CentOS Linux—the open, enterprise-class, platform upon which Lumeta solutions are built—and third-party packages such as Postgres and Oracle JRE—are continuously monitored by industry and community groups to uncover flaws. Upgrade packages that fix these CentOS flaws (aka CVEs, Common Vulnerabilities and Exposures) are made available from CentOS and third parties (Postgres, Oracle JRE) on an ongoing basis.
This page lists security enhancements on our radar. It's those CVEs that Lumeta is actively addressing and expects to have fully resolved in the upcoming releases of Lumeta Enterprise Edition.
|CVE||Repair||Date||3rd Party Patch|| Vulnerability||Resolved_Version & GA Date|
|Identifier||PKG||Reported||Available?||Lumeta||Notes on vulnerability||Lumeta||Lumeta_GA|
A flaw was found in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
An out-of-bounds (OOB) memory access flaw was found in the floppy driver module in the Linux kernel
A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6
A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver
A flaw was found in the Linux kernel's implementation of the HCI UART driver.