Red Hat Security Advisory 2018-1355-01

Red Hat Security Advisory 2018-1355-01: Posted May 8, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1355-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service and use-after-free vulnerabilities.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2017-16939, CVE-2018-1000199, CVE-2018-1068, CVE-2018-1087, CVE-2018-8897; SHA-256 | 4447e6e273f5b0f0d5eb8a44bada9595ed1bf052db276cd1a4d04938e84a19fc; Download | Favorite | View

Red Hat Security Advisory 2018-1355-01

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update
Advisory ID:       RHSA-2018:1355-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1355
Issue date:        2018-05-08
CVE Names:         CVE-2017-16939 CVE-2018-1068 CVE-2018-1087 
                   CVE-2018-8897 CVE-2018-1000199 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* Kernel: KVM: error in exception handling leads to wrong debug stack value
(CVE-2018-1087)

* Kernel: error in exception handling leads to DoS (CVE-2018-8897)

* Kernel: ipsec: xfrm: use-after-free leading to potential privilege
escalation (CVE-2017-16939)

* kernel: Out-of-bounds write via userland offsets in ebt_entry struct in
netfilter/ebtables.c (CVE-2018-1068)

* kernel: ptrace() incorrect error handling leads to corruption and DoS
(CVE-2018-1000199)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Andy Lutomirski for reporting CVE-2018-1087 and
CVE-2018-1000199 and Nick Peterson (Everdox Tech LLC) and Andy Lutomirski
for reporting CVE-2018-8897.

Bug Fix(es):

* The kernel-rt packages have been upgraded to the 3.10.0-862.2.3 source
tree, which provides a number of bug fixes over the previous version.
(BZ#1549768)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1517220 - CVE-2017-16939 Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation
1549768 - kernel-rt: update to the RHEL7.5.z batch#1 source tree
1552048 - CVE-2018-1068 kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c
1566837 - CVE-2018-1087 Kernel: KVM: error in exception handling leads to wrong debug stack value
1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS
1568477 - CVE-2018-1000199 kernel: ptrace() incorrect error handling leads to corruption and DoS

6. Package List:

Red Hat Enterprise Linux for Real Time for NFV (v. 7):

Source:
kernel-rt-3.10.0-862.2.3.rt56.806.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-862.2.3.rt56.806.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-devel-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm

Red Hat Enterprise Linux Realtime (v. 7):

Source:
kernel-rt-3.10.0-862.2.3.rt56.806.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-862.2.3.rt56.806.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-devel-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-862.2.3.rt56.806.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-16939
https://access.redhat.com/security/cve/CVE-2018-1068
https://access.redhat.com/security/cve/CVE-2018-1087
https://access.redhat.com/security/cve/CVE-2018-8897
https://access.redhat.com/security/cve/CVE-2018-1000199
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/pop_ss

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFa8iPFXlSAg2UNWIIRAimcAJ9PyhLNkFZaSyrDi2gHNnGgpwAs8gCfUqkW
HAZMOG7hwIVzN1vkw37Q1X4=
=0Sxa
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Red Hat Security Advisory 2018-1355-01

Red Hat Security Advisory 2018-1355-01

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2018-1355-01

Share This

Red Hat Security Advisory 2018-1355-01

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems