Red Hat Kernel Multiple Vulnerabilities

Last Update Date: 7 Nov 2018 Release Date: 1 Nov 2018 4951 Views

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities have been identified in Red Hat Kernel, a remote attacker can exploit these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system.

Impact

Denial of Service
Elevation of Privilege
Information Disclosure

System / Technologies affected

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - ppc64le
Red Hat Enterprise Linux ComputeNode EUS (v. 7.5) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.5) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.5) - ppc64, ppc64le, x86_64

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued a source code fix:
https://access.redhat.com/articles/11258

Vulnerability Identifier

Source

AusCERT