SB2018071107 - Red Hat update for kernel
Published: July 11, 2018
Security Bulletin ID
SB2018071107
Severity
Low
Patch available
YES
Number of vulnerabilities
4
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2017-13672)
The vulnerability allows an adjacent unauthenticated attacker to cause DoS condition on the target system.The weakness exists due to out-of-bounds read. An adjacent attacker can trigger memory corruption and cause the service to crash.
2) Speculative Store Bypass (CVE-ID: CVE-2018-3639)
The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.The weakness exists due to race conditions in CPU cache processing. A local attacker can conduct a side-channel attack to exploit a flaw in the speculative execution of Load and Store instructions to read privileged memory.
Note: the vulnerability is referred to as "Spectre variant 4".
3) Out-of-bounds read (CVE-ID: CVE-2018-5683)
The vulnerability allows an adjacent low-privileged attacker to cause DoS condition on the target system.The weakness exists in the vga_draw_text function due to out-of-bounds read. A remote attacker can leverage improper memory address validation, trigger memory error and cause QEMU process to crash.
4) Out-of-bounds read (CVE-ID: CVE-2018-7858)
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.The weakness exists due to improper VGA display updates. An adjacent attacker can use incorrect region calculations during VGA display updates, trigger out-of-bounds read and cause the service to crash.
Remediation
Install update from vendor's website.