github.com/torvalds/linux/commit/687cb0884a714ff484d038e9190edc874edcf146
- https://github.com/torvalds/linux/commit/687cb0884a714ff484d038e9190edc874edcf146
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4