ALT-PU-2018-2233-1
Package kernel-image-std-restricted updated to version 4.9.123-alt0.M80C.1 for branch c8.1 in task 211794.
Closed vulnerabilities
Published: 2018-01-03
BDU:2018-00995
Уязвимость процессоров Intel, связанная с возможностью спекулятивного выполнения команд и позволяющая нарушителю получить несанкционированный доступ к памяти ядра операционной системы или SMM-памяти
Severity: HIGH (7.1)
Vector: AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References:
Published: 2018-10-31
BDU:2019-03460
Уязвимость функции hidp_process_report компонента bluetooth ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.4)
Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2018-08-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-3620
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
Severity: MEDIUM (5.6)
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
References:
- http://support.lenovo.com/us/en/solutions/LEN-24163
- http://support.lenovo.com/us/en/solutions/LEN-24163
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
- 105080
- 105080
- 1041451
- 1041451
- http://www.vmware.com/security/advisories/VMSA-2018-0021.html
- http://www.vmware.com/security/advisories/VMSA-2018-0021.html
- http://xenbits.xen.org/xsa/advisory-273.html
- http://xenbits.xen.org/xsa/advisory-273.html
- RHSA-2018:2384
- RHSA-2018:2384
- RHSA-2018:2387
- RHSA-2018:2387
- RHSA-2018:2388
- RHSA-2018:2388
- RHSA-2018:2389
- RHSA-2018:2389
- RHSA-2018:2390
- RHSA-2018:2390
- RHSA-2018:2391
- RHSA-2018:2391
- RHSA-2018:2392
- RHSA-2018:2392
- RHSA-2018:2393
- RHSA-2018:2393
- RHSA-2018:2394
- RHSA-2018:2394
- RHSA-2018:2395
- RHSA-2018:2395
- RHSA-2018:2396
- RHSA-2018:2396
- RHSA-2018:2402
- RHSA-2018:2402
- RHSA-2018:2403
- RHSA-2018:2403
- RHSA-2018:2404
- RHSA-2018:2404
- RHSA-2018:2602
- RHSA-2018:2602
- RHSA-2018:2603
- RHSA-2018:2603
- https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
- https://foreshadowattack.eu/
- https://foreshadowattack.eu/
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- [debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update
- [debian-lts-announce] 20180828 [SECURITY] [DLA 1481-1] linux-4.9 security update
- [debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update
- [debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update
- FEDORA-2018-f8cba144ae
- FEDORA-2018-f8cba144ae
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-1c80fea1cd
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0009
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0009
- FreeBSD-SA-18:09
- FreeBSD-SA-18:09
- GLSA-201810-06
- GLSA-201810-06
- https://security.netapp.com/advisory/ntap-20180815-0001/
- https://security.netapp.com/advisory/ntap-20180815-0001/
- https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
- https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
- https://support.f5.com/csp/article/K95275140
- https://support.f5.com/csp/article/K95275140
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
- 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
- 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
- USN-3740-1
- USN-3740-1
- USN-3740-2
- USN-3740-2
- USN-3741-1
- USN-3741-1
- USN-3741-2
- USN-3741-2
- USN-3742-1
- USN-3742-1
- USN-3742-2
- USN-3742-2
- USN-3823-1
- USN-3823-1
- DSA-4274
- DSA-4274
- DSA-4279
- DSA-4279
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
- VU#982149
- VU#982149
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.synology.com/support/security/Synology_SA_18_45
- https://www.synology.com/support/security/Synology_SA_18_45
Published: 2018-11-06
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-9363
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.
Severity: HIGH (8.4)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- RHSA-2018:2948
- RHSA-2018:2948
- RHSA-2019:2029
- RHSA-2019:2029
- RHSA-2019:2043
- RHSA-2019:2043
- [debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update
- [debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update
- https://source.android.com/security/bulletin/2018-06-01
- https://source.android.com/security/bulletin/2018-06-01
- USN-3797-1
- USN-3797-1
- USN-3797-2
- USN-3797-2
- USN-3820-1
- USN-3820-1
- USN-3820-2
- USN-3820-2
- USN-3820-3
- USN-3820-3
- USN-3822-1
- USN-3822-1
- USN-3822-2
- USN-3822-2
- DSA-4308
- DSA-4308