Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2018:1319
HistoryMay 10, 2018 - 1:00 a.m.

kernel, perf, python security update

2018-05-1001:00:09
CentOS Project
lists.centos.org
207

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.975 High

EPSS

Percentile

100.0%

JSON

CentOS Errata and Security Advisory CESA-2018:1319

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • hw: cpu: speculative execution permission faults handling (CVE-2017-5754, x86 32-bit)

  • Kernel: error in exception handling leads to DoS (CVE-2018-8897)

  • kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)

  • kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)

  • kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166)

  • kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017)

  • kernel: Stack information leak in the EFS element (CVE-2017-1000410)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410.

Bug Fix(es):

These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2018-May/084989.html

Affected packages:
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
perf
python-perf

Upstream details at:
https://access.redhat.com/errata/RHSA-2018:1319

OSVersionArchitecturePackageVersionFilename
CentOS6i686kernel< 2.6.32-696.28.1.el6kernel-2.6.32-696.28.1.el6.i686.rpm
CentOS6noarchkernel-abi-whitelists< 2.6.32-696.28.1.el6kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm
CentOS6i686kernel-debug< 2.6.32-696.28.1.el6kernel-debug-2.6.32-696.28.1.el6.i686.rpm
CentOS6i686kernel-debug-devel< 2.6.32-696.28.1.el6kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm
CentOS6i686kernel-devel< 2.6.32-696.28.1.el6kernel-devel-2.6.32-696.28.1.el6.i686.rpm
CentOS6noarchkernel-doc< 2.6.32-696.28.1.el6kernel-doc-2.6.32-696.28.1.el6.noarch.rpm
CentOS6noarchkernel-firmware< 2.6.32-696.28.1.el6kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm
CentOS6i686kernel-headers< 2.6.32-696.28.1.el6kernel-headers-2.6.32-696.28.1.el6.i686.rpm
CentOS6i686perf< 2.6.32-696.28.1.el6perf-2.6.32-696.28.1.el6.i686.rpm
CentOS6i686python-perf< 2.6.32-696.28.1.el6python-perf-2.6.32-696.28.1.el6.i686.rpm
Rows per page:
1-10 of 211

Related

oraclelinux 3
openvas 42
nessus 70
redhat 21
mageia 5
freebsd_advisory 1
slackware 1
kitploit 2
freebsd 1
amazon 2
debian 1
virtuozzo 4
osv 1
redhatcve 1
huawei 2
ibm 16
suse 4
nvidia 3
seebug 1
vmware 1
lenovo 2
f5 1
symantec 1
qualysblog 4
ubuntu 4
arista 1
threatpost 1
malwarebytes 1
cloudfoundry 1
paloalto 1
oraclelinux
oraclelinux
kernel security and bug fix update
2018-05-08 00:00:00
Unbreakable Enterprise kernel security update
2018-01-12 00:00:00
Unbreakable Enterprise kernel security update
2018-01-09 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2018:1319 centos6
2018-05-10 00:00:00
Mageia: Security Advisory (MGASA-2018-0106)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2018-0126)
2022-01-28 00:00:00
nessus
nessus
RHEL 6 : kernel (RHSA-2018:1319)
2018-05-09 00:00:00
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180508) (Meltdown)
2018-05-09 00:00:00
CentOS 6 : kernel (CESA-2018:1319) (Meltdown)
2018-05-10 00:00:00
redhat
redhat
(RHSA-2018:1319) Important: kernel security and bug fix update
2018-05-08 17:59:26
(RHSA-2018:1346) Important: kernel security and bug fix update
2018-05-08 20:17:11
(RHSA-2018:1130) Important: kernel security and bug fix update
2018-04-17 14:31:22
mageia
mageia
Updated kernel-tmb packages fix security vulnerabilities
2018-02-16 00:17:42
Updated kernel packages fix security vulnerabilities
2018-02-05 22:12:45
Updated kernel packages fix security vulnerabilities
2018-02-23 20:14:35
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:03.speculative_execution
2018-03-14 00:00:00
slackware
slackware
[slackware-security] kernel
2018-01-16 06:32:33
kitploit
kitploit
In-Spectre-Meltdown - Tool to identify Meltdown & Spectre Vulnerabilities in processors
2018-01-07 20:04:00
Spectre-Meltdown-Checker - Spectre & Meltdown Vulnerability/Mitigation Checker For Linux
2018-01-08 12:43:00
freebsd
freebsd
FreeBSD -- Speculative Execution Vulnerabilities
2018-03-14 00:00:00
amazon
amazon
Critical: kernel
2018-01-03 19:27:00
Critical: kernel
2018-01-11 21:05:00
debian
debian
[SECURITY] [DSA 4120-1] linux security update
2018-02-22 15:58:05
virtuozzo
virtuozzo
Important kernel security update: CVE-2017-5754 and other; new kernel 2.6.32-042stab129.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2018-05-14 00:00:00
Kernel security update: CVE-2017-5754 and other; new kernel 2.6.32-042stab129.1, Virtuozzo 6.0 Update 12 Hotfix 23 (6.0.12-3703)
2018-05-14 00:00:00
Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 3.10.0-693.11.6.vz7.40.4, Virtuozzo 7.0 Update 6 Hotfix 3 (7.0.6-710)
2018-01-08 00:00:00
osv
osv
linux - security update
2018-02-22 00:00:00
redhatcve
redhatcve
CVE-2017-5715
2021-07-20 18:54:09
huawei
huawei
Security Advisory - CPU Vulnerabilities Meltdown and Spectre
2018-06-06 00:00:00
Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'
2018-01-06 00:00:00
ibm
ibm
Security Bulletin: Aspera Products and the Meltdown and Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
2018-12-08 04:55:34
Security Bulletin: IBM Spectrum Protect Plus has released instructions for obtaining an update in response to the vulnerabilities known as Spectre and Meltdown
2018-06-17 15:48:44
Security Bulletin: PowerKVM has released updates in response to the vulnerabilities known as Spectre and Meltdown.
2018-06-18 01:41:07
suse
suse
Security update for the Linux Kernel (important)
2018-01-16 21:08:59
Security update for the Linux Kernel (important)
2018-01-11 18:10:26
Security update for the Linux Kernel (important)
2018-01-16 21:08:19
nvidia
nvidia
Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, and Tegra K1 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities
2018-01-05 00:00:00
Security Bulletin: NVIDIA Driver Security Updates for CPU Speculative Side Channel Vulnerabilities
2018-01-04 00:00:00
Security Bulletin: NVIDIA GeForce Experience (GFE) Security Updates for CPU Speculative Side Channel Vulnerabilities
2018-01-09 00:00:00
seebug
seebug
Reading privileged memory with a side-channel (Meltdown & Spectre)
2018-01-04 00:00:00
vmware
vmware
VMware Virtual Appliance updates address side-channel analysis due to speculative execution
2018-02-08 00:00:00
lenovo
lenovo
Reading Privileged Memory with a Side Channel - Lenovo Support US
2018-10-24 12:22:52
Reading Privileged Memory with a Side Channel - US
2018-10-24 12:22:52
f5
f5
Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754
2018-01-04 04:46:00
symantec
symantec
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-01-03 00:00:00
qualysblog
qualysblog
Meltdown/Spectre and Qualys Cloud Platform
2018-01-09 02:36:19
Apple in the InfoSec Spotlight, as GitHub Falls Prey to Amplified DDoS Attack
2018-03-02 14:48:53
Processor Vulnerabilities – Meltdown and Spectre
2018-01-04 02:17:43
ubuntu
ubuntu
Linux kernel vulnerabilities
2018-01-23 00:00:00
Linux kernel (HWE) vulnerabilities
2018-03-15 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2018-01-23 00:00:00
arista
arista
Security Advisory 0031
2018-01-03 00:00:00
threatpost
threatpost
Experts Weigh In On Spectre Patch Challenges
2018-01-07 23:21:34
malwarebytes
malwarebytes
Meltdown and Spectre fallout: patching problems persist
2018-01-11 14:00:00
cloudfoundry
cloudfoundry
USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-01-23 00:00:00
paloalto
paloalto
Information about Meltdown and Spectre findings
2018-01-04 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.975 High

EPSS

Percentile

100.0%

JSON
Related for CESA-2018:1319
oraclelinux3openvas42nessus70redhat21mageia5freebsd_advisory1slackware1kitploit2freebsd1amazon2debian1virtuozzo4osv1redhatcve1huawei2ibm16suse4nvidia3seebug1vmware1lenovo2f51symantec1qualysblog4ubuntu4arista1threatpost1malwarebytes1cloudfoundry1paloalto1