ALT-PU-2018-1084-1
Package kernel-image-un-def updated to version 4.14.15-alt0.M80P.1 for branch p8 in task 198472.
Closed vulnerabilities
Published: 2017-11-29
BDU:2019-03625
Уязвимость функции pcpu_embed_first_chunk() ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации
Severity: MEDIUM (5.5)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM (4.6)
Vector: AV:L/AC:L/Au:S/C:C/I:N/A:N
References:
Published: 2019-08-19
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-18551
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
Severity: MEDIUM (4.6)
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Severity: MEDIUM (6.7)
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
References:
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89c6efa61f5709327ecfa24bff18e57a4e80c7fa
- https://support.f5.com/csp/article/K48073202?utm_source=f5support&%3Butm_medium=RSS
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=89c6efa61f5709327ecfa24bff18e57a4e80c7fa
- https://support.f5.com/csp/article/K48073202?utm_source=f5support&%3Butm_medium=RSS
Published: 2018-08-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-5953
The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.
Severity: LOW (2.1)
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
- http://www.securityfocus.com/bid/105045
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7d63fb3af87aa67aa7d24466e792f9d7c57d8e79
- https://github.com/johnsonwangqize/cve-linux/blob/master/%20CVE-2018-5953.md
- https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
- https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
- http://www.securityfocus.com/bid/105045
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7d63fb3af87aa67aa7d24466e792f9d7c57d8e79
- https://github.com/johnsonwangqize/cve-linux/blob/master/%20CVE-2018-5953.md
- https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
- https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
Published: 2018-08-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-5995
The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.
Severity: LOW (2.1)
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.5)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
- http://www.securityfocus.com/bid/105049
- https://github.com/johnsonwangqize/cve-linux/blob/master/CVE-2018-5995.md
- https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
- https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
- https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html
- https://seclists.org/bugtraq/2019/Aug/18
- https://www.debian.org/security/2019/dsa-4497
- http://www.securityfocus.com/bid/105049
- https://github.com/johnsonwangqize/cve-linux/blob/master/CVE-2018-5995.md
- https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
- https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
- https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html
- https://seclists.org/bugtraq/2019/Aug/18
- https://www.debian.org/security/2019/dsa-4497
Published: 2018-02-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-6927
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
Severity: MEDIUM (4.6)
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
- http://www.securityfocus.com/bid/103023
- https://access.redhat.com/errata/RHSA-2018:0654
- https://access.redhat.com/errata/RHSA-2018:0676
- https://access.redhat.com/errata/RHSA-2018:1062
- https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3697-1/
- https://usn.ubuntu.com/3697-2/
- https://usn.ubuntu.com/3698-1/
- https://usn.ubuntu.com/3698-2/
- https://www.debian.org/security/2018/dsa-4187
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
- http://www.securityfocus.com/bid/103023
- https://access.redhat.com/errata/RHSA-2018:0654
- https://access.redhat.com/errata/RHSA-2018:0676
- https://access.redhat.com/errata/RHSA-2018:1062
- https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a
- https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
- https://usn.ubuntu.com/3619-1/
- https://usn.ubuntu.com/3619-2/
- https://usn.ubuntu.com/3697-1/
- https://usn.ubuntu.com/3697-2/
- https://usn.ubuntu.com/3698-1/
- https://usn.ubuntu.com/3698-2/
- https://www.debian.org/security/2018/dsa-4187
- https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15