logo
DATABASE RESOURCES PRICING ABOUT US

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4210)

Description

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4210 advisory. - An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges. (CVE-2018-14678) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related