ALT-PU-2018-2004-1
Package kernel-image-std-def updated to version 4.9.111-alt0.M80P.1 for branch p8 in task 209463.
Closed vulnerabilities
Published: 2018-06-12
BDU:2023-01296
Уязвимость функции uvesafb_setcmap function (drivers/video/fbdev/uvesafb.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2018-07-06
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-13406
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9f645bcc566a1e9f921bdae7528a01ced5bc3713
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9f645bcc566a1e9f921bdae7528a01ced5bc3713
- 104685
- 104685
- 1041355
- 1041355
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.4
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.4
- https://github.com/torvalds/linux/commit/9f645bcc566a1e9f921bdae7528a01ced5bc3713
- https://github.com/torvalds/linux/commit/9f645bcc566a1e9f921bdae7528a01ced5bc3713
- [debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
- [debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
- USN-3752-1
- USN-3752-1
- USN-3752-2
- USN-3752-2
- USN-3752-3
- USN-3752-3
- USN-3753-1
- USN-3753-1
- USN-3753-2
- USN-3753-2
- USN-3754-1
- USN-3754-1