ID

VAR-201809-1153

CVE

CVE-2018-5391

TITLE

Linux kernel IP fragment re-assembly vulnerable to denial of service

DESCRIPTION

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. An input validation error vulnerability exists in the Linux kernel version 3.9+. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. (BZ#1632422) 4. This is mitigated by reducing the default limits on memory usage for incomplete fragmented packets. The same mitigation can be achieved without the need to reboot, by setting the sysctls: net.ipv4.ipfrag_high_thresh = 262144 net.ipv6.ip6frag_high_thresh = 262144 net.ipv4.ipfrag_low_thresh = 196608 net.ipv6.ip6frag_low_thresh = 196608 The default values may still be increased by local configuration if necessary. For the stable distribution (stretch), this problem has been fixed in version 4.9.110-3+deb9u2. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAltzSylfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RaQQ//ZmbZqbqzS25ZDtEN7fJbInoznmfFiXHYCS9/GNEID3ODvPEn34omQ+Tj HJHroMWFsXROIaViHvJ2mZB3dpgv+ge1huvqXFTh+VrnQxvmdzzNy0UiDUH3B7jU BnbI7IS5x2dBC4cY+5vJ1fn0mWnvh/Bg9D+HEce3mmz9f/bTmXXiwPosyCM0KnzC R8aq73EU61A+IYJd+otICU6jZk+4IdgZRhW6q8F5OgHrnBryr0Xem8hSeL4Nkv3y aLX2Ca20eAgfeGo/SAHmG+FfJLR6dG8frz1k8HsKWNW16O8AC6lDbRC1+teK1e43 6GoIjfU9fBy3Cc35I1JQ85cfzfDLaETQ6IQ23o9SUP6qh8QKtUYDIU2sEDAThmrA IeoJsscGUvRMOx/XzuW8xN6rgbU+uNp8NIYXonZjy+U28dGp11obq3ka02railwj VEhm3YPIddeySofS0tZuBJ1XKL1/a5voLQ9GEBk+wq10DPdfYvSmIXxVR/FOfYy5 mLLTdtHINomfeihEI9AOWqq7w5bVIIidWB2a5FJiBZKWW1OdiNRHlD4hNMCR5xRv vK2PPXYcCxBuO4mdcnYydDcmrDvD22b6AhN1sm8FqUkWSXQbRoHNan95A8KbgZw0 Rk68oRCEFKcScB67ZhK2hUue7hZhkz52MlbS7pJgBPSuKrVsZtw= =WPm5 -----END PGP SIGNATURE----- . 7) - ppc64le 3. (CVE-2018-5391) * kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344) * kernel: Integer overflow in udl_fb_mmap() can allow attackers to execute code in kernel space (CVE-2018-8781) * kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902) * kernel: Missing check in inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405) * kernel: AIO write triggers integer overflow in some protocols (CVE-2015-8830) * kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861) * kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661) * kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial of service (CVE-2017-17805) * kernel: Inifinite loop vulnerability in madvise_willneed() function allows local denial of service (CVE-2017-18208) * kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service (CVE-2018-1120) * kernel: a null pointer dereference in dccp_write_xmit() leads to a system crash (CVE-2018-1130) * kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial of service (CVE-2018-5344) * kernel: Missing length check of payload in _sctp_make_chunk() function allows denial of service (CVE-2018-5803) * kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption (CVE-2018-5848) * kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image (CVE-2018-10878) * kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet (CVE-2018-1000026) * kernel: Information leak when handling NM entries containing NUL (CVE-2016-4913) * kernel: Mishandling mutex within libsas allowing local Denial of Service (CVE-2017-18232) * kernel: NULL pointer dereference in ext4_process_freed_data() when mounting crafted ext4 image (CVE-2018-1092) * kernel: NULL pointer dereference in ext4_xattr_inode_hash() causes crash with crafted ext4 image (CVE-2018-1094) * kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2018-1118) * kernel: Denial of service in resv_map_release function in mm/hugetlb.c (CVE-2018-7740) * kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c (CVE-2018-7757) * kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service (CVE-2018-10322) * kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file (CVE-2018-10879) * kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image (CVE-2018-10881) * kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function (CVE-2018-10883) * kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c (CVE-2018-10940) Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391; Trend Micro Zero Day Initiative for reporting CVE-2018-10902; Qualys Research Labs for reporting CVE-2018-1120; Evgenii Shatokhin (Virtuozzo Team) for reporting CVE-2018-1130; and Wen Xu for reporting CVE-2018-1092 and CVE-2018-1094. Bugs fixed (https://bugzilla.redhat.com/): 1314275 - CVE-2015-8830 kernel: AIO write triggers integer overflow in some protocols 1322930 - [RFE] Allow xfs to modify labels on mounted filesystem 1337528 - CVE-2016-4913 kernel: Information leak when handling NM entries containing NUL 1481136 - CVE-2017-10661 kernel: Handling of might_cancel queueing is not properly pretected against race 1488484 - GRE: IFLA_MTU ignored on NEWLINK 1504058 - kernel panic with nfsd while removing locks on file close 1507027 - [ESXi][RHEL7.6]x86/vmware: Add paravirt sched clock 1528312 - CVE-2017-17805 kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service 1533909 - CVE-2018-5344 kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service 1541846 - CVE-2018-1000026 kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet 1542494 - VMs with NVMe devices passed through sometimes fail to be launched 1551051 - CVE-2018-5803 kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service 1551565 - CVE-2017-18208 kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service 1552867 - CVE-2018-7740 kernel: Denial of service in resv_map_release function in mm/hugetlb.c 1553361 - CVE-2018-7757 kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c 1557434 - bio too big device md0 (1024 > 256) 1557599 - [RFE] Rebase ipset (kernel) to latest upstream 1558066 - CVE-2017-18232 kernel: Mishandling mutex within libsas allowing local Denial of Service 1558328 - Kernel data path test with OVS 2.9 + DPDK 17.11 fails with low throughput 1560777 - CVE-2018-1092 kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image 1560788 - CVE-2018-1094 kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image 1561162 - [RHEL7.5] Extreme performance impact caused by raid resync 1563697 - Triming on full pool can trigger 'dm_pool_alloc_data_block' failed: error = -28 1563994 - CVE-2017-0861 kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation 1564186 - XFS may block endlessly in xlog_wait() on IO error 1568167 - crypto aesni-intel aes(gcm) is broken for IPsec 1571062 - CVE-2018-8781 kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space 1571623 - CVE-2018-10322 kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service 1572983 - conntrack doesn't track packets in specific network namespace if those packets were processed by CT --notrack target in other network namespace 1573699 - CVE-2018-1118 kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg() 1575472 - CVE-2018-1120 kernel: fuse-backed file mmap-ed onto process cmdline arguments causes denial of service 1576419 - CVE-2018-1130 kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash 1577408 - CVE-2018-10940 kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c 1584775 - VMs hung after migration 1590720 - CVE-2018-10902 kernel: MIDI driver race condition leads to a double-free 1590799 - CVE-2018-5848 kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption 1592654 - [NVMe Device Assignment] Guest reboot failed from the NVMe assigned which os installed on 1596802 - CVE-2018-10878 kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image 1596806 - CVE-2018-10879 kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file 1596828 - CVE-2018-10881 kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image 1596846 - CVE-2018-10883 kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function 1599161 - CVE-2018-13405 kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members 1609664 - CVE-2018-5391 kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) 1609717 - [unwinder] CPU spins indefinitely in __save_stack_trace() call chain 1610958 - CVE-2017-18344 kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c 6. Bug Fix(es): These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3635371 4. PowerEdge 1950 1624498 - CVE-2018-14634 kernel: Integer overflow in Linux's create_elf_tables function 6. ========================================================================== Ubuntu Security Notice USN-3742-3 August 21, 2018 linux-lts-trusty regressions ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: USN-3742-2 introduced regressions in the Linux Hardware Enablement (HWE) kernel for Ubuntu 12.04 ESM. Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM Details: USN-3742-2 introduced mitigations in the Linux Hardware Enablement (HWE) kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault (L1TF) vulnerabilities (CVE-2018-3620, CVE-2018-3646). Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. We apologize for the inconvenience. Original advisory details: It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646) It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). (CVE-2018-3620) Andrey Konovalov discovered an out-of-bounds read in the POSIX timers subsystem in the Linux kernel. (CVE-2018-5391) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: linux-image-3.13.0-156-generic 3.13.0-156.206~precise1 linux-image-3.13.0-156-generic-lpae 3.13.0-156.206~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.156.146 linux-image-generic-lts-trusty 3.13.0.156.146 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 6.5) - x86_64 3. Bug Fix(es): * Previously, invalid headers in the sk_buff struct led to an indefinite loop in the tcp_collapse() function. (BZ#1629632) 4. 6.6) - noarch, x86_64 3. Bug Fix(es): * After updating the system to prevent the L1 Terminal Fault (L1TF) vulnerability, only one thread was detected on systems that offer processing of two threads on a single processor core. With this update, the "__max_smt_threads()" function has been fixed. (BZ#1625334) * Previously, a kernel panic occurred when the kernel tried to make an out of bound access to the array that describes the L1 Terminal Fault (L1TF) mitigation state on systems without Extended Page Tables (EPT) support. This update extends the array of mitigation states to cover all the states, which effectively prevents out of bound array access. Also, this update enables rejecting invalid, irrelevant values, that might be erroneously provided by the userspace. (BZ#1629633) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2785-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2785 Issue date: 2018-09-25 CVE Names: CVE-2018-5390 CVE-2018-5391 CVE-2018-10675 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.3) - ppc64, ppc64le, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390) * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. (CVE-2018-5391) * kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact (CVE-2018-10675) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5390 and CVE-2018-5391. Bug Fix(es): * On systems running Red Hat Enterprise Linux 7 with Red Hat OpenShift Container Platform 3.5, a node sometimes got into "NodeNotReady" state after a CPU softlockup. Consequently, the node was not available. This update fixes an irq latency source in memory compaction. As a result, nodes no longer get into "NodeNotReady" state under the described circumstances. (BZ#1596281) * Previously, the kernel source code was missing support to report the Speculative Store Bypass Disable (SSBD) vulnerability status on IBM Power Systems and the little-endian variants of IBM Power Systems. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file incorrectly reported "Not affected" on both CPU architectures. This fix updates the kernel source code to properly report the SSBD status either as "Vulnerable" or "Mitigation: Kernel entry/exit barrier (TYPE)" where TYPE is one of "eieio", "hwsync", "fallback", or "unknown". (BZ#1612351) * The hypervisors of Red Hat Enterprise Linux 7 virtual machines (VMs) in certain circumstances mishandled the microcode update in the kernel. As a consequence, the VMs sometimes became unresponsive when booting. This update applies an upstream patch to avoid early microcode update when running under a hypervisor. As a result, kernel hangs no longer occur in the described scenario. (BZ#1618388) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1575065 - CVE-2018-10675 kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact 1601704 - CVE-2018-5390 kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack) 1609664 - CVE-2018-5391 kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.3): Source: kernel-3.10.0-514.58.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.58.1.el7.noarch.rpm kernel-doc-3.10.0-514.58.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.58.1.el7.x86_64.rpm kernel-debug-3.10.0-514.58.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.58.1.el7.x86_64.rpm kernel-devel-3.10.0-514.58.1.el7.x86_64.rpm kernel-headers-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.58.1.el7.x86_64.rpm perf-3.10.0-514.58.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm python-perf-3.10.0-514.58.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3): x86_64: kernel-debug-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.58.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.3): Source: kernel-3.10.0-514.58.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.58.1.el7.noarch.rpm kernel-doc-3.10.0-514.58.1.el7.noarch.rpm ppc64: kernel-3.10.0-514.58.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-514.58.1.el7.ppc64.rpm kernel-debug-3.10.0-514.58.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-514.58.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.58.1.el7.ppc64.rpm kernel-devel-3.10.0-514.58.1.el7.ppc64.rpm kernel-headers-3.10.0-514.58.1.el7.ppc64.rpm kernel-tools-3.10.0-514.58.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-514.58.1.el7.ppc64.rpm perf-3.10.0-514.58.1.el7.ppc64.rpm perf-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm python-perf-3.10.0-514.58.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-514.58.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debug-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.58.1.el7.ppc64le.rpm kernel-devel-3.10.0-514.58.1.el7.ppc64le.rpm kernel-headers-3.10.0-514.58.1.el7.ppc64le.rpm kernel-tools-3.10.0-514.58.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.58.1.el7.ppc64le.rpm perf-3.10.0-514.58.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm python-perf-3.10.0-514.58.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm s390x: kernel-3.10.0-514.58.1.el7.s390x.rpm kernel-debug-3.10.0-514.58.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-514.58.1.el7.s390x.rpm kernel-debug-devel-3.10.0-514.58.1.el7.s390x.rpm kernel-debuginfo-3.10.0-514.58.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-514.58.1.el7.s390x.rpm kernel-devel-3.10.0-514.58.1.el7.s390x.rpm kernel-headers-3.10.0-514.58.1.el7.s390x.rpm kernel-kdump-3.10.0-514.58.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-514.58.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-514.58.1.el7.s390x.rpm perf-3.10.0-514.58.1.el7.s390x.rpm perf-debuginfo-3.10.0-514.58.1.el7.s390x.rpm python-perf-3.10.0-514.58.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.s390x.rpm x86_64: kernel-3.10.0-514.58.1.el7.x86_64.rpm kernel-debug-3.10.0-514.58.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.58.1.el7.x86_64.rpm kernel-devel-3.10.0-514.58.1.el7.x86_64.rpm kernel-headers-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.58.1.el7.x86_64.rpm perf-3.10.0-514.58.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm python-perf-3.10.0-514.58.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.3): ppc64: kernel-debug-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.58.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-514.58.1.el7.ppc64.rpm perf-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.58.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.58.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.58.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.58.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-5390 https://access.redhat.com/security/cve/CVE-2018-5391 https://access.redhat.com/security/cve/CVE-2018-10675 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW6qe7NzjgjWX9erEAQjNbQ/+IKrFgUV0KKr007GhsyzJeLCUqTrNBcio bsIWQDFE/sV/deohMIBHybvxBeiZkUe8D+d/IcNS/0a1+jSNWytdahR8AO5PdjF1 QxXXnteY7glupPg7oBJzNVtrfWmvo6M7jH2U+EQ0w5agSIBQ+WFChXH5hMwXxx8f nW7hs3ToSWJyrAo6VRQ9IX3goBskn6qIcbTsp4lMNhGa1gQPOFvoT0DyK7V32TWT KmNAK13XYd8nP402PUUyN72HksPwW5fJNG5bQIYUp07WGOgiKt0X8vAgzaSX9srd LBxMG+TP8IJjrNe3RUC/kD3BJ+n7BYp0hnYr1y2k09qHDrDP7K0qP63fRBPQ+xPs 3gQmmz9AICgF+xA95onoREUJp6rqydFb92OsebwRb2aZ4ho084M7GTsKe7cZn4zL oUXFafA7Tjir+K0oyOLsAF/ieIvzHt35IJKFECXZuAuomgsTTh92DLnMurszyNmi IzIZbenNNhPV6qGLD1gANzvaaRKZNhJVh1DAZgWaMqOf/xZYE2n1mO8XAj5/m97T Sz4RCOUVFMTgcFAQFWv29uLtV0c8gd6X9QNiYeDGqoADskwGpSdBKuNlnHFaOv86 gWhCLv9cY+N8IbrjtSSugY6zzBStigEQ+2BSrqh7YvVjkRhpIqHql0yJzCknPtIh un3AsdlsrV4=O9gE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

input validation error

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2025-04-24T23:42:59.258000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE