Important kernel security update: CVE-2018-3620 and other issues; new kernel 2.6.32-042stab133.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

🗓️ 20 Aug 2018 00:00:00Reported by VirtuozzoType

Important kernel security update for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0, kernel 2.6.32-042stab133.1; includes CVE-2018-3620, L1TF, SegmentSmack, and other issue

Reporter	Title	Published	Views	Family All 1594
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities	25 Jul 201814:35	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Kernel affect Power Hardware Management Console	22 Sep 202123:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018	28 Jan 201917:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private Cloud Foundry (CVE-2018-3646, CVE-2018-3615, CVE-2018-3620)	19 Nov 201815:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect is affected by Foreshadow Spectre Variant vulnerability (CVE-2018-3646 CVE-2018-3615 CVE-2018-3620)	26 Oct 201820:30	–	ibm
IBM Security Bulletins	Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801q	10 Oct 201821:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance	9 Jan 201922:10	–	ibm
IBM Security Bulletins	Security Bulletin: This Power System update is being released to address CVE-2018-5390	7 Dec 202119:14	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM	17 May 201916:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM API Connect is affected by multiple third-party vulnerabilities (Node.js, nghttp2, Linux, Intel CPU, Android)	31 Oct 201820:10	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Virtuozzo Containers for Linux	4.7	x86_64	vzkernel	2.6.32-042stab133.1	vzkernel-2.6.32-042stab133.1.x86_64.rpm
Virtuozzo Containers for Linux	4.7	x86_64	vzkernel-devel	2.6.32-042stab133.1	vzkernel-devel-2.6.32-042stab133.1.x86_64.rpm
Virtuozzo Containers for Linux	4.7	noarch	vzkernel-firmware	2.6.32-042stab133.1	vzkernel-firmware-2.6.32-042stab133.1.noarch.rpm
Virtuozzo Containers for Linux	4.7	x86_64	vzmodules	2.6.32-042stab133.1	vzmodules-2.6.32-042stab133.1.x86_64.rpm
Virtuozzo Containers for Linux	4.7	x86_64	vzmodules-devel	2.6.32-042stab133.1	vzmodules-devel-2.6.32-042stab133.1.x86_64.rpm
Server Bare Metal	5.0	x86_64	vzkernel	2.6.32-042stab133.1	vzkernel-2.6.32-042stab133.1.x86_64.rpm
Server Bare Metal	5.0	x86_64	vzkernel-devel	2.6.32-042stab133.1	vzkernel-devel-2.6.32-042stab133.1.x86_64.rpm
Server Bare Metal	5.0	noarch	vzkernel-firmware	2.6.32-042stab133.1	vzkernel-firmware-2.6.32-042stab133.1.noarch.rpm
Server Bare Metal	5.0	x86_64	vzmodules	2.6.32-042stab133.1	vzmodules-2.6.32-042stab133.1.x86_64.rpm
Server Bare Metal	5.0	x86_64	vzmodules-devel	2.6.32-042stab133.1	vzmodules-devel-2.6.32-042stab133.1.x86_64.rpm

Source	Link
access	www.access.redhat.com/errata/RHSA-2018:2390
access	www.access.redhat.com/security/cve/CVE-2017-0861
access	www.access.redhat.com/security/cve/CVE-2018-3620
access	www.access.redhat.com/security/cve/CVE-2018-3646
access	www.access.redhat.com/security/cve/CVE-2018-3693
access	www.access.redhat.com/security/cve/CVE-2018-5390
access	www.access.redhat.com/security/cve/CVE-2018-7566
access	www.access.redhat.com/security/cve/CVE-2018-10901
access	www.access.redhat.com/security/cve/CVE-2018-1000004
access	www.access.redhat.com/security/vulnerabilities/L1TF

20 Aug 2018 00:00Current

1.5Low risk

Vulners AI Score1.5

CVSS 27.8

CVSS 37.8

CVSS 3.15.6 - 7.8

EPSS0.1116

SSVC