Oval Definition:oval:com.redhat.rhsa:def:20183822
Revision Date:2018-12-13Version:640
Title:RHSA-2018:3822: kernel security and bug fix update (Important)
Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)

  • kernel: Use-after-free in sys_mq_notify() (CVE-2017-11176)

  • kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)

    For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

    Red Hat would like to thank Mohamed Ghannam for reporting CVE-2017-8824.

    Bug Fix(es):

  • Previously, on certain Intel 64 systems, the microcode contained a new model-specific register (MSR) that was not present in the older microcode running on CPUs that had not been updated yet. As a consequence, the system crashed due to a general protection fault on a CPU running the older microcode. This update fixes the bug by having the kernel use MSR access routines that handle the general protection fault. As a result, the system no longer crashes in the described scenario. (BZ#1651481)
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-11176
    CVE-2017-15265
    CVE-2017-8824
    RHSA-2018:3822
    RHSA-2018:3822-01
    Platform(s):Red Hat Enterprise Linux 5 Extended Lifecycle Support
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • kernel earlier than 0:2.6.18-436.el5 is currently running
  • OR kernel earlier than 0:2.6.18-436.el5 is set to boot up on next boot
  • AND
  • kernel is earlier than 0:2.6.18-436.el5
  • AND kernel is signed with Red Hat redhatrelease2 key
  • kernel-PAE is earlier than 0:2.6.18-436.el5
  • AND kernel-PAE is signed with Red Hat redhatrelease2 key
  • kernel-PAE-devel is earlier than 0:2.6.18-436.el5
  • AND kernel-PAE-devel is signed with Red Hat redhatrelease2 key
  • kernel-debug is earlier than 0:2.6.18-436.el5
  • AND kernel-debug is signed with Red Hat redhatrelease2 key
  • kernel-debug-devel is earlier than 0:2.6.18-436.el5
  • AND kernel-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-devel is earlier than 0:2.6.18-436.el5
  • AND kernel-devel is signed with Red Hat redhatrelease2 key
  • kernel-doc is earlier than 0:2.6.18-436.el5
  • AND kernel-doc is signed with Red Hat redhatrelease2 key
  • kernel-headers is earlier than 0:2.6.18-436.el5
  • AND kernel-headers is signed with Red Hat redhatrelease2 key
  • kernel-kdump is earlier than 0:2.6.18-436.el5
  • AND kernel-kdump is signed with Red Hat redhatrelease2 key
  • kernel-kdump-devel is earlier than 0:2.6.18-436.el5
  • AND kernel-kdump-devel is signed with Red Hat redhatrelease2 key
  • kernel-xen is earlier than 0:2.6.18-436.el5
  • AND kernel-xen is signed with Red Hat redhatrelease2 key
  • kernel-xen-devel is earlier than 0:2.6.18-436.el5
  • AND kernel-xen-devel is signed with Red Hat redhatrelease2 key
    • BACK