ID

VAR-201805-0950


CVE

CVE-2018-8897


TITLE

Hardware debug exception documentation may result in unexpected behavior

Trust: 0.8

sources: CERT/CC: VU#631579

DESCRIPTION

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:1351-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1351 Issue date: 2018-05-08 CVE Names: CVE-2018-8897 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.6) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: cpu: speculative execution permission faults handling (CVE-2017-5754) * Kernel: error in exception handling leads to DoS (CVE-2018-8897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754 and Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897. Bug Fix(es): * If an NFSv3 client mounted a subdirectory of an exported file system, a directory entry to the mount hosting the export was incorrectly held even after clearing the cache. Consequently, attempts to unmount the subdirectory with the umount command failed with the EBUSY error. With this update, the underlying source code has been fixed, and the unmount operation now succeeds as expected in the described situation. (BZ#1538588) * The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1554254) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.6): Source: kernel-2.6.32-504.68.2.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.68.2.el6.noarch.rpm kernel-doc-2.6.32-504.68.2.el6.noarch.rpm kernel-firmware-2.6.32-504.68.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.68.2.el6.x86_64.rpm kernel-debug-2.6.32-504.68.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.68.2.el6.x86_64.rpm kernel-devel-2.6.32-504.68.2.el6.x86_64.rpm kernel-headers-2.6.32-504.68.2.el6.x86_64.rpm perf-2.6.32-504.68.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: kernel-2.6.32-504.68.2.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.68.2.el6.noarch.rpm kernel-doc-2.6.32-504.68.2.el6.noarch.rpm kernel-firmware-2.6.32-504.68.2.el6.noarch.rpm x86_64: kernel-2.6.32-504.68.2.el6.x86_64.rpm kernel-debug-2.6.32-504.68.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.68.2.el6.x86_64.rpm kernel-devel-2.6.32-504.68.2.el6.x86_64.rpm kernel-headers-2.6.32-504.68.2.el6.x86_64.rpm perf-2.6.32-504.68.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.6): x86_64: kernel-debug-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.68.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm python-perf-2.6.32-504.68.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.6): x86_64: kernel-debug-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.68.2.el6.x86_64.rpm perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm python-perf-2.6.32-504.68.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.68.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-8897 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/vulnerabilities/pop_ss https://access.redhat.com/security/cve/CVE-2017-5754 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFa8hvVXlSAg2UNWIIRAvxpAKCyATOJJVz4FToyT99jA7Pkzy2vTACcD5H5 F4NmZtCYwfkBTxlNHHeXy/8= =SAH1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . These CVEs are both related to the way that the linux kernel handles certain interrupt and exception instructions. The issue can be triggered by an unprivileged user. The fix for this problem requires modification of the interrupt descriptor tables (IDT), and modification of the interrupt handlers. Livepatch is unable to safely modify these areas, so upgrading to a corrected kernel and rebooting is required to fix the problem. References: CVE-2018-1087, CVE-2018-8897 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . 6.4) - x86_64 3. (BZ#1554251) 4. Intel Architecture (processor architecture) is a CPU specification developed by Intel Corporation for its processor. There are security vulnerabilities in the operating systems of multiple vendors. Systems from the following vendors are affected: Apple; DragonFly BSD Project; FreeBSD Project; Linux Kernel; Microsoft; Red Hat; SUSE Linux; Ubuntu; Vmware; Xen. ========================================================================== Ubuntu Security Notice USN-3641-2 May 08, 2018 linux, linux-lts-trusty vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for Ubuntu 12.04 ESM. A local attacker could use this to cause a denial of service (system crash). This issue only affected the amd64 architecture. A local attacker in a KVM virtual machine could use this to cause a denial of service (guest VM crash) or possibly escalate privileges inside of the virtual machine. This issue only affected the i386 and amd64 architectures. (CVE-2018-1087) Andy Lutomirski discovered that the Linux kernel did not properly perform error handling on virtualized debug registers. (CVE-2018-1000199) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: linux-image-3.13.0-147-generic 3.13.0-147.196~precise1 linux-image-3.13.0-147-generic-lpae 3.13.0-147.196~precise1 linux-image-3.2.0-134-generic 3.2.0-134.180 linux-image-3.2.0-134-generic-pae 3.2.0-134.180 linux-image-3.2.0-134-highbank 3.2.0-134.180 linux-image-3.2.0-134-omap 3.2.0-134.180 linux-image-3.2.0-134-powerpc-smp 3.2.0-134.180 linux-image-3.2.0-134-powerpc64-smp 3.2.0-134.180 linux-image-3.2.0-134-virtual 3.2.0-134.180 linux-image-generic 3.2.0.134.149 linux-image-generic-lpae-lts-trusty 3.13.0.147.138 linux-image-generic-lts-trusty 3.13.0.147.138 linux-image-generic-pae 3.2.0.134.149 linux-image-highbank 3.2.0.134.149 linux-image-omap 3.2.0.134.149 linux-image-powerpc 3.2.0.134.149 linux-image-powerpc-smp 3.2.0.134.149 linux-image-powerpc64-smp 3.2.0.134.149 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Summary: Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now available. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897. A list of bugs fixed in this update is available in the Technical Notes book: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht ml/technical_notes/ 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot 1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning 1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default 1422676 - [Test Only] Test Ansible playbook for registration 1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version} 1433394 - kdump could fill up /var filesystem while writing to /var/crash 1443965 - Libvirt is disabled on RHVH host 1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation 1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released 1489567 - Host Software tab does not show exact RHVH version anymore 1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2 1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest. 1503148 - [RFE] translate between basic ntp configurations and chrony configurations 1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete 1534855 - RHVH brand is missing on cockpit login screen. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:06.debugreg Security Advisory The FreeBSD Project Topic: Mishandling of x86 debug exceptions Category: core Module: kernel Announced: 2018-05-08 Credits: Nick Peterson, Everdox Tech LLC https://www.linkedin.com/in/everdox Andy Lutomirski Affects: All supported versions of FreeBSD. Corrected: 2018-05-08 17:03:33 UTC (stable/11, 11.2-PRERELEASE) 2018-05-08 17:12:10 UTC (releng/11.1, 11.1-RELEASE-p10) 2018-05-08 17:05:39 UTC (stable/10, 10.4-STABLE) 2018-05-08 17:12:10 UTC (releng/10.4, 10.4-RELEASE-p9) CVE Name: CVE-2018-8897 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. Background On x86 architecture systems, the stack is represented by the combination of a stack segment and a stack pointer, which must remain in sync for proper operation. Instructions related to manipulating the stack segment have special handling to facilitate consistency with changes to the stack pointer. II. If that instruction is a system call or similar instruction that transfers control to the operating system, the debug exception will be handled in the kernel context instead of the user context. III. Impact An authenticated local attacker may be able to read sensitive data in kernel memory, control low-level operating system functions, or may panic the system. IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, using either a binary or source code patch, and then reboot. 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install And reboot. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 11.1] # fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.11.1.patch # fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.11.1.patch.asc # gpg --verify debugreg.11.1.patch.asc [FreeBSD 10.4] # fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.10.4.patch # fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.10.4.patch.asc # gpg --verify debugreg.10.4.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile and install your kernel as described in <URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/10/ r333370 releng/10.4/ r333371 stable/11/ r333369 releng/11.1/ r333371 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. 6.7) - i386, ppc64, s390x, x86_64 3. (BZ#1554253) 4. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. CVE-2018-1087 Andy Lutomirski discovered that the KVM implementation did not properly handle #DB exceptions while deferred by MOV SS/POP SS, allowing an unprivileged KVM guest user to crash the guest or potentially escalate their privileges. For the oldstable distribution (jessie), these problems have been fixed in version 3.16.56-1+deb8u1. This update includes various fixes for regressions from 3.16.56-1 as released in DSA-4187-1 (Cf. For the stable distribution (stretch), these problems have been fixed in version 4.9.88-1+deb9u1. The fix for CVE-2018-1108 applied in DSA-4188-1 is temporarily reverted due to various regression, cf. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlryHFFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SMQA/9HoJDt2OdyqqtfNUuWfP3sgGV1QVjIJnF39unKRdIaGw9m0RHQUu1G3rC cgxcYcpQ0h10Yy5KVh4APqt55K7aVWVQT6xB0yx2VddMEwwl3rp2r/eL7EtoOkQT zZW5JponzlEAjC9uGk7CouA7z/qFtd5awufFhAjMF5eL4ZQ6pG8wWEbae6DbU9nz c7F+okC4hL6yPuWVEWzTRUFK1W0hs2N+VQgHV/afZaMAAooeZJDJeq1Hn/PVYvwJ IHSOs01+kn0OUFHkVRA7kVdFAYUJlfhsDcXd9nB/lkxhc/HNI1g/dK76mRxjsiMo pJlkPbEmZlOtmNG7vogxEp72ab24j2CITIHiID7ftZH5R/I2CSxp2dIzRVKdmP6P tsfh/KcpUMNwwiPiGed1DMCjtsHOodBOkLtVsoHHJVMZg2xqfCrlqNRUn9o+0DcR gO7HBsWG9K1qvSBWuRtQLT8QP00P3dSdhHmfWyfN8eJxTot+WJuMF/o+jbF6GGrZ lPmzWqg4oL7jvQO8nlEkatjIFejEg0jmt+rCXyEbK8Uc9xjJk35GKIZne5X09BFe 36zY7HbMlPvLP/VHSb6fcPBpQo/HuG0/htAB1HpWS1fPrth1J76g2EmwFSG5Lo51 IRxTXP4UZuOL1sJHQ80220tThKs2dk1Yy77dKk8qQiQ2nC2JgNs= =CskH -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001 Security Update 2018-001 addresses the following: Crash Reporter Available for: macOS High Sierra 10.13.4 Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved error handling. The issue appears to be from an undocumented side effect of the instructions. CVE-2018-8897: Andy Lutomirski, Nick Peterson (linkedin.com/in/everdox) of Everdox Tech LLC Entry added May 8, 2018 LinkPresentation Available for: macOS High Sierra 10.13.4 Impact: Processing a maliciously crafted text message may lead to UI spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation

Trust: 3.24

sources: NVD: CVE-2018-8897 // CERT/CC: VU#631579 // BID: 104071 // VULMON: CVE-2018-8897 // PACKETSTORM: 147540 // PACKETSTORM: 147543 // PACKETSTORM: 147552 // PACKETSTORM: 147541 // PACKETSTORM: 147548 // VULHUB: VHN-138929 // PACKETSTORM: 147549 // PACKETSTORM: 147537 // PACKETSTORM: 147646 // PACKETSTORM: 147536 // PACKETSTORM: 147539 // PACKETSTORM: 147546 // PACKETSTORM: 147551 // PACKETSTORM: 147533

AFFECTED PRODUCTS

vendor:ubuntumodel: - scope: - version: -

Trust: 1.6

vendor:freebsdmodel:freebsdscope:gteversion:11.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:xenmodel:xenscope:eqversion: -

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:6.2.0

Trust: 1.0

vendor:synologymodel:skynasscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:6.0.2

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:7.1

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:7.3

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:7.2

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.13.4

Trust: 1.0

vendor:freebsdmodel:freebsdscope:ltversion:11.1

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:17.10

Trust: 1.0

vendor:redhatmodel:enterprise virtualization managerscope:eqversion:3.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:synologymodel:diskstation managerscope:eqversion:6.0

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:7.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:synologymodel:diskstation managerscope:eqversion:5.2

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:6.5

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:synologymodel:diskstation managerscope:eqversion:6.1

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:7.4

Trust: 1.0

vendor:applemodel: - scope: - version: -

Trust: 0.8

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:dragonfly bsdmodel: - scope: - version: -

Trust: 0.8

vendor:freebsdmodel: - scope: - version: -

Trust: 0.8

vendor:linux kernelmodel: - scope: - version: -

Trust: 0.8

vendor:microsoftmodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:vmwaremodel: - scope: - version: -

Trust: 0.8

vendor:xenmodel: - scope: - version: -

Trust: 0.8

vendor:linuxmodel:kernelscope:neversion:4.14.31

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.62

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.15.8

Trust: 0.3

vendor:freebsdmodel:11.1-release-p9scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.28

Trust: 0.3

vendor:microsoftmodel:windows server r2scope:eqversion:20120

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:6.7

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:6.1

Trust: 0.3

vendor:freebsdmodel:10.4-release-p8scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.7

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.1

Trust: 0.3

vendor:vmwaremodel:vsphere integrated containersscope:eqversion:1.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.38

Trust: 0.3

vendor:redhatmodel:enterprise linux server extended update supportscope:eqversion:-6.7

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.5

Trust: 0.3

vendor:freebsdmodel:11.1-release-p4scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.12

Trust: 0.3

vendor:synologymodel:dsmscope:eqversion:6.1

Trust: 0.3

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.64

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1018030

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.51

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.10

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:18030

Trust: 0.3

vendor:linuxmodel:kernel 4.10-rc8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.56

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.38

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.105

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.23

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.15

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.9

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:4.4.125

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.25

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.24

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.11

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:8.10

Trust: 0.3

vendor:microsoftmodel:windows rtscope:eqversion:8.1

Trust: 0.3

vendor:microsoftmodel:windows server r2 for itanium-based systems sp1scope:eqversion:2008

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.60

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.13

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12.1

Trust: 0.3

vendor:freebsdmodel:11.1-release-p7scope: - version: -

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:7.3.0

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:8.10

Trust: 0.3

vendor:freebsdmodel:11.2-prereleasescope:neversion: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.78

Trust: 0.3

vendor:freebsdmodel:10.4-release-p6scope: - version: -

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:6.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.24

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.15

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.65

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.1.47

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.44

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.2

Trust: 0.3

vendor:synologymodel:virtual dsmscope:eqversion:0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.82

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:redhatmodel:enterprise linux extended update supportscope:eqversion:7.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.1.1

Trust: 0.3

vendor:vmwaremodel:vsphere integrated containersscope:eqversion:1.2

Trust: 0.3

vendor:microsoftmodel:windows server r2 for x64-based systems sp1scope:eqversion:2008

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.22

Trust: 0.3

vendor:vmwaremodel:vsphere integrated containersscope:eqversion:1.3.1

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.55

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.72

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.42

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.13

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13

Trust: 0.3

vendor:redhatmodel:enterprise linux long life 5.9.serverscope: - version: -

Trust: 0.3

vendor:synologymodel:dsmscope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:4.9.91

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.27

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11

Trust: 0.3

vendor:vmwaremodel:vsphere integrated containersscope:eqversion:1.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.63-2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.50

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.12

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.6

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:7.3.1

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systemsscope:eqversion:100

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.8

Trust: 0.3

vendor:microsoftmodel:windows server for x64-based systems sp2scope:eqversion:2008

Trust: 0.3

vendor:ubuntumodel:linuxscope:eqversion:17.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16.36

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.1.15

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16.0-28

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.13

Trust: 0.3

vendor:linuxmodel:kernel 4.10-rc1scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.15.4

Trust: 0.3

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.6

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20160

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.4

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:11.2

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:7.1

Trust: 0.3

vendor:freebsdmodel:10.4-release-p3scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux esmscope:eqversion:12.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.26

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.11

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systems sp1scope:eqversion:7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.15.11

Trust: 0.3

vendor:microsoftmodel:windows server for itanium-based systems sp2scope:eqversion:2008

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.13.4

Trust: 0.3

vendor:linuxmodel:kernelscope:neversion:4.15.14

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.3

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:freebsdmodel:10.4-release-p9scope:neversion: -

Trust: 0.3

vendor:microsoftmodel:windows for x64-based systems sp1scope:eqversion:7

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.10

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.14

Trust: 0.3

vendor:linuxmodel:kernel 4.12-rc1scope: - version: -

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.11

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14

Trust: 0.3

vendor:redhatmodel:mrg realtime for rhel serverscope:eqversion:62

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.3

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1016070

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:6.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.15

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.4

Trust: 0.3

vendor:vmwaremodel:vsphere data protectionscope:eqversion:0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.1.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.15.9

Trust: 0.3

vendor:microsoftmodel:windows server for 32-bit systems sp2scope:eqversion:2008

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.68

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:7.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.23

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.14.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.7

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:20120

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.63

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:6.2.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.74

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:6.2.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.14

Trust: 0.3

vendor:synologymodel:skynasscope:eqversion:0

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:6.2.4.1

Trust: 0.3

vendor:vmwaremodel:vsphere integrated containersscope:eqversion:1.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.6

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.13.5

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.36

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.54

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017030

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16.1

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:16.04

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.1

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1017090

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.9

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.13

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.7

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.15.7

Trust: 0.3

vendor:applemodel:macos security updatescope:neversion:2018

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:17090

Trust: 0.3

vendor:microsoftmodel:windows for 32-bit systemsscope:eqversion:100

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.81

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16.6

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:7.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.8

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.30

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.57

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1016070

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.29

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.53

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.16.2

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:11.1

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.16.3

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.1

Trust: 0.3

vendor:microsoftmodel:windows version for 32-bit systemsscope:eqversion:1018030

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.9.71

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.4.2

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:3.2.52

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.10.8

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.12.4

Trust: 0.3

vendor:freebsdmodel:11.1-release-p10scope:neversion: -

Trust: 0.3

vendor:vmwaremodel:identity managerscope:eqversion:0

Trust: 0.3

vendor:vmwaremodel:vrealize automationscope:eqversion:7.4

Trust: 0.3

vendor:linuxmodel:kernelscope:eqversion:4.11.1

Trust: 0.3

vendor:freebsdmodel:10.4-stablescope:neversion: -

Trust: 0.3

vendor:redhatmodel:enterprise linux server extended update supportscope:eqversion:-7.4

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017030

Trust: 0.3

vendor:microsoftmodel:windows version for x64-based systemsscope:eqversion:1017090

Trust: 0.3

sources: CERT/CC: VU#631579 // BID: 104071 // NVD: CVE-2018-8897

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-8897
value: HIGH

Trust: 1.0

NVD: CVE-2018-8897
value: MEDIUM

Trust: 0.8

VULHUB: VHN-138929
value: HIGH

Trust: 0.1

VULMON: CVE-2018-8897
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-8897
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: CVE-2018-8897
severity: MEDIUM
baseScore: 6.8
vectorString: NONE
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-138929
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-8897
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897 // NVD: CVE-2018-8897

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.1

problemtype:CWE-264

Trust: 0.1

sources: VULHUB: VHN-138929 // NVD: CVE-2018-8897

THREAT TYPE

local

Trust: 0.5

sources: BID: 104071 // PACKETSTORM: 147549 // PACKETSTORM: 147536

TYPE

Design Error

Trust: 0.3

sources: BID: 104071

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897

PATCH

title:Red Hat: Moderate: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181349 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181346 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181345 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: kernel security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181352 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181351 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181347 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: kernel security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181353 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181350 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel-rt security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181354 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181348 - Security Advisory

Trust: 0.1

title:Red Hat: Important: redhat-virtualization-host bug fix and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181524 - Security Advisory

Trust: 0.1

title:Red Hat: Important: rhev-hypervisor7 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181711 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel-rt security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181355 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181318 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-lts-trusty vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3641-2

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-euclid, linux-gcp, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem, linux-raspi2, linux-snapdragon vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3641-1

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181319 - Security Advisory

Trust: 0.1

title:Red Hat: Important: redhat-virtualization-host security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181710 - Security Advisory

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2018-8897

Trust: 0.1

title:Red Hat: CVE-2018-8897url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-8897

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182164 - Security Advisory

Trust: 0.1

title:Apple: Security Update 2018-001url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=583c1ea8a829ac665aa41a8ff5a75340

Trust: 0.1

title:Huawei Security Advisories: Security Advisory - Privilege Escalation Vulnerability in Some Huawei Productsurl:https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories&qid=90d333381e15d85941c4280dcd26b848

Trust: 0.1

title:Brocade Security Advisories: BSA-2018-601url:https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=59ba3f49037f65156b69ed10fd1fc42f

Trust: 0.1

title:Citrix Security Bulletins: Citrix XenServer Multiple Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=0f487c3cd292818d2fb6275798f934ed

Trust: 0.1

title:Amazon Linux AMI: ALAS-2018-1023url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2018-1023

Trust: 0.1

title:Amazon Linux 2: ALAS2-2018-1023url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2018-1023

Trust: 0.1

title:Apple: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitanurl:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=f93fc5c87ddc6e336e7b02ff3308dfe6

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - April 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=c0bb087d513b6ab7ce4efb0405158613

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - April 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=ae57a14ec914f60b7203332a77613077

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=07ab17c2d7ba0de54dd1d1406e963124

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=f5bb2b180c7c77e5a02747a1f31830d9

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=55ea315dfb69fce8383762ac64250315

Trust: 0.1

title:CVE-2018-8897url:https://github.com/can1357/CVE-2018-8897

Trust: 0.1

title:2url:https://github.com/zcmgod/2

Trust: 0.1

title:https-github.com-ExpLife0011-awesome-windows-kernel-security-developmenturl:https://github.com/Ondrik8/https-github.com-ExpLife0011-awesome-windows-kernel-security-development

Trust: 0.1

title:rhel-centos-ec2-vulsurl:https://github.com/riboseinc/rhel-centos-ec2-vuls

Trust: 0.1

title:APT-GUIDurl:https://github.com/Al1ex/APT-GUID

Trust: 0.1

sources: VULMON: CVE-2018-8897

EXTERNAL IDS

db:NVDid:CVE-2018-8897

Trust: 2.8

db:CERT/CCid:VU#631579

Trust: 2.2

db:BIDid:104071

Trust: 1.4

db:OPENWALLid:OSS-SECURITY/2018/05/08/4

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2018/05/08/1

Trust: 1.1

db:SECTRACKid:1040849

Trust: 1.1

db:SECTRACKid:1040882

Trust: 1.1

db:SECTRACKid:1040744

Trust: 1.1

db:SECTRACKid:1040866

Trust: 1.1

db:SECTRACKid:1040861

Trust: 1.1

db:EXPLOIT-DBid:44697

Trust: 1.1

db:EXPLOIT-DBid:45024

Trust: 1.1

db:PACKETSTORMid:147541

Trust: 0.2

db:PACKETSTORMid:147543

Trust: 0.2

db:PACKETSTORMid:147539

Trust: 0.2

db:PACKETSTORMid:147536

Trust: 0.2

db:PACKETSTORMid:147548

Trust: 0.2

db:PACKETSTORMid:148549

Trust: 0.1

db:PACKETSTORMid:147542

Trust: 0.1

db:PACKETSTORMid:147550

Trust: 0.1

db:VULHUBid:VHN-138929

Trust: 0.1

db:VULMONid:CVE-2018-8897

Trust: 0.1

db:PACKETSTORMid:147540

Trust: 0.1

db:PACKETSTORMid:147552

Trust: 0.1

db:PACKETSTORMid:147533

Trust: 0.1

db:PACKETSTORMid:147549

Trust: 0.1

db:PACKETSTORMid:147537

Trust: 0.1

db:PACKETSTORMid:147646

Trust: 0.1

db:PACKETSTORMid:147546

Trust: 0.1

db:PACKETSTORMid:147551

Trust: 0.1

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897 // BID: 104071 // PACKETSTORM: 147540 // PACKETSTORM: 147543 // PACKETSTORM: 147552 // PACKETSTORM: 147541 // PACKETSTORM: 147548 // PACKETSTORM: 147533 // PACKETSTORM: 147549 // PACKETSTORM: 147537 // PACKETSTORM: 147646 // PACKETSTORM: 147536 // PACKETSTORM: 147539 // PACKETSTORM: 147546 // PACKETSTORM: 147551 // NVD: CVE-2018-8897

REFERENCES

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8897

Trust: 2.2

url:https://xenbits.xen.org/xsa/advisory-260.html

Trust: 1.9

url:https://access.redhat.com/security/vulnerabilities/pop_ss

Trust: 1.4

url:https://www.kb.cert.org/vuls/id/631579

Trust: 1.4

url:https://bugzilla.redhat.com/show_bug.cgi?id=1567074

Trust: 1.4

url:https://www.freebsd.org/security/advisories/freebsd-sa-18:06.debugreg.asc

Trust: 1.4

url:https://usn.ubuntu.com/3641-1/

Trust: 1.4

url:https://usn.ubuntu.com/3641-2/

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2018-8897

Trust: 1.3

url:https://access.redhat.com/errata/rhsa-2018:1345

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1346

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1347

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1349

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1351

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1352

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1354

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2018:1524

Trust: 1.2

url:https://kb.vmware.com/s/article/54988

Trust: 1.1

url:http://www.securityfocus.com/bid/104071

Trust: 1.1

url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en

Trust: 1.1

url:https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20180927-0002/

Trust: 1.1

url:https://support.citrix.com/article/ctx234679

Trust: 1.1

url:https://www.synology.com/support/security/synology_sa_18_21

Trust: 1.1

url:https://www.debian.org/security/2018/dsa-4196

Trust: 1.1

url:https://www.debian.org/security/2018/dsa-4201

Trust: 1.1

url:https://www.exploit-db.com/exploits/44697/

Trust: 1.1

url:https://www.exploit-db.com/exploits/45024/

Trust: 1.1

url:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9

Trust: 1.1

url:http://openwall.com/lists/oss-security/2018/05/08/1

Trust: 1.1

url:http://openwall.com/lists/oss-security/2018/05/08/4

Trust: 1.1

url:https://github.com/can1357/cve-2018-8897/

Trust: 1.1

url:https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9

Trust: 1.1

url:https://patchwork.kernel.org/patch/10386677/

Trust: 1.1

url:https://support.apple.com/ht208742

Trust: 1.1

url:https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2018:1318

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2018:1319

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2018:1348

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2018:1350

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2018:1353

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2018:1355

Trust: 1.1

url:http://www.securitytracker.com/id/1040744

Trust: 1.1

url:http://www.securitytracker.com/id/1040849

Trust: 1.1

url:http://www.securitytracker.com/id/1040861

Trust: 1.1

url:http://www.securitytracker.com/id/1040866

Trust: 1.1

url:http://www.securitytracker.com/id/1040882

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2018-8897

Trust: 1.1

url:https://svnweb.freebsd.org/base?view=revision&revision=333368

Trust: 1.0

url:https://everdox.net/popss.pdf

Trust: 0.8

url:http://cwe.mitre.org/data/definitions/703.html

Trust: 0.8

url:https://support.apple.com/en-us/ht208742

Trust: 0.8

url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk126534

Trust: 0.8

url:https://security.freebsd.org/advisories/freebsd-sa-18:06.debugreg.asc

Trust: 0.8

url:https://usn.ubuntu.com/3641-1/https://usn.ubuntu.com/3641-2/

Trust: 0.8

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.8

url:https://bugzilla.redhat.com/):

Trust: 0.8

url:https://access.redhat.com/security/team/key/

Trust: 0.8

url:https://access.redhat.com/security/team/contact/

Trust: 0.8

url:https://access.redhat.com/articles/11258

Trust: 0.7

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-1087

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-1000199

Trust: 0.4

url:http://www.microsoft.com

Trust: 0.3

url:https://support.apple.com/en-ie/ht208742

Trust: 0.3

url:https://lists.apple.com/archives/security-announce/2018/may/msg00001.html

Trust: 0.3

url:https://www.synology.com/en-global/support/security/synology_sa_18_21

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1087

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1000199

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2017-5754

Trust: 0.3

url:https://access.redhat.com/security/vulnerabilities/speculativeexecution

Trust: 0.2

url:https://svnweb.freebsd.org/base?view=revision&amp;revision=333368

Trust: 0.1

url:https://wiki.ubuntu.com/securityteam/knowledgebase/pop_ss

Trust: 0.1

url:https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4206

Trust: 0.1

url:https://support.apple.com/kb/ht201222

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://support.apple.com/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4187

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3641-1

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3641-2

Trust: 0.1

url:https://access.redhat.com/articles/2974891

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1088

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1111

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1088

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1111

Trust: 0.1

url:https://security.freebsd.org/>.

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8897>

Trust: 0.1

url:https://security.freebsd.org/patches/sa-18:06/debugreg.10.4.patch

Trust: 0.1

url:https://security.freebsd.org/patches/sa-18:06/debugreg.11.1.patch

Trust: 0.1

url:https://www.freebsd.org/handbook/kernelconfig.html>

Trust: 0.1

url:https://security.freebsd.org/patches/sa-18:06/debugreg.11.1.patch.asc

Trust: 0.1

url:https://svnweb.freebsd.org/base?view=revision&revision=nnnnnn>

Trust: 0.1

url:https://security.freebsd.org/advisories/freebsd-sa-18:06.debugreg.asc>

Trust: 0.1

url:https://security.freebsd.org/patches/sa-18:06/debugreg.10.4.patch.asc

Trust: 0.1

url:https://www.linkedin.com/in/everdox

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://security-tracker.debian.org/tracker/linux

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // BID: 104071 // PACKETSTORM: 147540 // PACKETSTORM: 147543 // PACKETSTORM: 147552 // PACKETSTORM: 147541 // PACKETSTORM: 147548 // PACKETSTORM: 147533 // PACKETSTORM: 147549 // PACKETSTORM: 147537 // PACKETSTORM: 147646 // PACKETSTORM: 147536 // PACKETSTORM: 147539 // PACKETSTORM: 147546 // PACKETSTORM: 147551 // NVD: CVE-2018-8897

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 147540 // PACKETSTORM: 147543 // PACKETSTORM: 147541 // PACKETSTORM: 147548 // PACKETSTORM: 147537 // PACKETSTORM: 147646 // PACKETSTORM: 147539 // PACKETSTORM: 147546

SOURCES

db:CERT/CCid:VU#631579
db:VULHUBid:VHN-138929
db:VULMONid:CVE-2018-8897
db:BIDid:104071
db:PACKETSTORMid:147540
db:PACKETSTORMid:147543
db:PACKETSTORMid:147552
db:PACKETSTORMid:147541
db:PACKETSTORMid:147548
db:PACKETSTORMid:147533
db:PACKETSTORMid:147549
db:PACKETSTORMid:147537
db:PACKETSTORMid:147646
db:PACKETSTORMid:147536
db:PACKETSTORMid:147539
db:PACKETSTORMid:147546
db:PACKETSTORMid:147551
db:NVDid:CVE-2018-8897

LAST UPDATE DATE

2024-11-07T21:16:14.919000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#631579date:2019-07-11T00:00:00
db:VULHUBid:VHN-138929date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-8897date:2019-10-03T00:00:00
db:BIDid:104071date:2018-05-17T06:00:00
db:NVDid:CVE-2018-8897date:2019-10-03T00:03:26.223

SOURCES RELEASE DATE

db:CERT/CCid:VU#631579date:2018-05-08T00:00:00
db:VULHUBid:VHN-138929date:2018-05-08T00:00:00
db:VULMONid:CVE-2018-8897date:2018-05-08T00:00:00
db:BIDid:104071date:2018-05-08T00:00:00
db:PACKETSTORMid:147540date:2018-05-08T23:52:29
db:PACKETSTORMid:147543date:2018-05-08T23:54:17
db:PACKETSTORMid:147552date:2018-05-09T17:44:38
db:PACKETSTORMid:147541date:2018-05-08T23:53:34
db:PACKETSTORMid:147548date:2018-05-08T23:56:36
db:PACKETSTORMid:147533date:2018-05-08T20:32:15
db:PACKETSTORMid:147549date:2018-05-08T23:56:57
db:PACKETSTORMid:147537date:2018-05-08T20:35:01
db:PACKETSTORMid:147646date:2018-05-15T22:06:13
db:PACKETSTORMid:147536date:2018-05-08T20:33:55
db:PACKETSTORMid:147539date:2018-05-08T23:52:05
db:PACKETSTORMid:147546date:2018-05-08T23:55:56
db:PACKETSTORMid:147551date:2018-05-09T17:44:05
db:NVDid:CVE-2018-8897date:2018-05-08T18:29:00.547