RHSA-2018:2390HighCVSS 7.8
Red Hat Security Advisory: kernel security and bug fix update
🔗 CVE IDs covered (9)
📋 Description
CVE-2017-0861 — kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation CVE-2017-15265 — kernel: Use-after-free in snd_seq_ioctl_create_port() CVE-2018-3620 — Kernel: hw: cpu: L1 terminal fault (L1TF) CVE-2018-3646 — Kernel: hw: cpu: L1 terminal fault (L1TF) CVE-2018-3693 — Kernel: speculative bounds check bypass store CVE-2018-5390 — kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack) CVE-2018-7566 — kernel: race condition in snd_seq_write() may lead to UAF or OOB-access CVE-2018-10901 — kernel: kvm: vmx: host GDT limit corruption CVE-2018-1000004 — kernel: Race condition in sound system can lead to denial of service
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2018:2390
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/security/vulnerabilities/L1TF
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1501878
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1535315
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1550142
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1563994
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1581650
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1585005
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1601704
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1601849
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2390.json