Details of VAR-201805-0950

ID

VAR-201805-0950

CVE

CVE-2018-8897

TITLE

Hardware debug exception documentation may result in unexpected behavior

Trust: 0.8

sources: CERT/CC: VU#631579

DESCRIPTION

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Intel Architecture (processor architecture) is a CPU specification developed by Intel Corporation for its processor. There are security vulnerabilities in the operating systems of multiple vendors. Systems from the following vendors are affected: Apple; DragonFly BSD Project; FreeBSD Project; Linux Kernel; Microsoft; Red Hat; SUSE Linux; Ubuntu; Vmware; Xen. 7.2) - noarch, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:1319-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1319 Issue date: 2018-05-08 CVE Names: CVE-2017-7645 CVE-2017-8824 CVE-2017-13166 CVE-2017-18017 CVE-2017-1000410 CVE-2018-8897 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: cpu: speculative execution permission faults handling (CVE-2017-5754) * Kernel: error in exception handling leads to DoS (CVE-2018-8897) * kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645) * kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824) * kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166) * kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017) * kernel: Stack information leak in the EFS element (CVE-2017-1000410) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410. Bug Fix(es): These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443615 - CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies 1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element 1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling 1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c 1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-696.28.1.el6.src.rpm i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-696.28.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-696.28.1.el6.src.rpm i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm ppc64: kernel-2.6.32-696.28.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm kernel-devel-2.6.32-696.28.1.el6.ppc64.rpm kernel-headers-2.6.32-696.28.1.el6.ppc64.rpm perf-2.6.32-696.28.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm s390x: kernel-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debug-devel-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm kernel-devel-2.6.32-696.28.1.el6.s390x.rpm kernel-headers-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-696.28.1.el6.s390x.rpm perf-2.6.32-696.28.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.28.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm python-perf-2.6.32-696.28.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.28.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.28.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.28.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm python-perf-2.6.32-696.28.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-696.28.1.el6.src.rpm i386: kernel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-devel-2.6.32-696.28.1.el6.i686.rpm kernel-headers-2.6.32-696.28.1.el6.i686.rpm perf-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpm kernel-doc-2.6.32-696.28.1.el6.noarch.rpm kernel-firmware-2.6.32-696.28.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.28.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm kernel-devel-2.6.32-696.28.1.el6.x86_64.rpm kernel-headers-2.6.32-696.28.1.el6.x86_64.rpm perf-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.28.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.28.1.el6.i686.rpm perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm python-perf-2.6.32-696.28.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.28.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm python-perf-2.6.32-696.28.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.28.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-7645 https://access.redhat.com/security/cve/CVE-2017-8824 https://access.redhat.com/security/cve/CVE-2017-13166 https://access.redhat.com/security/cve/CVE-2017-18017 https://access.redhat.com/security/cve/CVE-2017-1000410 https://access.redhat.com/security/cve/CVE-2018-8897 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3431591 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFa8fO8XlSAg2UNWIIRAnN0AKCBdjdw1bC12xju0GwoOedA1L8osACaA1Ze 4IKrbiFeHd+C9bqCjUFX4pw= =3psi -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. (BZ#1549768) 4. CVE-2018-10471 An error was discovered in the mitigations against Meltdown which could result in denial of service. CVE-2018-10472 Anthony Perard discovered that incorrect parsing of CDROM images can result in information disclosure. CVE-2018-10981 Jan Beulich discovered that malformed device models could result in denial of service. CVE-2018-10982 Roger Pau Monne discovered that incorrect handling of high precision event timers could result in denial of service and potentially privilege escalation. For the stable distribution (stretch), these problems have been fixed in version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6. We recommend that you upgrade your xen packages. For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr7PHoACgkQEMKTtsN8 TjbvyBAAqSJFsDcTo75hggE1faIttXR3UKOwJ4eSKbkf3G6/JnvotuO5z4bQXDBC XZfkL6kOTl579vmCGgCvBv/SrrPrJ1ibhrw+Dz1MIcjX4Yt9mb6NriWuMTObknca uw6qJakWZTB3tFcp3LlmN80B8lY/67XR8mQaZ4f0yHhGEfqIunEtSgLelmp5lLu2 M/m1iH9zQon3muhQiXiHJeMg1ghJ3xvFKbuEU9prih4NNinxquv0pmAzfbPCCBN6 E4cuEjArzdnwLydeWfCoLrFOZh5rvoMTmmK8gj2/KVlbC5YgJ5/xVlc89B4PaJKL m3oUV2dnLEpubC7uuXSOoejMnfbPcOGM4VYrmuIuxEfZZVNYE/NxvmNCZ+JDzQV7 Z939vOgyqyuojFFt7lgvoCWM2Q3xDRMrE9akK1KyAGmvyRzoczblw8N6dzL8sain gs5LUE/5dCJWQWv4IPz/V/nl50Lh+tYjbdVuZaiXxKYiqiWuCY0Ea+8QIb2UWGrk rC2BUYaoYBEo0vQhzBIi91E2hyQ+2Y6+zP6zTVTEA8PDw2YnfdffzydQ3Z9l4OSN IoTOojXPpMdcCSVzBC5OkvzBuQ6qzkVh3vftxajYazuiSrPJl8KenLJ6jFlpCzA3 p+140rFiElDCUkHacCmfs4zWQ+/ZLcoAppIxvxDEZYWyRJp3qgU= =KAUD -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001 Security Update 2018-001 addresses the following: Crash Reporter Available for: macOS High Sierra 10.13.4 Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved error handling. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes. CVE-2018-8897: Andy Lutomirski, Nick Peterson (linkedin.com/in/everdox) of Everdox Tech LLC Entry added May 8, 2018 LinkPresentation Available for: macOS High Sierra 10.13.4 Impact: Processing a maliciously crafted text message may lead to UI spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897. A list of bugs fixed in this update is available in the Technical Notes book: https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht ml/technical_notes/ 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1357247 - rhvh 4: reboot after install shows "4m[terminated]" and takes long to reboot 1374007 - [RFE] RHV-H does not default to LVM Thin Provisioning 1420068 - [RFE] RHV-H should meet NIST 800-53 partitioning requirements by default 1422676 - [Test Only] Test Ansible playbook for registration 1429485 - [RFE] Imgbased layers should be named with '%{name}-%{version}-%{release}' instead of %{name}-%{version} 1433394 - kdump could fill up /var filesystem while writing to /var/crash 1443965 - Libvirt is disabled on RHVH host 1454536 - HostedEngine setup fails if RHV-H timezone < UTC set during installation 1474268 - RHVH host displays "upgrade available" information on the engine after registering until an update is released 1489567 - Host Software tab does not show exact RHVH version anymore 1501161 - The version displays as "4.1" for subscribed product with RHVH 4.2 1502920 - File missing after upgrade of RHVH node from version RHVH-4.1-20170925.0 to latest. 1503148 - [RFE] translate between basic ntp configurations and chrony configurations 1516123 - tuned-adm timeout while adding the host in manager and the deployment will fail/take time to complete 1534855 - RHVH brand is missing on cockpit login screen. 6.5) - x86_64 3. Bug Fix(es): * The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1554256) 4

Trust: 2.88

sources: NVD: CVE-2018-8897 // CERT/CC: VU#631579 // BID: 104071 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897 // PACKETSTORM: 147550 // PACKETSTORM: 147540 // PACKETSTORM: 147535 // PACKETSTORM: 147545 // PACKETSTORM: 147548 // PACKETSTORM: 147651 // PACKETSTORM: 147533 // PACKETSTORM: 147646 // PACKETSTORM: 147542

AFFECTED PRODUCTS

vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	citrix	model:	xenserver	scope:	eq	version:	7.4	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	gte	version:	11.0	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	6.1	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	6.0.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	17.10	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	7.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.13.4	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	7.0	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	6.5	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7.0	Trust: 1.0
vendor:	xen	model:	xen	scope:	eq	version:	-	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	7.3	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	5.2	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	lt	version:	11.1	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	7.1	Trust: 1.0
vendor:	synology	model:	skynas	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	6.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	6.2.0	Trust: 1.0
vendor:	redhat	model:	enterprise virtualization manager	scope:	eq	version:	3.0	Trust: 1.0
vendor:	citrix	model:	xenserver	scope:	eq	version:	7.2	Trust: 1.0
vendor:	apple	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	check point	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dragonfly bsd	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	freebsd	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	linux kernel	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	vmware	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	xen	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	linux	model:	kernel	scope:	ne	version:	4.14.31	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.62	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.15.8	Trust: 0.3
vendor:	freebsd	model:	11.1-release-p9	scope:	-	version:	-	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.28	Trust: 0.3
vendor:	microsoft	model:	windows server r2	scope:	eq	version:	20120	Trust: 0.3
vendor:	vmware	model:	vcenter server	scope:	eq	version:	6.7	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	6.1	Trust: 0.3
vendor:	freebsd	model:	10.4-release-p8	scope:	-	version:	-	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.7	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	vmware	model:	vsphere integrated containers	scope:	eq	version:	1.1	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.38	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-6.7	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.5	Trust: 0.3
vendor:	freebsd	model:	11.1-release-p4	scope:	-	version:	-	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.12	Trust: 0.3
vendor:	synology	model:	dsm	scope:	eq	version:	6.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.64	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1018030	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.5	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.51	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.10	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	18030	Trust: 0.3
vendor:	linux	model:	kernel 4.10-rc8	scope:	-	version:	-	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	10.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.56	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.38	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.105	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.23	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12.10	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.15	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.9	Trust: 0.3
vendor:	linux	model:	kernel	scope:	ne	version:	4.4.125	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.25	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.24	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16.7	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.11	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems	scope:	eq	version:	8.10	Trust: 0.3
vendor:	microsoft	model:	windows rt	scope:	eq	version:	8.1	Trust: 0.3
vendor:	microsoft	model:	windows server r2 for itanium-based systems sp1	scope:	eq	version:	2008	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12	Trust: 0.3
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	6	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.9	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.7	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.60	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.5	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.13	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12.1	Trust: 0.3
vendor:	freebsd	model:	11.1-release-p7	scope:	-	version:	-	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	7.3.0	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems	scope:	eq	version:	8.10	Trust: 0.3
vendor:	freebsd	model:	11.2-prerelease	scope:	ne	version:	-	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.78	Trust: 0.3
vendor:	freebsd	model:	10.4-release-p6	scope:	-	version:	-	Trust: 0.3
vendor:	vmware	model:	vcenter server	scope:	eq	version:	6.5	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.7	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.24	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.15	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.65	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.8	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.1.47	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.44	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.10	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.2	Trust: 0.3
vendor:	synology	model:	virtual dsm	scope:	eq	version:	0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.82	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux extended update support	scope:	eq	version:	7.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	vmware	model:	vsphere integrated containers	scope:	eq	version:	1.2	Trust: 0.3
vendor:	microsoft	model:	windows server r2 for x64-based systems sp1	scope:	eq	version:	2008	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12.9	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.22	Trust: 0.3
vendor:	vmware	model:	vsphere integrated containers	scope:	eq	version:	1.3.1	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.9	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.11	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.1	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.55	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.72	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.42	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.13	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13	Trust: 0.3
vendor:	redhat	model:	enterprise linux long life 5.9.server	scope:	-	version:	-	Trust: 0.3
vendor:	synology	model:	dsm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	ne	version:	4.9.91	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.27	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11	Trust: 0.3
vendor:	vmware	model:	vsphere integrated containers	scope:	eq	version:	1.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.63-2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.50	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.12	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.6	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	7.3.1	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems	scope:	eq	version:	100	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.8	Trust: 0.3
vendor:	microsoft	model:	windows server for x64-based systems sp2	scope:	eq	version:	2008	Trust: 0.3
vendor:	ubuntu	model:	linux	scope:	eq	version:	17.10	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16.36	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.1.15	Trust: 0.3
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	7	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16.0-28	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.13	Trust: 0.3
vendor:	linux	model:	kernel 4.10-rc1	scope:	-	version:	-	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.15.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	6.6	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	20160	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.6	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.4	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	14.04	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	11.2	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	7.1	Trust: 0.3
vendor:	freebsd	model:	10.4-release-p3	scope:	-	version:	-	Trust: 0.3
vendor:	ubuntu	model:	linux esm	scope:	eq	version:	12.04	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.26	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.11	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems sp1	scope:	eq	version:	7	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.15.11	Trust: 0.3
vendor:	microsoft	model:	windows server for itanium-based systems sp2	scope:	eq	version:	2008	Trust: 0.3
vendor:	apple	model:	macos	scope:	eq	version:	10.13.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	ne	version:	4.15.14	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.3	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	freebsd	model:	10.4-release-p9	scope:	ne	version:	-	Trust: 0.3
vendor:	microsoft	model:	windows for x64-based systems sp1	scope:	eq	version:	7	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.10	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.14	Trust: 0.3
vendor:	linux	model:	kernel 4.12-rc1	scope:	-	version:	-	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.11	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14	Trust: 0.3
vendor:	redhat	model:	mrg realtime for rhel server	scope:	eq	version:	62	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.3	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1016070	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	6.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.1	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.15	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.4	Trust: 0.3
vendor:	vmware	model:	vsphere data protection	scope:	eq	version:	0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.9	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.1.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.15.9	Trust: 0.3
vendor:	microsoft	model:	windows server for 32-bit systems sp2	scope:	eq	version:	2008	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.68	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	7.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.23	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.14.1	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.7	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	20120	Trust: 0.3
vendor:	vmware	model:	vcenter server	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.63	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	6.2.5	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.74	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	6.2.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.14	Trust: 0.3
vendor:	synology	model:	skynas	scope:	eq	version:	0	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	6.2.4.1	Trust: 0.3
vendor:	vmware	model:	vsphere integrated containers	scope:	eq	version:	1.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.6	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.8	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.13.5	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.36	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.54	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1017030	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	16.04	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.1	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1017090	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.9	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.13	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.7	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.15.7	Trust: 0.3
vendor:	apple	model:	macos security update	scope:	ne	version:	2018	Trust: 0.3
vendor:	microsoft	model:	windows server	scope:	eq	version:	17090	Trust: 0.3
vendor:	microsoft	model:	windows for 32-bit systems	scope:	eq	version:	100	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.81	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16.6	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	7.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.8	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.30	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.57	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1016070	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.29	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.53	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.16.2	Trust: 0.3
vendor:	freebsd	model:	freebsd	scope:	eq	version:	11.1	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.16.3	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.1	Trust: 0.3
vendor:	microsoft	model:	windows version for 32-bit systems	scope:	eq	version:	1018030	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.9.71	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.4.2	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	3.2.52	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.10.8	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.12.4	Trust: 0.3
vendor:	freebsd	model:	11.1-release-p10	scope:	ne	version:	-	Trust: 0.3
vendor:	vmware	model:	identity manager	scope:	eq	version:	0	Trust: 0.3
vendor:	vmware	model:	vrealize automation	scope:	eq	version:	7.4	Trust: 0.3
vendor:	linux	model:	kernel	scope:	eq	version:	4.11.1	Trust: 0.3
vendor:	freebsd	model:	10.4-stable	scope:	ne	version:	-	Trust: 0.3
vendor:	redhat	model:	enterprise linux server extended update support	scope:	eq	version:	-7.4	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1017030	Trust: 0.3
vendor:	microsoft	model:	windows version for x64-based systems	scope:	eq	version:	1017090	Trust: 0.3

sources: CERT/CC: VU#631579 // BID: 104071 // NVD: CVE-2018-8897

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-8897
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-8897
value:	MEDIUM
Trust: 0.8
VULHUB:	VHN-138929
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-8897
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-8897
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2018-8897
severity:	MEDIUM
baseScore:	6.8
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-138929
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-8897
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897 // NVD: CVE-2018-8897

PROBLEMTYPE DATA

problemtype:	CWE-362	Trust: 1.1
problemtype:	CWE-264	Trust: 0.1

sources: VULHUB: VHN-138929 // NVD: CVE-2018-8897

THREAT TYPE

local

Trust: 0.3

sources: BID: 104071

TYPE

Design Error

Trust: 0.3

sources: BID: 104071

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897

PATCH

title:	Red Hat: Moderate: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181349 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181346 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181345 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181352 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181351 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181347 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181353 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181350 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-rt security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181354 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181348 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: redhat-virtualization-host bug fix and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181524 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: rhev-hypervisor7 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181711 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181355 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181318 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: linux, linux-lts-trusty vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3641-2	Trust: 0.1
title:	Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-euclid, linux-gcp, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem, linux-raspi2, linux-snapdragon vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3641-1	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181319 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: redhat-virtualization-host security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20181710 - Security Advisory	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2018-8897	Trust: 0.1
title:	Red Hat: CVE-2018-8897	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-8897	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182164 - Security Advisory	Trust: 0.1
title:	Apple: Security Update 2018-001	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=583c1ea8a829ac665aa41a8ff5a75340	Trust: 0.1
title:	Huawei Security Advisories: Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products	url:	https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories&qid=90d333381e15d85941c4280dcd26b848	Trust: 0.1
title:	Brocade Security Advisories: BSA-2018-601	url:	https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=59ba3f49037f65156b69ed10fd1fc42f	Trust: 0.1
title:	Citrix Security Bulletins: Citrix XenServer Multiple Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=0f487c3cd292818d2fb6275798f934ed	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2018-1023	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2018-1023	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2018-1023	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2018-1023	Trust: 0.1
title:	Apple: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=f93fc5c87ddc6e336e7b02ff3308dfe6	Trust: 0.1
title:	Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - April 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=c0bb087d513b6ab7ce4efb0405158613	Trust: 0.1
title:	Oracle Linux Bulletins: Oracle Linux Bulletin - April 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=ae57a14ec914f60b7203332a77613077	Trust: 0.1
title:	Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2018	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=07ab17c2d7ba0de54dd1d1406e963124	Trust: 0.1
title:	IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=f5bb2b180c7c77e5a02747a1f31830d9	Trust: 0.1
title:	IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=55ea315dfb69fce8383762ac64250315	Trust: 0.1
title:	CVE-2018-8897	url:	https://github.com/can1357/CVE-2018-8897	Trust: 0.1
title:	2	url:	https://github.com/zcmgod/2	Trust: 0.1
title:	https-github.com-ExpLife0011-awesome-windows-kernel-security-development	url:	https://github.com/Ondrik8/https-github.com-ExpLife0011-awesome-windows-kernel-security-development	Trust: 0.1
title:	rhel-centos-ec2-vuls	url:	https://github.com/riboseinc/rhel-centos-ec2-vuls	Trust: 0.1
title:	APT-GUID	url:	https://github.com/Al1ex/APT-GUID	Trust: 0.1

sources: VULMON: CVE-2018-8897

EXTERNAL IDS

db:	NVD	id:	CVE-2018-8897	Trust: 2.4
db:	CERT/CC	id:	VU#631579	Trust: 2.2
db:	BID	id:	104071	Trust: 1.4
db:	OPENWALL	id:	OSS-SECURITY/2018/05/08/4	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2018/05/08/1	Trust: 1.1
db:	SECTRACK	id:	1040849	Trust: 1.1
db:	SECTRACK	id:	1040882	Trust: 1.1
db:	SECTRACK	id:	1040744	Trust: 1.1
db:	SECTRACK	id:	1040866	Trust: 1.1
db:	SECTRACK	id:	1040861	Trust: 1.1
db:	EXPLOIT-DB	id:	44697	Trust: 1.1
db:	EXPLOIT-DB	id:	45024	Trust: 1.1
db:	PACKETSTORM	id:	147542	Trust: 0.2
db:	PACKETSTORM	id:	147550	Trust: 0.2
db:	PACKETSTORM	id:	147548	Trust: 0.2
db:	PACKETSTORM	id:	147541	Trust: 0.1
db:	PACKETSTORM	id:	148549	Trust: 0.1
db:	PACKETSTORM	id:	147543	Trust: 0.1
db:	PACKETSTORM	id:	147539	Trust: 0.1
db:	PACKETSTORM	id:	147536	Trust: 0.1
db:	VULHUB	id:	VHN-138929	Trust: 0.1
db:	VULMON	id:	CVE-2018-8897	Trust: 0.1
db:	PACKETSTORM	id:	147540	Trust: 0.1
db:	PACKETSTORM	id:	147535	Trust: 0.1
db:	PACKETSTORM	id:	147545	Trust: 0.1
db:	PACKETSTORM	id:	147651	Trust: 0.1
db:	PACKETSTORM	id:	147533	Trust: 0.1
db:	PACKETSTORM	id:	147646	Trust: 0.1

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // VULMON: CVE-2018-8897 // BID: 104071 // PACKETSTORM: 147550 // PACKETSTORM: 147540 // PACKETSTORM: 147535 // PACKETSTORM: 147545 // PACKETSTORM: 147548 // PACKETSTORM: 147651 // PACKETSTORM: 147533 // PACKETSTORM: 147646 // PACKETSTORM: 147542 // NVD: CVE-2018-8897

REFERENCES

url:	https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8897	Trust: 2.2
url:	https://xenbits.xen.org/xsa/advisory-260.html	Trust: 1.9
url:	https://access.redhat.com/security/vulnerabilities/pop_ss	Trust: 1.5
url:	https://www.kb.cert.org/vuls/id/631579	Trust: 1.4
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1567074	Trust: 1.4
url:	https://www.freebsd.org/security/advisories/freebsd-sa-18:06.debugreg.asc	Trust: 1.4
url:	https://usn.ubuntu.com/3641-1/	Trust: 1.4
url:	https://usn.ubuntu.com/3641-2/	Trust: 1.4
url:	https://access.redhat.com/errata/rhsa-2018:1319	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2018:1347	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2018:1350	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2018:1352	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2018:1353	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2018:1355	Trust: 1.2
url:	https://access.redhat.com/errata/rhsa-2018:1524	Trust: 1.2
url:	https://kb.vmware.com/s/article/54988	Trust: 1.1
url:	http://www.securityfocus.com/bid/104071	Trust: 1.1
url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en	Trust: 1.1
url:	https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0	Trust: 1.1
url:	https://security.netapp.com/advisory/ntap-20180927-0002/	Trust: 1.1
url:	https://support.citrix.com/article/ctx234679	Trust: 1.1
url:	https://www.synology.com/support/security/synology_sa_18_21	Trust: 1.1
url:	https://www.debian.org/security/2018/dsa-4196	Trust: 1.1
url:	https://www.debian.org/security/2018/dsa-4201	Trust: 1.1
url:	https://www.exploit-db.com/exploits/44697/	Trust: 1.1
url:	https://www.exploit-db.com/exploits/45024/	Trust: 1.1
url:	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9	Trust: 1.1
url:	http://openwall.com/lists/oss-security/2018/05/08/1	Trust: 1.1
url:	http://openwall.com/lists/oss-security/2018/05/08/4	Trust: 1.1
url:	https://github.com/can1357/cve-2018-8897/	Trust: 1.1
url:	https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9	Trust: 1.1
url:	https://patchwork.kernel.org/patch/10386677/	Trust: 1.1
url:	https://support.apple.com/ht208742	Trust: 1.1
url:	https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1318	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1345	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1346	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1348	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1349	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1351	Trust: 1.1
url:	https://access.redhat.com/errata/rhsa-2018:1354	Trust: 1.1
url:	http://www.securitytracker.com/id/1040744	Trust: 1.1
url:	http://www.securitytracker.com/id/1040849	Trust: 1.1
url:	http://www.securitytracker.com/id/1040861	Trust: 1.1
url:	http://www.securitytracker.com/id/1040866	Trust: 1.1
url:	http://www.securitytracker.com/id/1040882	Trust: 1.1
url:	https://access.redhat.com/security/cve/cve-2018-8897	Trust: 1.0
url:	https://svnweb.freebsd.org/base?view=revision&revision=333368	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2018-8897	Trust: 0.9
url:	https://everdox.net/popss.pdf	Trust: 0.8
url:	http://cwe.mitre.org/data/definitions/703.html	Trust: 0.8
url:	https://support.apple.com/en-us/ht208742	Trust: 0.8
url:	https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk126534	Trust: 0.8
url:	https://security.freebsd.org/advisories/freebsd-sa-18:06.debugreg.asc	Trust: 0.8
url:	https://usn.ubuntu.com/3641-1/https://usn.ubuntu.com/3641-2/	Trust: 0.8
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.7
url:	https://bugzilla.redhat.com/):	Trust: 0.7
url:	https://access.redhat.com/security/team/key/	Trust: 0.7
url:	https://access.redhat.com/security/team/contact/	Trust: 0.7
url:	https://access.redhat.com/articles/11258	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.5
url:	http://www.microsoft.com	Trust: 0.3
url:	https://support.apple.com/en-ie/ht208742	Trust: 0.3
url:	https://lists.apple.com/archives/security-announce/2018/may/msg00001.html	Trust: 0.3
url:	https://www.synology.com/en-global/support/security/synology_sa_18_21	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1087	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2018-1087	Trust: 0.3
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1000199	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-1000199	Trust: 0.2
url:	https://svnweb.freebsd.org/base?view=revision&revision=333368	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-18017	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13166	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-7645	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-8824	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7645	Trust: 0.1
url:	https://access.redhat.com/articles/3431591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-18017	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-13166	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-1000410	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8824	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-1000410	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-16939	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1068	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-1068	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2017-16939	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10471	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/xen	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10472	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10982	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10981	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4206	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://support.apple.com/downloads/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4187	Trust: 0.1
url:	https://access.redhat.com/articles/2974891	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-1088	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1111	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2/ht	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1088	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-1111	Trust: 0.1

sources: CERT/CC: VU#631579 // VULHUB: VHN-138929 // BID: 104071 // PACKETSTORM: 147550 // PACKETSTORM: 147540 // PACKETSTORM: 147535 // PACKETSTORM: 147545 // PACKETSTORM: 147548 // PACKETSTORM: 147651 // PACKETSTORM: 147533 // PACKETSTORM: 147646 // PACKETSTORM: 147542 // NVD: CVE-2018-8897

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 147550 // PACKETSTORM: 147540 // PACKETSTORM: 147535 // PACKETSTORM: 147545 // PACKETSTORM: 147548 // PACKETSTORM: 147646 // PACKETSTORM: 147542

SOURCES

db:	CERT/CC	id:	VU#631579
db:	VULHUB	id:	VHN-138929
db:	VULMON	id:	CVE-2018-8897
db:	BID	id:	104071
db:	PACKETSTORM	id:	147550
db:	PACKETSTORM	id:	147540
db:	PACKETSTORM	id:	147535
db:	PACKETSTORM	id:	147545
db:	PACKETSTORM	id:	147548
db:	PACKETSTORM	id:	147651
db:	PACKETSTORM	id:	147533
db:	PACKETSTORM	id:	147646
db:	PACKETSTORM	id:	147542
db:	NVD	id:	CVE-2018-8897

LAST UPDATE DATE

2025-01-28T20:22:09.472000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#631579	date:	2019-07-11T00:00:00
db:	VULHUB	id:	VHN-138929	date:	2019-10-03T00:00:00
db:	VULMON	id:	CVE-2018-8897	date:	2019-10-03T00:00:00
db:	BID	id:	104071	date:	2018-05-17T06:00:00
db:	NVD	id:	CVE-2018-8897	date:	2024-11-21T04:14:33.140

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#631579	date:	2018-05-08T00:00:00
db:	VULHUB	id:	VHN-138929	date:	2018-05-08T00:00:00
db:	VULMON	id:	CVE-2018-8897	date:	2018-05-08T00:00:00
db:	BID	id:	104071	date:	2018-05-08T00:00:00
db:	PACKETSTORM	id:	147550	date:	2018-05-08T23:57:37
db:	PACKETSTORM	id:	147540	date:	2018-05-08T23:52:29
db:	PACKETSTORM	id:	147535	date:	2018-05-08T20:33:37
db:	PACKETSTORM	id:	147545	date:	2018-05-08T23:55:04
db:	PACKETSTORM	id:	147548	date:	2018-05-08T23:56:36
db:	PACKETSTORM	id:	147651	date:	2018-05-16T07:54:27
db:	PACKETSTORM	id:	147533	date:	2018-05-08T20:32:15
db:	PACKETSTORM	id:	147646	date:	2018-05-15T22:06:13
db:	PACKETSTORM	id:	147542	date:	2018-05-08T23:54:00
db:	NVD	id:	CVE-2018-8897	date:	2018-05-08T18:29:00.547