Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Fedora 28: FEDORA-2018-2c6bd93875 Critical: Kernel 4.17.2 Buffer Overflow

fedora
Calendar Grey June 23, 2018
Dist Fedora Esm H88
Major enhancements in Fedora 28's kernel improve overall functionality, resilience, and protection, incorporating vital patches for optimal performance.
The 4.17.2 kernel rebase contains new drivers, new features, and a number of important fixes across the tree.

Summary

The kernel meta package

The 4.17.2 kernel rebase contains new drivers, new features, and a number of

important fixes across the tree.

* Mon Jun 18 2018 Justin M. Forbes - 4.17.2-200

- Linux v4.17.2 Rebase

* Sun Jun 17 2018 Jeremy Cline - 4.16.16-300

- Linux v4.16.16

* Tue Jun 12 2018 Jeremy Cline

- Fix a crash in ath10k when bandwidth changes (rhbz 1577106)

- Fix kexec_file_load pefile signature verification (rhbz 1470995)

* Tue Jun 12 2018 Justin M. Forbes

- Fix CVE-2018-12232 (rhbz 1590215 1590216)

* Mon Jun 11 2018 Jeremy Cline - 4.16.15-300

- Fix for the keyboard backlight on Dell XPS 13 9370

- Linux v4.16.15

* Mon Jun 11 2018 Justin M. Forbes

- Fix CVE-2018-10853 (rhbz 1589890 1589892)

* Tue Jun 5 2018 Jeremy Cline

- Enable CONFIG_SCSI_DH on s390x (rhbz 1586189)

* Tue Jun 5 2018 Jeremy Cline - 4.16.14-300

- Linux v4.16.14

* Mon Jun 4 2018 Jeremy Cline

- Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (rhbz 1583207)

* Wed May 30 2018 Jeremy Cline - 4.16.13-300

- Linux v4.16.13

- Fixes CVE-2018-11506 (rhbz 1583210 1583213)

* Fri May 25 2018 Jeremy Cline - 4.16.12-300

- Linux v4.16.12

- Fix CVE-2018-10840 (rhbz 1582346 1582348)

- Fix for incorrect error message about parsing PCCT (rhbz 1435837)

* Tue May 22 2018 Jeremy Cline - 4.16.11-300

- Linux v4.16.11

* Mon May 21 2018 Justin M. Forbes - 4.16.10-301

- Fix CVE-2018-3639 (rhbz 1566890 1580713)

* Mon May 21 2018 Jeremy Cline - 4.16.10-300

- Linux v4.16.10

* Sun May 20 2018 Hans de Goede

- Enable GPIO_AMDPT, PINCTRL_AMD and X86_AMD_PLATFORM_DEVICE Kconfig options

to fix i2c and GPIOs not working on AMD based laptops (rhbz#1510649)

* Thu May 17 2018 Justin M. Forbes

- Fix CVE-2018-1120 (rhbz 1575472 1579542)

* Thu May 17 2018 Jeremy Cline - 4.16.9-300

- Linux v4.16.9

- Silence unwanted "swiotlb buffer is full" warnings (rhbz 1556797)

* Wed May 9 2018 Jeremy Cline

- Workaround for m400 uart irq firmware description (rhbz 1574718)

* Wed May 9 2018 Jeremy Cline - 4.16.8-300

- Linux v4.16.8

* Mon May 7 2018 Jeremy Cline

- Fix issue with KVM on older Core 2 processors (rhbz 1566258)

* Sat May 5 2018 Peter Robinson

- ARM and Raspberry Pi fixes

- Fix USB-2 on Tegra devices

* Fri May 4 2018 Laura Abbott

- Fix for building out of tree modules on powerpc (rhbz 1574604)

* Fri May 4 2018 Justin M. Forbes

- Fix CVE-2018-10322 (rhbz 1571623 1571624)

- Fix CVE-2018-10323 (rhbz 1571627 1571630)

* Wed May 2 2018 Jeremy Cline - 4.16.7-300

- Linux v4.16.7

* Tue May 1 2018 Jeremy Cline - 4.16.6-302

- Revert the entire random series from 4.16.4 (rhbz 1572944)

* Tue May 1 2018 Jeremy Cline - 4.16.6-301

- Revert the fix for CVE-2018-1108 (rhbz 1572944)

* Mon Apr 30 2018 Jeremy Cline - 4.16.6-300

- Linux v4.16.6

* Fri Apr 27 2018 Jeremy Cline - 4.16.5-300

- Fix an issue with bluetooth autosupsend on some XPS 13 9360 (rhbz 1514836)

- Fix prlimit64 with RLIMIT_CPU ignored (rhbz 1568337)

- Linux v4.16.5

* Fri Apr 27 2018 Peter Robinson

- Enable QLogic NICs on ARM

* Wed Apr 25 2018 Jeremy Cline

- Fix a kernel oops when using Thunderbolt 3 docks (rhbz 1565131)

* Tue Apr 24 2018 Jeremy Cline - 4.16.4-300

- Linux v4.16.4

- Fix a regression in backlight interfaces for some laptops (rhbz 1571036)

[ 1 ] Bug #1582358 - CVE-2018-11412 kernel: out-of-bounds memcpy in fs/ext4/inline.c:ext4_read_inline_data() with crafted ext4 image

https://bugzilla.redhat.com/show_bug.cgi?id=1582358

su -c 'dnf upgrade --advisory FEDORA-2018-2c6bd93875' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX2MJK6W3L6HWB2BTYHWGJCOYG3RMMI/

Topics%20covered

Topics Covered

security advisory security issue buffer overflow Fedora critical fix kernel system update

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 28
Version: 4.17.2
Release: 200.fc28
URL: https://www.kernel.org/
Summary: The Linux kernel

Topics%20covered

Topics Covered

security advisory security issue buffer overflow Fedora critical fix kernel system update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here