ALT Linux Team

Package kernel-image-un-def update in sisyphus on 2018-02-01

ALT-PU-2018-1111-1

Package kernel-image-un-def updated to version 4.14.16-alt1 for branch sisyphus in task 198812.

Closed vulnerabilities

Published: 2018-01-07

BDU:2018-00003

Уязвимость процессоров Intel, ARM и AMD, связанная с особенностями функционирования модуля прогнозирования ветвлений, позволяющая нарушителю получить доступ к защищенной памяти из программы

Severity: MEDIUM (5.6) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Severity: LOW (3.8) Vector: AV:L/AC:H/Au:S/C:C/I:N/A:N
References:
Published: 2018-01-04
Modified: 2025-05-06

CVE-2017-5715

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Severity: LOW (1.9) Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.6) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
References:
Published: 2021-06-07
Modified: 2024-11-21

CVE-2018-25015

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.

Severity: MEDIUM (4.6) Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2018-01-26
Modified: 2024-11-21

CVE-2018-5750

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top