漏洞类别:RedHat漏洞等级: 
漏洞信息
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fixes: A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)
kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344)
kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact (CVE-2018-10675)
kernel: Integer overflow in Linux's create_elf_tables function (CVE-2018-14634)
Affected Products:
Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.4 ppc64
Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64
Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.4 ppc64le
Red Hat Enterprise Linux Server - TUS 7.4 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64
漏洞危害
On successful exploitation it could allow an attacker to execute code.
解决方案
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2018:3540 to address this issue and obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论