what you don't know can hurt you

Red Hat Security Advisory 2018-2102-01

Red Hat Security Advisory 2018-2102-01
Posted Jun 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2102-01 - Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service cloud running on commonly available physical hardware. Issues addressed include an information exposure vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-1059
MD5 | df1c263423fb9cb9b37b76efa1224349

Red Hat Security Advisory 2018-2102-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: Red Hat OpenStack Platform 10 Security, Bug Fix, and Enhancement Advisory
Advisory ID: RHSA-2018:2102-01
Product: Red Hat Enterprise Linux OpenStack Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2018:2102
Issue date: 2018-06-27
CVE Names: CVE-2018-1059
=====================================================================

1. Summary:

An update is now available for Red Hat OpenStack Platform 10.0 (Newton) for
RHEL 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

OpenStack 10.0 Tools for RHEL 7 - noarch
Red Hat OpenStack Platform 10.0 - noarch, x86_64

3. Description:

Red Hat OpenStack Platform provides the facilities for building, deploying
and monitoring a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware.

Security Fix(es):

* dpdk: Information exposure in unchecked guest physical to host virtual
address translations (CVE-2018-1059)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

The CVE-2018-1059 issue was discovered by Maxime Coquelin (Red Hat).

4. Solution:

Before applying this update, ensure all previously released errata relevant
to your system have been applied.

Red Hat OpenStack Platform 10 runs on Red Hat Enterprise Linux 7.4.

The Red Hat OpenStack Platform 10 Release Notes contain the following:
* An explanation of the way in which the provided components interact to
form a working cloud computing environment.
* Technology Previews, Recommended Practices, and Known Issues.
* The channels required for Red Hat OpenStack Platform 10, including which
channels need to be enabled and disabled.

The Release Notes are available at:
https://access.redhat.com/documentation/en/red-hat-openstack-platform/10/pa
ged/release-notes

This update is available through 'yum update' on systems registered through
Red Hat Subscription Manager. For more information about Red Hat
Subscription Manager, see:

https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Manageme
nt/1/html/RHSM/index.html

5. Bugs fixed (https://bugzilla.redhat.com/):

1540017 - ovs-vswitchd systemd process timesout in environments with large (200G) hugepages
1540158 - RHOS10.z OVS 1802 update
1540164 - RHOS10.z 1802 Rebase OVS with branch-2.6
1540175 - RHOS10.z 1802 Rebase DPDK with LTS branch
1542107 - Live migration fails on OSPd10 DPDK env because of selinux denied
1544298 - CVE-2018-1059 dpdk: Information exposure in unchecked guest physical to host virtual address translations
1546198 - [RFE] ovs-stats metrics list to add to collectd
1549893 - Issue with pCPUs for PMDs not running 100% in user space, but a relatively high amount of time in kernel space
1550124 - "upcall_cb failure: ukey installation fails" message in OVS DPDK
1550398 - failed to start vhost interface after updating ovs to 2.9 in osp10
1551682 - ovs-vswitchd segfaults after any instance is spawned on numa 1 socket
1553812 - Update openvswitch 2.6 to use stable DPDK 16.11.5
1556662 - vhostuser interface link is down sometimes unexpectedly
1561939 - Backport from master OVS for "LACP: check active partner sys id"
1572510 - OSP10: Support for dpdkvhostuserclient mode
1579905 - Update OSP10 to OVS 2.9 -19 Fast Datapath build 18.04
1583750 - openvswitch-2.9.0-19.el7fdp installs /var/log/openvswitch with permissions 0755 [openstack-10]

6. Package List:

Red Hat OpenStack Platform 10.0:

Source:
openstack-selinux-0.8.14-5.el7ost.src.rpm
openvswitch-2.9.0-19.el7fdp.1.src.rpm

noarch:
openstack-selinux-0.8.14-5.el7ost.noarch.rpm
python-openvswitch-2.9.0-19.el7fdp.1.noarch.rpm

x86_64:
openvswitch-2.9.0-19.el7fdp.1.x86_64.rpm
openvswitch-debuginfo-2.9.0-19.el7fdp.1.x86_64.rpm
openvswitch-devel-2.9.0-19.el7fdp.1.x86_64.rpm
openvswitch-ovn-central-2.9.0-19.el7fdp.1.x86_64.rpm
openvswitch-ovn-common-2.9.0-19.el7fdp.1.x86_64.rpm
openvswitch-ovn-host-2.9.0-19.el7fdp.1.x86_64.rpm
openvswitch-ovn-vtep-2.9.0-19.el7fdp.1.x86_64.rpm

OpenStack 10.0 Tools for RHEL 7:

noarch:
openvswitch-test-2.9.0-19.el7fdp.1.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-1059
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWzQox9zjgjWX9erEAQiYVw//VmfUDHQIZNbxjxrPwaAYKgxziVrU1Uga
dzmg9PCViIoJsSniy+oW7Ge7alBd8qxYfYTjrM8wR5AGoOYVjslU5PiXRAC4jsKx
2px1WEx6vWyLKadnDAlyePpl85MDNBhKHjqiChicjLjw5RhpOc2tPUfAo5dYS/V6
zdsVzraUXqas9ygUi0BF8azkDP0OwzA9W93VfKZ7PFOfYc8fYPCrRK1qel8/JqA1
nyaBiJZ4rQUksP5gVon8aPCmzfogdR7IKvP4ZatfXGcWqyN4jt9k4+Mf8FIaiE0E
NssKJ5z+GwmegQaxaipZRkuXMr8VwA9ID70v6xiqW0hjr1uNUIDodvGxBrVQgJOI
EGpIFLxFYQAB0rZjC3qrwu6yC4LhJQgvxJk+FhTQXamHF34Ha9Op7KCssoO1ujx9
y75kFY5kAeS8inmG0UvrQ3w4K/hBKgKnXOI+++r/B6RCe6vASY54ia8bsURzrOfv
LnRSZEbtTxgKcjt9RWpMJsW0SIdZN2sFG6RJgccZjiu6+lmZQMydSHMYkAm7HqJL
5F6uSsFXEGM/ObdHyBh6hqVlwMHRDzoYvIECBr4vcyar9XPRUx3744rXBIEPtdtZ
ReBvISiZwX3dF2AxK4Z7UGB7svxOIugGwP2mcEoeKF5yFwsZ7X01T/+spyt71Nbd
hyA5W3Nk4JU=
=N2e4
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    21 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    19 Files
  • 24
    Jan 24th
    11 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close