Lucene search

K
redhatRedHatRHSA-2018:0470
HistoryMar 12, 2018 - 1:28 p.m.

(RHSA-2018:0470) Moderate: Red Hat Enterprise MRG Realtime 2.5 security and enhancement update

2018-03-1213:28:14
access.redhat.com
133

0.001 Low

EPSS

Percentile

27.8%

Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers.

Security Fix(es):

  • kernel: rds_message_alloc_sgs() function doesn’t validate value used during DMA page allocation causes heap out-of-bounds write (CVE-2018-5332, Moderate)

  • kernel: Null pointer dereference in rds_atomic_free_op() allows denial-of-service (CVE-2018-5333, Moderate)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Enhancement(s):

  • The kernel-rt packages have been upgraded to version 3.10.0-693.21.1, which provides a number of security and bug fixes over the previous version. (BZ#1537669)

All Red Hat Enterprise MRG Realtime users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement.