Lucene search

K
oraclelinuxOracleLinuxELSA-2018-4108
HistoryMay 15, 2018 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2018-05-1500:00:00
linux.oracle.com
65

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.8%

[4.1.12-124.15.1]

  • netfilter: nfnetlink_cthelper: Add missing permission checks (Kevin Cernekee) [Orabug: 27260771] {CVE-2017-17448}
  • netlink: Add netns check on taps (Kevin Cernekee) [Orabug: 27260799] {CVE-2017-17449}
  • KVM: Fix stack-out-of-bounds read in write_mmio (Wanpeng Li) [Orabug: 27290606] {CVE-2017-17741} {CVE-2017-17741}
  • xprtrdma: Detect unreachable NFS/RDMA servers more reliably (Chuck Lever) [Orabug: 27587008]
  • sunrpc: Export xprt_force_disconnect() (Chuck Lever) [Orabug: 27587008]
  • sunrpc: Allow xprt->ops->timer method to sleep (Chuck Lever) [Orabug: 27587008]
  • KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit (Haozhong Zhang) [Orabug: 27720128]
  • x86/microcode: probe CPU features on microcode update (Ankur Arora) [Orabug: 27878230]
  • x86/microcode: microcode_write() should not reference boot_cpu_data (Ankur Arora) [Orabug: 27878230]
  • x86/cpufeatures: use cpu_data in init_scattered_cpuid_flags() (Ankur Arora) [Orabug: 27878230]
  • mm/pagewalk.c: report holes in hugetlb ranges (Jann Horn) [Orabug: 27913118] {CVE-2017-16994}
  • KEYS: dont let add_key() update an uninstantiated key (David Howells) [Orabug: 27913330] {CVE-2017-15299}
  • drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (Murray McAllister) [Orabug: 27913367] {CVE-2017-7294}
  • vmscan: Support multiple kswapd threads per node (Buddy Lumpkin) [Orabug: 27913411]
  • tcp: dont use F-RTO on non-recurring timeouts (Yuchung Cheng) [Orabug: 27901860]
  • net/rds: ib: Release correct number of frags (Hakon Bugge) [Orabug: 27924161]
  • crypto: rng - Remove old low-level rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • crypto: drbg - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • crypto: ansi_cprng - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • crypto: krng - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
  • RDS: Heap OOB write in rds_message_alloc_sgs() (Mohamed Ghannam) [Orabug: 27934066] {CVE-2018-5332}
  • net: Fix double free and memory corruption in get_net_ns_by_id() (Eric W. Biederman) [Orabug: 27934789] {CVE-2017-15129}

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

26.8%