Page tree
Skip to end of metadata
Go to start of metadata

CentOS Linux—the open, enterprise-class, platform upon which Lumeta solutions are builtand third-party packages such as Postgres and Oracle JRE—are continuously monitored by industry  and community groups to uncover flaws. Upgrade packages that fix these CentOS flaws (aka CVEs, Common Vulnerabilities and Exposures) are made available from CentOS and third parties (Postgres, Oracle JRE) on an ongoing basis. 

This page lists security enhancements on our radar.  It's those CVEs that Lumeta is actively addressing and expects to have fully resolved in the upcoming releases of Lumeta Enterprise Edition.

CVERepairDate3rd Party Patch
 Resolved_Version & GA Date
IdentifierPKGReportedAvailable?LumetaNotes on vulnerabilityLumetaLumeta_GA
CentOS yesyes
CentOS yesyes

A flaw was found in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
CentOS yesyes

A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
CentOS yesyes

An out-of-bounds (OOB) memory access flaw was found in the floppy driver module in the Linux kernel
CentOS yesyes

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6
CentOS yesyes

A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver
CentOS yesyes

A flaw was found in the Linux kernel's implementation of the HCI UART driver.


  • No labels