Page tree
Skip to end of metadata
Go to start of metadata

Lumeta continually corrects for Common Vulnerabilities & Exposures (CVEs) in our software products. Following is the finalized list of CVEs mitigated in preparation for the release of Lumeta 3.3.2.  

DeliverableName
upgradespectre_update-3.3.2.0.12332-20180927.tgz


CVEs and the new package and RPM that resolves each from 3.3.1 to 3.3.2.

CVE

New RPM

PKG

DESCRIPTION

CVE-2018-12020

gnupg2-2.0.14-9.el6_10.x86_64

gnupg2

mainproc.c in GnuPG before 2.2.8 mishandles the original filenameduring decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.

CVE-2017-9788

httpd24-httpd-2.4.27-8.el6.1.x86_64

httpd24-httpd

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

CVE-2017-9788

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

httpd24-httpd-tools

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

CVE-2017-9788

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

httpd24-mod_ssl

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

CVE-2017-12613

httpd24-apr-1.5.1-1.el6.1.x86_64

httpd24-apr

When apr_time_exp*() or apr_os_exp_time*() functions are invoked withan invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

CVE-2017-9798

httpd24-httpd-2.4.27-8.el6.1.x86_64

httpd24-httpd

Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-9798

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

httpd24-httpd-tools

Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-9798

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

httpd24-mod_ssl

Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-9789

httpd24-httpd-2.4.27-8.el6.1.x86_64

httpd24-httpd

When under stress, closing many connections, the HTTP/2 handling codein Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

CVE-2017-9789

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

httpd24-httpd-tools

When under stress, closing many connections, the HTTP/2 handling codein Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

CVE-2017-9789

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

httpd24-mod_ssl

When under stress, closing many connections, the HTTP/2 handling codein Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

CVE-2018-1000156

patch-2.6-8.el6_9.x86_64

patch

GNU Patch version 2.7.6 contains an input validation vulnerabilitywhen processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVE-2017-7308

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-7308

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-7308

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-7308

perf-2.6.32-754.3.5.el6.x86_64

perf

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-1000410

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-1000410

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-1000410

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-1000410

perf-2.6.32-754.3.5.el6.x86_64

perf

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-9077

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077

perf-2.6.32-754.3.5.el6.x86_64

perf

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2018-10872

kernel-2.6.32-754.3.5.el6.x86_64

kernel

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2018-10872

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2018-10872

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2018-10872

perf-2.6.32-754.3.5.el6.x86_64

perf

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2017-7616

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2017-7616

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2017-7616

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2017-7616

perf-2.6.32-754.3.5.el6.x86_64

perf

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2018-3665

kernel-2.6.32-754.3.5.el6.x86_64

kernel

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2018-3665

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2018-3665

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2018-3665

perf-2.6.32-754.3.5.el6.x86_64

perf

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2017-8890

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2017-8890

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2017-8890

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2017-8890

perf-2.6.32-754.3.5.el6.x86_64

perf

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2018-7566

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-7566

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-7566

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-7566

perf-2.6.32-754.3.5.el6.x86_64

perf

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-1000004

kernel-2.6.32-754.3.5.el6.x86_64

kernel

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2018-1000004

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2018-1000004

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2018-1000004

perf-2.6.32-754.3.5.el6.x86_64

perf

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2017-6001

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-6001

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-6001

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-6001

perf-2.6.32-754.3.5.el6.x86_64

perf

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-12190

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-12190

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-12190

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-12190

perf-2.6.32-754.3.5.el6.x86_64

perf

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-13166

kernel-2.6.32-754.3.5.el6.x86_64

kernel

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2017-13166

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2017-13166

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2017-13166

perf-2.6.32-754.3.5.el6.x86_64

perf

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2018-10301

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2018-10301

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2018-10301

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2018-10301

perf-2.6.32-754.3.5.el6.x86_64

perf

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2017-2671

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-2671

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-2671

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-2671

perf-2.6.32-754.3.5.el6.x86_64

perf

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-15265

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2017-15265

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2017-15265

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2017-15265

perf-2.6.32-754.3.5.el6.x86_64

perf

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2018-3620

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2018-3620

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2018-3620

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2018-3620

perf-2.6.32-754.3.5.el6.x86_64

perf

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2012-6701

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2012-6701

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2012-6701

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2012-6701

perf-2.6.32-754.3.5.el6.x86_64

perf

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2018-1130

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-1130

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-1130

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-1130

perf-2.6.32-754.3.5.el6.x86_64

perf

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-10675

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-10675

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-10675

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-10675

perf-2.6.32-754.3.5.el6.x86_64

perf

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-3639

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-3639

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-3639

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-3639

perf-2.6.32-754.3.5.el6.x86_64

perf

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2017-18017

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2017-18017

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2017-18017

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2017-18017

perf-2.6.32-754.3.5.el6.x86_64

perf

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2018-3693

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2018-3693

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2018-3693

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2018-3693

perf-2.6.32-754.3.5.el6.x86_64

perf

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2017-18203

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-18203

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-18203

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-18203

perf-2.6.32-754.3.5.el6.x86_64

perf

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-0861

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-0861

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-0861

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-0861

perf-2.6.32-754.3.5.el6.x86_64

perf

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-9075

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9075

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9075

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9075

perf-2.6.32-754.3.5.el6.x86_64

perf

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2018-5803

kernel-2.6.32-754.3.5.el6.x86_64

kernel

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2018-5803

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2018-5803

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2018-5803

perf-2.6.32-754.3.5.el6.x86_64

perf

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2017-15121

kernel-2.6.32-754.3.5.el6.x86_64

kernel

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-15121

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-15121

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-15121

perf-2.6.32-754.3.5.el6.x86_64

perf

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-8824

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2017-8824

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2017-8824

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2017-8824

perf-2.6.32-754.3.5.el6.x86_64

perf

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2016-8650

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2016-8650

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2016-8650

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2016-8650

perf-2.6.32-754.3.5.el6.x86_64

perf

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2018-10901

kernel-2.6.32-754.3.5.el6.x86_64

kernel

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901

perf-2.6.32-754.3.5.el6.x86_64

perf

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2017-7889

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2017-7889

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2017-7889

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2017-7889

perf-2.6.32-754.3.5.el6.x86_64

perf

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2015-8830

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2015-8830

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2015-8830

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2015-8830

perf-2.6.32-754.3.5.el6.x86_64

perf

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2018-5390

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-5390

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-5390

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-5390

perf-2.6.32-754.3.5.el6.x86_64

perf

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2017-9076

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9076

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9076

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9076

perf-2.6.32-754.3.5.el6.x86_64

perf

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2018-1124

procps-3.2.8-45.el6_9.3.x86_64

procps

procps-ng before version 3.3.15 is vulnerable to multiple integeroverflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

CVE-2018-1126

procps-3.2.8-45.el6_9.3.x86_64

procps

procps-ng before version 3.3.15 is vulnerable to an incorrect integersize in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

Packages updated for Security reasons.

Old Package

New Package

Subsystem

gnupg2-2.0.14-8.el6.x86_64

gnupg2-2.0.14-9.el6_10.x86_64

Security

httpd24-apr-1.5.1-1.el6.x86_64

httpd24-apr-1.5.1-1.el6.1.x86_64

GUI

httpd24-httpd-2.4.25-8.el6.x86_64

httpd24-httpd-2.4.27-8.el6.1.x86_64

GUI

httpd24-httpd-tools-2.4.25-8.el6.x86_64

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

GUI

httpd24-mod_ssl-2.4.25-8.el6.x86_64

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

GUI

jre1.8-1.8.0_171-fcs.x86_64

jre1.8-1.8.0_181-fcs.x86_64

GUI

kernel-2.6.32-696.20.1.el6.x86_64

kernel-2.6.32-754.3.5.el6.x86_64

OS

kernel-firmware-2.6.32-696.20.1.el6.noarch

kernel-firmware-2.6.32-754.3.5.el6.noarch

OS

kernel-headers-2.6.32-696.20.1.el6.x86_64

kernel-headers-2.6.32-754.3.5.el6.x86_64

OS

microcode_ctl-1.17-25.4.el6_9.x86_64

microcode_ctl-1.17-33.3.el6_10.x86_64

OS

patch-2.6-6.el6.x86_64

patch-2.6-8.el6_9.x86_64

OS

perf-2.6.32-696.20.1.el6.x86_64

perf-2.6.32-754.3.5.el6.x86_64

OS

procps-3.2.8-33.el6.x86_64

procps-3.2.8-45.el6_9.3.x86_64

OS


Packages updated not for Security.

Old Package

New Package NOT for CVE

Subsystem

esi-release-3.3.1.0-11807.30.x86_64

esi-release-3.3.2.0-12332.15.x86_64

 App

logbase-ui-3.3.1.0-8462.x86_64

logbase-ui-3.3.2.0-8462.x86_64

GUI

lumeta-api-3.3.1.0-11807.x86_64

lumeta-api-3.3.2.0-12332.x86_64

API

lumeta-api-client-3.3.1.0-11714.x86_64

lumeta-api-client-3.3.2.0-12304.x86_64

API

lumeta-cisco-ise-pxgrid-3.3.1.0-11687.x86_64

lumeta-cisco-ise-pxgrid-3.3.2.0-12060.x86_64

Integration

lumeta-console-3.3.1.0-11701.x86_64

lumeta-console-3.3.2.0-12302.x86_64

CLI-ConsoleApp

lumeta-diagnostics-3.3.1.0-11661.x86_64

lumeta-diagnostics-3.3.2.0-12242.x86_64

Debug

lumeta-discovery-agent-3.3.1.0-11760.x86_64

lumeta-discovery-agent-3.3.2.0-12232.x86_64

Collecting/Scanning

lumeta-dxl-3.3.1.0-10781.x86_64

lumeta-dxl-3.3.2.0-12306.x86_64

API

lumeta-install-3.3.1.0-11752.x86_64

lumeta-install-3.3.2.0-12308.x86_64

GUI

lumeta-ips-import-3.3.1.0-6550.x86_64

lumeta-ips-import-3.3.2.0-6550.x86_64

GUI

lumeta-ireg-3.3.1.0-6550.x86_64

lumeta-ireg-3.3.2.0-6550.x86_64

GUI

lumeta-jaas-3.3.1.0-11503.x86_64

lumeta-jaas-3.3.2.0-11503.x86_64

GUI

lumeta-lib-3.3.1.0-11603.x86_64

lumeta-lib-3.3.2.0-12249.x86_64

GUI

lumeta-pam-3.3.1.0-9852.x86_64

lumeta-pam-3.3.2.0-12308.x86_64

Security

lumeta-tfa-3.3.1.0-10659.x86_64

lumeta-tfa-3.3.2.0-10659.x86_64

Security

lumeta-tools-3.3.1.0-10695.x86_64

lumeta-tools-3.3.2.0-10695.x86_64

Collecting/Scanning

lumeta-ui-3.3.1.0-11772.x86_64

lumeta-ui-3.3.2.0-12230.x86_64

GUI

lumeta-visio-3.3.1.0-11614.x86_64

lumeta-visio-3.3.2.0-12259.x86_64

GUI

lumeta-webapp-3.3.1.0-11744.x86_64

lumeta-webapp-3.3.2.0-12060.x86_64

GUI

rawio-3.3.1.0-8288.x86_64

rawio-3.3.2.0-8288.x86_64

Collecting/Scanning

x15-backend-3.3.1.0-10885.x86_64

x15-backend-3.3.2.0-10885.x86_64

Analytics/BigData

New Package NOT for CVE

Subsystem

gpg-pubkey-c105b9de-4e0fd3a3

Security


____________________________

DeliverableName
netbootesi-3.3.2-rc8
upgradespectre_update-3.3.2.0.12268.tgz


CVEs and the new package and RPM that resolves each from 3.3.1 to 3.3.2.

CVE

New RPM

PKG

DESCRIPTION

CVE-2018-12020

gnupg2-2.0.14-9.el6_10.x86_64

gnupg2

mainproc.c in GnuPG before 2.2.8 mishandles the original filenameduring decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.

CVE-2017-9788

httpd24-httpd-2.4.27-8.el6.1.x86_64

httpd24-httpd

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

CVE-2017-9788

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

httpd24-httpd-tools

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

CVE-2017-9788

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

httpd24-mod_ssl

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

CVE-2017-12613

httpd24-apr-1.5.1-1.el6.1.x86_64

httpd24-apr

When apr_time_exp*() or apr_os_exp_time*() functions are invoked withan invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

CVE-2017-9798

httpd24-httpd-2.4.27-8.el6.1.x86_64

httpd24-httpd

Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-9798

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

httpd24-httpd-tools

Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-9798

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

httpd24-mod_ssl

Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-9789

httpd24-httpd-2.4.27-8.el6.1.x86_64

httpd24-httpd

When under stress, closing many connections, the HTTP/2 handling codein Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

CVE-2017-9789

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

httpd24-httpd-tools

When under stress, closing many connections, the HTTP/2 handling codein Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

CVE-2017-9789

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

httpd24-mod_ssl

When under stress, closing many connections, the HTTP/2 handling codein Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

CVE-2018-1000156

patch-2.6-8.el6_9.x86_64

patch

GNU Patch version 2.7.6 contains an input validation vulnerabilitywhen processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

CVE-2017-7308

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-7308

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-7308

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-7308

perf-2.6.32-754.3.5.el6.x86_64

perf

The packet_set_ring function in net/packet/af_packet.c in the Linuxkernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

CVE-2017-1000410

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-1000410

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-1000410

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-1000410

perf-2.6.32-754.3.5.el6.x86_64

perf

The Linux kernel version 3.3-rc1 and later is affected by avulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. These are the specifics of this vulnerability: In the function l2cap_parse_conf_rsp and in the function l2cap_parse_conf_req the following variable is declared without initialization: struct l2cap_conf_efs efs; In addition, when parsing input configuration parameters in both of these functions, the switch case for handling EFS elements may skip the memcpy call that will write to the efs variable: ... case L2CAP_CONF_EFS: if (olen == sizeof(efs)) memcpy(&efs, (void *)val, olen); ... The olen in the above if is attacker controlled, and regardless of that if, in both of these functions the efs variable would eventually be added to the outgoing configuration request that is being built: l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), (unsigned long) &efs); So by sending a configuration request, or response, that contains an L2CAP_CONF_EFS element, but with an element length that is not sizeof(efs) - the memcpy to the uninitialized efs variable can be avoided, and the uninitialized variable would be returned to the attacker (16 bytes).

CVE-2017-9077

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077

perf-2.6.32-754.3.5.el6.x86_64

perf

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2018-10872

kernel-2.6.32-754.3.5.el6.x86_64

kernel

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2018-10872

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2018-10872

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2018-10872

perf-2.6.32-754.3.5.el6.x86_64

perf

A flaw was found in the way the Linux kernel handled exceptionsdelivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

CVE-2017-7616

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2017-7616

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2017-7616

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2017-7616

perf-2.6.32-754.3.5.el6.x86_64

perf

Incorrect error handling in the set_mempolicy and mbind compat syscallsin mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

CVE-2018-3665

kernel-2.6.32-754.3.5.el6.x86_64

kernel

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2018-3665

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2018-3665

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2018-3665

perf-2.6.32-754.3.5.el6.x86_64

perf

System software utilizing Lazy FP state restore technique on systemsusing Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

CVE-2017-8890

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2017-8890

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2017-8890

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2017-8890

perf-2.6.32-754.3.5.el6.x86_64

perf

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

CVE-2018-7566

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-7566

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-7566

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-7566

perf-2.6.32-754.3.5.el6.x86_64

perf

The Linux kernel 4.15 has a Buffer Overflow via anSNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

CVE-2018-1000004

kernel-2.6.32-754.3.5.el6.x86_64

kernel

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2018-1000004

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2018-1000004

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2018-1000004

perf-2.6.32-754.3.5.el6.x86_64

perf

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions arace condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.

CVE-2017-6001

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-6001

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-6001

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-6001

perf-2.6.32-754.3.5.el6.x86_64

perf

Race condition in kernel/events/core.c in the Linux kernel before4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.

CVE-2017-12190

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-12190

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-12190

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-12190

perf-2.6.32-754.3.5.el6.x86_64

perf

The bio_map_user_iov and bio_unmap_user functions in block/bio.c in theLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.

CVE-2017-13166

kernel-2.6.32-754.3.5.el6.x86_64

kernel

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2017-13166

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2017-13166

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2017-13166

perf-2.6.32-754.3.5.el6.x86_64

perf

An elevation of privilege vulnerability in the kernel v4l2 videodriver. Product: Android. Versions: Android kernel. Android ID A-34624167.

CVE-2018-10301

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2018-10301

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2018-10301

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2018-10301

perf-2.6.32-754.3.5.el6.x86_64

perf

Cross-site scripting (XSS) vulnerability in the Web-Dorado InstagramFeed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

CVE-2017-2671

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-2671

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-2671

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-2671

perf-2.6.32-754.3.5.el6.x86_64

perf

The ping_unhash function in net/ipv4/ping.c in the Linux kernelthrough 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.

CVE-2017-15265

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2017-15265

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2017-15265

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2017-15265

perf-2.6.32-754.3.5.el6.x86_64

perf

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

CVE-2018-3620

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2018-3620

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2018-3620

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2018-3620

perf-2.6.32-754.3.5.el6.x86_64

perf

Systems with microprocessors utilizing speculative execution andaddress translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

CVE-2012-6701

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2012-6701

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2012-6701

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2012-6701

perf-2.6.32-754.3.5.el6.x86_64

perf

Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allowslocal users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.

CVE-2018-1130

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-1130

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-1130

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-1130

perf-2.6.32-754.3.5.el6.x86_64

perf

Linux kernel before version 4.16-rc7 is vulnerable to a null pointerdereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

CVE-2018-10675

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-10675

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-10675

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-10675

perf-2.6.32-754.3.5.el6.x86_64

perf

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernelbefore 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

CVE-2018-3639

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-3639

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-3639

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2018-3639

perf-2.6.32-754.3.5.el6.x86_64

perf

Systems with microprocessors utilizing speculative execution andspeculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVE-2017-18017

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2017-18017

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2017-18017

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2017-18017

perf-2.6.32-754.3.5.el6.x86_64

perf

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in theLinux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

CVE-2018-3693

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2018-3693

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2018-3693

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2018-3693

perf-2.6.32-754.3.5.el6.x86_64

perf

Systems with microprocessors utilizing speculative execution andbranch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

CVE-2017-18203

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-18203

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-18203

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-18203

perf-2.6.32-754.3.5.el6.x86_64

perf

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernelbefore 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

CVE-2017-0861

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-0861

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-0861

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-0861

perf-2.6.32-754.3.5.el6.x86_64

perf

Use-after-free vulnerability in the snd_pcm_info function in the ALSAsubsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.

CVE-2017-9075

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9075

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9075

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9075

perf-2.6.32-754.3.5.el6.x86_64

perf

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2018-5803

kernel-2.6.32-754.3.5.el6.x86_64

kernel

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2018-5803

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2018-5803

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2018-5803

perf-2.6.32-754.3.5.el6.x86_64

perf

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

CVE-2017-15121

kernel-2.6.32-754.3.5.el6.x86_64

kernel

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-15121

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-15121

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-15121

perf-2.6.32-754.3.5.el6.x86_64

perf

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

CVE-2017-8824

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2017-8824

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2017-8824

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2017-8824

perf-2.6.32-754.3.5.el6.x86_64

perf

The dccp_disconnect function in net/dccp/proto.c in the Linux kernelthrough 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.

CVE-2016-8650

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2016-8650

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2016-8650

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2016-8650

perf-2.6.32-754.3.5.el6.x86_64

perf

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

CVE-2018-10901

kernel-2.6.32-754.3.5.el6.x86_64

kernel

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901

perf-2.6.32-754.3.5.el6.x86_64

perf

A flaw was found in Linux kernel's KVM virtualization subsystem. TheVMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2017-7889

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2017-7889

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2017-7889

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2017-7889

perf-2.6.32-754.3.5.el6.x86_64

perf

The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

CVE-2015-8830

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2015-8830

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2015-8830

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2015-8830

perf-2.6.32-754.3.5.el6.x86_64

perf

Integer overflow in the aio_setup_single_vector function in fs/aio.cin the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression.

CVE-2018-5390

kernel-2.6.32-754.3.5.el6.x86_64

kernel

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-5390

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-5390

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2018-5390

perf-2.6.32-754.3.5.el6.x86_64

perf

Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVE-2017-9076

kernel-2.6.32-754.3.5.el6.x86_64

kernel

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9076

kernel-firmware-2.6.32-754.3.5.el6.noarch

kernel-firmware

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9076

kernel-headers-2.6.32-754.3.5.el6.x86_64

kernel-headers

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9076

perf-2.6.32-754.3.5.el6.x86_64

perf

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CVE-2018-1124

procps-3.2.8-45.el6_9.3.x86_64

procps

procps-ng before version 3.3.15 is vulnerable to multiple integeroverflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

CVE-2018-1126

procps-3.2.8-45.el6_9.3.x86_64

procps

procps-ng before version 3.3.15 is vulnerable to an incorrect integersize in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

Packages updated for Security reasons.

Old Package

New Package

Subsystem

gnupg2-2.0.14-8.el6.x86_64

gnupg2-2.0.14-9.el6_10.x86_64

Security

httpd24-apr-1.5.1-1.el6.x86_64

httpd24-apr-1.5.1-1.el6.1.x86_64

GUI

httpd24-httpd-2.4.25-8.el6.x86_64

httpd24-httpd-2.4.27-8.el6.1.x86_64

GUI

httpd24-httpd-tools-2.4.25-8.el6.x86_64

httpd24-httpd-tools-2.4.27-8.el6.1.x86_64

GUI

httpd24-mod_ssl-2.4.25-8.el6.x86_64

httpd24-mod_ssl-2.4.27-8.el6.1.x86_64

GUI

jre1.8-1.8.0_171-fcs.x86_64

jre1.8-1.8.0_181-fcs.x86_64

GUI

kernel-2.6.32-696.20.1.el6.x86_64

kernel-2.6.32-754.3.5.el6.x86_64

OS

kernel-firmware-2.6.32-696.20.1.el6.noarch

kernel-firmware-2.6.32-754.3.5.el6.noarch

OS

kernel-headers-2.6.32-696.20.1.el6.x86_64

kernel-headers-2.6.32-754.3.5.el6.x86_64

OS

microcode_ctl-1.17-25.4.el6_9.x86_64

microcode_ctl-1.17-33.3.el6_10.x86_64

OS

patch-2.6-6.el6.x86_64

patch-2.6-8.el6_9.x86_64

OS

perf-2.6.32-696.20.1.el6.x86_64

perf-2.6.32-754.3.5.el6.x86_64

OS

procps-3.2.8-33.el6.x86_64

procps-3.2.8-45.el6_9.3.x86_64

OS


Packages updated not for Security.

Old Package

New Package NOT for CVE

Subsystem

esi-release-3.3.1.0-11807.30.x86_64

esi-release-3.3.2.0-12268.2244.x86_64

App

logbase-ui-3.3.1.0-8462.x86_64

logbase-ui-3.3.2.0-8462.x86_64

GUI

lumeta-api-3.3.1.0-11807.x86_64

lumeta-api-3.3.2.0-12268.x86_64

API

lumeta-api-client-3.3.1.0-11714.x86_64

lumeta-api-client-3.3.2.0-11994.x86_64

API

lumeta-cisco-ise-pxgrid-3.3.1.0-11687.x86_64

lumeta-cisco-ise-pxgrid-3.3.2.0-12060.x86_64

Integration

lumeta-console-3.3.1.0-11701.x86_64

lumeta-console-3.3.2.0-12264.x86_64

CLI-ConsoleApp

lumeta-diagnostics-3.3.1.0-11661.x86_64

lumeta-diagnostics-3.3.2.0-12242.x86_64

Debug

lumeta-discovery-agent-3.3.1.0-11760.x86_64

lumeta-discovery-agent-3.3.2.0-12232.x86_64

Collecting/Scanning

lumeta-dxl-3.3.1.0-10781.x86_64

lumeta-dxl-3.3.2.0-12060.x86_64

App

lumeta-install-3.3.1.0-11752.x86_64

lumeta-install-3.3.2.0-12262.x86_64

GUI

lumeta-ips-import-3.3.1.0-6550.x86_64

lumeta-ips-import-3.3.2.0-6550.x86_64

GUI

lumeta-ireg-3.3.1.0-6550.x86_64

lumeta-ireg-3.3.2.0-6550.x86_64

GUI

lumeta-jaas-3.3.1.0-11503.x86_64

lumeta-jaas-3.3.2.0-11503.x86_64

GUI

lumeta-lib-3.3.1.0-11603.x86_64

lumeta-lib-3.3.2.0-12249.x86_64

GUI

lumeta-pam-3.3.1.0-9852.x86_64

lumeta-pam-3.3.2.0-9852.x86_64

Security

lumeta-tfa-3.3.1.0-10659.x86_64

lumeta-tfa-3.3.2.0-10659.x86_64

Security

lumeta-tools-3.3.1.0-10695.x86_64

lumeta-tools-3.3.2.0-10695.x86_64

Collecting/Scanning

lumeta-ui-3.3.1.0-11772.x86_64

lumeta-ui-3.3.2.0-12230.x86_64

GUI

lumeta-visio-3.3.1.0-11614.x86_64

lumeta-visio-3.3.2.0-12259.x86_64

GUI

lumeta-webapp-3.3.1.0-11744.x86_64

lumeta-webapp-3.3.2.0-12060.x86_64

GUI

rawio-3.3.1.0-8288.x86_64

rawio-3.3.2.0-8288.x86_64

Collecting/Scanning

x15-backend-3.3.1.0-10885.x86_64

x15-backend-3.3.2.0-10885.x86_64

Analytics/BigData

  • No labels