(RHSA-2018:1319) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• hw: cpu: speculative execution permission faults handling (CVE-2017-5754, x86 32-bit)

• Kernel: error in exception handling leads to DoS (CVE-2018-8897)

• kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645)

• kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824)

• kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166)

• kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017)

• kernel: Stack information leak in the EFS element (CVE-2017-1000410)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Google Project Zero for reporting CVE-2017-5754; Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897; Mohamed Ghannam for reporting CVE-2017-8824; and Armis Labs for reporting CVE-2017-1000410.

Bug Fix(es):

These updated kernel packages include also numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. See the bug fix descriptions in the related Knowledge Article: https://access.redhat.com/articles/3431591