Red Hat Security Advisory 2018-2152-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include a code execution vulnerability.
4462bd4c5cc7ef6e4636b5c13e7b285c3098bdf9d273aca4077d54a8ce4172b0Red Hat Security Advisory 2018-2151-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include a code execution vulnerability.
83bc063546a55e950d576b402fd5c3b88770ceec95ff8daf3204bdffcd0be456Red Hat Security Advisory 2018-1523-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897. Issues addressed include code execution and denial of service vulnerabilities.
86682245728d0509a02389329bcf0edddbdae534665e7f8d77e1c15e22b7d90bOn May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux kernel version 4.4.0-124.148. These CVEs are both related to the way that the linux kernel handles certain interrupt and exception instructions. If an interrupt or exception instruction (INT3, SYSCALL, etc.) is immediately preceded by a MOV SS or POP SS instruction, the resulting interrupt will be incorrectly handled, possibly crashing the operating system. The issue can be triggered by an unprivileged user. The fix for this problem requires modification of the interrupt descriptor tables (IDT), and modification of the interrupt handlers. Livepatch is unable to safely modify these areas, so upgrading to a corrected kernel and rebooting is required to fix the problem.
0ed9608f57e15a5b058be5eb06c92f72ea884cf0e997d30b7285a27811e380abDebian Linux Security Advisory 4196-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.
93cc48d260bc7594d1b33464cbeae85c8108f7abd086bf698c5a407b0654ccb2Ubuntu Security Notice 3641-2 - USN-3641-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.10. This update provides the corresponding updates for Ubuntu 12.04 ESM. Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service. This issue only affected the amd64 architecture. Various other issues were also addressed.
8b62cd3908a2ea60933e4f5060c4a7cffa0119feb5c2296cf0f5d7231274b888Ubuntu Security Notice 3641-1 - Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service. This issue only affected the amd64 architecture. Andy Lutomirski discovered that the KVM subsystem of the Linux kernel did not properly emulate the ICEBP instruction following a MOV/POP to SS instruction. A local attacker in a KVM virtual machine could use this to cause a denial of service or possibly escalate privileges inside of the virtual machine. This issue only affected the i386 and amd64 architectures. Various other issues were also addressed.
54c635a827000ad1e9720e3b153dc5b8af85ba11bc41d5f1f952f2e981d32393Red Hat Security Advisory 2018-1355-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service and use-after-free vulnerabilities.
4447e6e273f5b0f0d5eb8a44bada9595ed1bf052db276cd1a4d04938e84a19fcRed Hat Security Advisory 2018-1348-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
77e14f8e97722364a934d0e7a3d7fefdf5f0cbf6c8b69da99369eb567ee670adRed Hat Security Advisory 2018-1347-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
64f3efd7e77588737cd63b6560896e2387734dbeceeab16e9ea654dd6a99b86eRed Hat Security Advisory 2018-1345-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
ec6a1a88ee637d3c9343ff659da54d46ac857b9268235cba505aa87bfc6a8343Red Hat Security Advisory 2018-1318-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
cbd3c6c3e9147b3d4a53a27345de22613a5693b4808c489836579c84720b9def
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed