ALT-PU-2017-2114-1
Package kernel-image-un-def updated to version 4.12.9-alt1 for branch sisyphus in task 187539.
Closed vulnerabilities
Published: 2019-01-09
BDU:2019-00255
Уязвимость функции do_get_mempolicy() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2017-09-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-14140
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
Severity: MEDIUM (5.5)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9
- DSA-3981
- DSA-3981
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9
- 100876
- 100876
- RHSA-2018:0676
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1062
- https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9
- https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9
- https://source.android.com/security/bulletin/pixel/2018-01-01
- https://source.android.com/security/bulletin/pixel/2018-01-01
- USN-3583-1
- USN-3583-1
- USN-3583-2
- USN-3583-2
Published: 2018-05-02
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-10675
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99
- 104093
- 104093
- RHSA-2018:2164
- RHSA-2018:2164
- RHSA-2018:2384
- RHSA-2018:2384
- RHSA-2018:2395
- RHSA-2018:2395
- RHSA-2018:2785
- RHSA-2018:2785
- RHSA-2018:2791
- RHSA-2018:2791
- RHSA-2018:2924
- RHSA-2018:2924
- RHSA-2018:2925
- RHSA-2018:2925
- RHSA-2018:2933
- RHSA-2018:2933
- RHSA-2018:3540
- RHSA-2018:3540
- RHSA-2018:3586
- RHSA-2018:3586
- RHSA-2018:3590
- RHSA-2018:3590
- https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99
- https://github.com/torvalds/linux/commit/73223e4e2e3867ebf033a5a8eb2e5df0158ccc99
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- USN-3754-1
- USN-3754-1
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html