-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2018:1062-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1062
Issue date:        2018-04-10
CVE Names:         CVE-2016-3672 CVE-2016-7913 CVE-2016-8633 
                   CVE-2017-7294 CVE-2017-8824 CVE-2017-9725 
                   CVE-2017-12154 CVE-2017-12190 CVE-2017-13166 
                   CVE-2017-14140 CVE-2017-15116 CVE-2017-15121 
                   CVE-2017-15126 CVE-2017-15127 CVE-2017-15129 
                   CVE-2017-15265 CVE-2017-17448 CVE-2017-17449 
                   CVE-2017-17558 CVE-2017-18017 CVE-2017-18203 
                   CVE-2017-1000252 CVE-2017-1000407 CVE-2017-1000410 
                   CVE-2018-5750 CVE-2018-6927 CVE-2018-1000004 
====================================================================
1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* hw: cpu: speculative execution permission faults handling (CVE-2017-5754,
Important, KVM for Power)

* kernel: Buffer overflow in firewire driver via crafted incoming packets
(CVE-2016-8633, Important)

* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824,
Important)

* Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register
(CVE-2017-12154, Important)

* kernel: v4l2: disabled memory access protection mechanism allowing
privilege escalation (CVE-2017-13166, Important)

* kernel: media: use-after-free in [tuner-xc2028] media driver
(CVE-2016-7913, Moderate)

* kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()
(CVE-2017-7294, Moderate)

* kernel: Incorrect type conversion for size during dma allocation
(CVE-2017-9725, Moderate)

* kernel: memory leak when merging buffers in SCSI IO vectors(CVE-2017-12190, Moderate)

* kernel: vfs: BUG in truncate_inode_pages_range() and fuse client
(CVE-2017-15121, Moderate)

* kernel: Use-after-free in userfaultfd_event_wait_completion function in
userfaultfd.c (CVE-2017-15126, Moderate)

* kernel: net: double-free and memory corruption in get_net_ns_by_id()
(CVE-2017-15129, Moderate)

* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265,
Moderate)

* kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c
allows for unprivileged access to systemwide nfnl_cthelper_list structure
(CVE-2017-17448, Moderate)

* kernel: Missing namespace check in net/netlink/af_netlink.c allows for
network monitors to observe systemwide activity (CVE-2017-17449, Moderate)

* kernel: Unallocated memory access by malicious USB device via
bNumInterfaces overflow (CVE-2017-17558, Moderate)

* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in
net/netfilter/xt_TCPMSS.c (CVE-2017-18017, Moderate)

* kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows
local users to cause a denial of service (CVE-2017-18203, Moderate)

* kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ
(CVE-2017-1000252, Moderate)

* Kernel: KVM: DoS via write flood to I/O port 0x80 (CVE-2017-1000407,
Moderate)

* kernel: Stack information leak in the EFS element (CVE-2017-1000410,
Moderate)

* kernel: Kernel address information leak in
drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing
KASLR bypass (CVE-2018-5750, Moderate)

* kernel: Race condition in sound system can lead to denial of service
(CVE-2018-1000004, Moderate)

 * kernel: multiple Low security impact security issues (CVE-2016-3672,
CVE-2017-14140, CVE-2017-15116, CVE-2017-15127, CVE-2018-6927, Low)

Red Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Google
Project Zero for reporting CVE-2017-5754; Mohamed Ghannam for reporting
CVE-2017-8824; Jim Mattson (Google.com) for reporting CVE-2017-12154;
Vitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli
(Engineering) for reporting CVE-2017-15126; Kirill Tkhai for reporting
CVE-2017-15129; Jan H. Schönherr (Amazon) for reporting CVE-2017-1000252;
and Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was
discovered by Miklos Szeredi (Red Hat) and the CVE-2017-15116 issue was
discovered by ChunYu Wang (Red Hat).

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.5 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1132610 - nfsd does not release free space of a file created with dd oflag=direct where there was no space left on device even after manual deletion
1324749 - CVE-2016-3672 kernel: unlimiting the stack disables ASLR
1334439 - Unable to disable IPv6 DAD or Optimistic DAD for all interfaces
1372079 - ixgbe nic is falsely advertising MII support
1391490 - CVE-2016-8633 kernel: Buffer overflow in firewire driver via crafted incoming packets
1402885 - CVE-2016-7913 kernel: media: use-after-free in [tuner-xc2028] media driver
1436798 - CVE-2017-7294 kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()
1450205 - Gratuitous ARP updates received in span of 2-3 seconds time frame are all ignored
1458032 - [Intel 7.5 Bug] KVMGT: Bogus PCI BAR emulation
1460213 - cls_matchall: kernel panic when used with classful qdiscs
1461282 - kernel: ICMP rate limiting is too aggressive on loopback
1471875 - soft lockups during unmount when dentry cache is very large
1488329 - CVE-2017-14140 kernel: Missing permission check in move_pages system call
1489088 - CVE-2017-9725 kernel: Incorrect type conversion for size during dma allocation
1489542 - Behavior change in autofs expiry timer when a path walk is done following commit from BZ 1413523
1490673 - Kernel Panic always happen immediately whenever make "debug.panic_on_rcu_stall=1" set on RHEL7.4
1490781 - CVE-2017-1000252 kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ
1491224 - CVE-2017-12154 Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register
1493125 - [RFE] Kernel address space layout randomization [KASLR] qemu support (kernel)
1495089 - CVE-2017-12190 kernel: memory leak when merging buffers in SCSI IO vectors1496836 - [RH 7.5 bug] Request for upstream commit 3664847d95e6 to be merged into RHEL 7.5/7.4
1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port()
1502601 - [Hyper-V][RHEL7.4] hang when thaw on microsoft hyper-v
1506382 - deadlock in nfs v4 client init
1507025 - [ESXi][RHEL7.5]x86/vmware: Skip timer_irq_works() check on VMware
1507026 - [ESXi][RHEL7.5]x86/vmware: Skip lapic calibration on VMware.
1514609 - CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function
1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element
1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket
1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling
1520328 - CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80
1520893 - CVE-2017-15121 kernel: vfs: BUG in truncate_inode_pages_range() and fuse client
1523481 - CVE-2017-15126 kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c
1525218 - CVE-2017-15127 kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c
1525474 - CVE-2017-17558 kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow
1525762 - CVE-2017-17449 kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity
1525768 - CVE-2017-17448 kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure
1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
1531174 - CVE-2017-15129 kernel: net: double-free and memory corruption in get_net_ns_by_id()
1534272 - md: raid0 device creation prints blank line to journalctl
1535315 - CVE-2018-1000004 kernel: Race condition in sound system can lead to denial of service
1539706 - CVE-2018-5750 kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass
1542013 - RHEL-7.5: Cannot set port mirroring onto two interface
1544612 - CVE-2018-6927 kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact
1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation
1550811 - CVE-2017-18203 kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-862.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm
kernel-doc-3.10.0-862.el7.noarch.rpm

x86_64:
kernel-3.10.0-862.el7.x86_64.rpm
kernel-debug-3.10.0-862.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-devel-3.10.0-862.el7.x86_64.rpm
kernel-headers-3.10.0-862.el7.x86_64.rpm
kernel-tools-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.el7.x86_64.rpm
perf-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-862.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm
kernel-doc-3.10.0-862.el7.noarch.rpm

x86_64:
kernel-3.10.0-862.el7.x86_64.rpm
kernel-debug-3.10.0-862.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-devel-3.10.0-862.el7.x86_64.rpm
kernel-headers-3.10.0-862.el7.x86_64.rpm
kernel-tools-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.el7.x86_64.rpm
perf-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-862.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm
kernel-doc-3.10.0-862.el7.noarch.rpm

ppc64:
kernel-3.10.0-862.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-862.el7.ppc64.rpm
kernel-debug-3.10.0-862.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm
kernel-debug-devel-3.10.0-862.el7.ppc64.rpm
kernel-debuginfo-3.10.0-862.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm
kernel-devel-3.10.0-862.el7.ppc64.rpm
kernel-headers-3.10.0-862.el7.ppc64.rpm
kernel-tools-3.10.0-862.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm
kernel-tools-libs-3.10.0-862.el7.ppc64.rpm
perf-3.10.0-862.el7.ppc64.rpm
perf-debuginfo-3.10.0-862.el7.ppc64.rpm
python-perf-3.10.0-862.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-862.el7.ppc64.rpm

ppc64le:
kernel-3.10.0-862.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-862.el7.ppc64le.rpm
kernel-debug-3.10.0-862.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-862.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm
kernel-devel-3.10.0-862.el7.ppc64le.rpm
kernel-headers-3.10.0-862.el7.ppc64le.rpm
kernel-tools-3.10.0-862.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-862.el7.ppc64le.rpm
perf-3.10.0-862.el7.ppc64le.rpm
perf-debuginfo-3.10.0-862.el7.ppc64le.rpm
python-perf-3.10.0-862.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm

s390x:
kernel-3.10.0-862.el7.s390x.rpm
kernel-debug-3.10.0-862.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-862.el7.s390x.rpm
kernel-debug-devel-3.10.0-862.el7.s390x.rpm
kernel-debuginfo-3.10.0-862.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-862.el7.s390x.rpm
kernel-devel-3.10.0-862.el7.s390x.rpm
kernel-headers-3.10.0-862.el7.s390x.rpm
kernel-kdump-3.10.0-862.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-862.el7.s390x.rpm
kernel-kdump-devel-3.10.0-862.el7.s390x.rpm
perf-3.10.0-862.el7.s390x.rpm
perf-debuginfo-3.10.0-862.el7.s390x.rpm
python-perf-3.10.0-862.el7.s390x.rpm
python-perf-debuginfo-3.10.0-862.el7.s390x.rpm

x86_64:
kernel-3.10.0-862.el7.x86_64.rpm
kernel-debug-3.10.0-862.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-devel-3.10.0-862.el7.x86_64.rpm
kernel-headers-3.10.0-862.el7.x86_64.rpm
kernel-tools-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.el7.x86_64.rpm
perf-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
kernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm
kernel-debuginfo-3.10.0-862.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-862.el7.ppc64.rpm
perf-debuginfo-3.10.0-862.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-862.el7.ppc64.rpm

ppc64le:
kernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-862.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-862.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-862.el7.ppc64le.rpm
perf-debuginfo-3.10.0-862.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-862.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm
kernel-doc-3.10.0-862.el7.noarch.rpm

x86_64:
kernel-3.10.0-862.el7.x86_64.rpm
kernel-debug-3.10.0-862.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-devel-3.10.0-862.el7.x86_64.rpm
kernel-headers-3.10.0-862.el7.x86_64.rpm
kernel-tools-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.el7.x86_64.rpm
perf-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2016-3672
https://access.redhat.com/security/cve/CVE-2016-7913
https://access.redhat.com/security/cve/CVE-2016-8633
https://access.redhat.com/security/cve/CVE-2017-7294
https://access.redhat.com/security/cve/CVE-2017-8824
https://access.redhat.com/security/cve/CVE-2017-9725
https://access.redhat.com/security/cve/CVE-2017-12154
https://access.redhat.com/security/cve/CVE-2017-12190
https://access.redhat.com/security/cve/CVE-2017-13166
https://access.redhat.com/security/cve/CVE-2017-14140
https://access.redhat.com/security/cve/CVE-2017-15116
https://access.redhat.com/security/cve/CVE-2017-15121
https://access.redhat.com/security/cve/CVE-2017-15126
https://access.redhat.com/security/cve/CVE-2017-15127
https://access.redhat.com/security/cve/CVE-2017-15129
https://access.redhat.com/security/cve/CVE-2017-15265
https://access.redhat.com/security/cve/CVE-2017-17448
https://access.redhat.com/security/cve/CVE-2017-17449
https://access.redhat.com/security/cve/CVE-2017-17558
https://access.redhat.com/security/cve/CVE-2017-18017
https://access.redhat.com/security/cve/CVE-2017-18203
https://access.redhat.com/security/cve/CVE-2017-1000252
https://access.redhat.com/security/cve/CVE-2017-1000407
https://access.redhat.com/security/cve/CVE-2017-1000410
https://access.redhat.com/security/cve/CVE-2018-5750
https://access.redhat.com/security/cve/CVE-2018-6927
https://access.redhat.com/security/cve/CVE-2018-1000004
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.5_Release_Notes/index.html

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFazIO0XlSAg2UNWIIRAsrvAKC6oeVVzqbL2khLh037fNiseMvX+QCfS3iv
EDnvsFcBpZQPFqATi/MtziA=lsfK
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2018-1062:01 Important: kernel security, bug fix,

An update for kernel is now available for Red Hat Enterprise Linux 7

Summary

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* hw: cpu: speculative execution permission faults handling (CVE-2017-5754, Important, KVM for Power)
* kernel: Buffer overflow in firewire driver via crafted incoming packets (CVE-2016-8633, Important)
* kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824, Important)
* Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register (CVE-2017-12154, Important)
* kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166, Important)
* kernel: media: use-after-free in [tuner-xc2028] media driver (CVE-2016-7913, Moderate)
* kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294, Moderate)
* kernel: Incorrect type conversion for size during dma allocation (CVE-2017-9725, Moderate)
* kernel: memory leak when merging buffers in SCSI IO vectors(CVE-2017-12190, Moderate)
* kernel: vfs: BUG in truncate_inode_pages_range() and fuse client (CVE-2017-15121, Moderate)
* kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c (CVE-2017-15126, Moderate)
* kernel: net: double-free and memory corruption in get_net_ns_by_id() (CVE-2017-15129, Moderate)
* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265, Moderate)
* kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure (CVE-2017-17448, Moderate)
* kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity (CVE-2017-17449, Moderate)
* kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow (CVE-2017-17558, Moderate)
* kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017, Moderate)
* kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203, Moderate)
* kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ (CVE-2017-1000252, Moderate)
* Kernel: KVM: DoS via write flood to I/O port 0x80 (CVE-2017-1000407, Moderate)
* kernel: Stack information leak in the EFS element (CVE-2017-1000410, Moderate)
* kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass (CVE-2018-5750, Moderate)
* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004, Moderate)
* kernel: multiple Low security impact security issues (CVE-2016-3672, CVE-2017-14140, CVE-2017-15116, CVE-2017-15127, CVE-2018-6927, Low)
Red Hat would like to thank Eyal Itkin for reporting CVE-2016-8633; Google Project Zero for reporting CVE-2017-5754; Mohamed Ghannam for reporting CVE-2017-8824; Jim Mattson (Google.com) for reporting CVE-2017-12154; Vitaly Mayatskih for reporting CVE-2017-12190; Andrea Arcangeli (Engineering) for reporting CVE-2017-15126; Kirill Tkhai for reporting CVE-2017-15129; Jan H. Schönherr (Amazon) for reporting CVE-2017-1000252; and Armis Labs for reporting CVE-2017-1000410. The CVE-2017-15121 issue was discovered by Miklos Szeredi (Red Hat) and the CVE-2017-15116 issue was discovered by ChunYu Wang (Red Hat).
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2016-3672 https://access.redhat.com/security/cve/CVE-2016-7913 https://access.redhat.com/security/cve/CVE-2016-8633 https://access.redhat.com/security/cve/CVE-2017-7294 https://access.redhat.com/security/cve/CVE-2017-8824 https://access.redhat.com/security/cve/CVE-2017-9725 https://access.redhat.com/security/cve/CVE-2017-12154 https://access.redhat.com/security/cve/CVE-2017-12190 https://access.redhat.com/security/cve/CVE-2017-13166 https://access.redhat.com/security/cve/CVE-2017-14140 https://access.redhat.com/security/cve/CVE-2017-15116 https://access.redhat.com/security/cve/CVE-2017-15121 https://access.redhat.com/security/cve/CVE-2017-15126 https://access.redhat.com/security/cve/CVE-2017-15127 https://access.redhat.com/security/cve/CVE-2017-15129 https://access.redhat.com/security/cve/CVE-2017-15265 https://access.redhat.com/security/cve/CVE-2017-17448 https://access.redhat.com/security/cve/CVE-2017-17449 https://access.redhat.com/security/cve/CVE-2017-17558 https://access.redhat.com/security/cve/CVE-2017-18017 https://access.redhat.com/security/cve/CVE-2017-18203 https://access.redhat.com/security/cve/CVE-2017-1000252 https://access.redhat.com/security/cve/CVE-2017-1000407 https://access.redhat.com/security/cve/CVE-2017-1000410 https://access.redhat.com/security/cve/CVE-2018-5750 https://access.redhat.com/security/cve/CVE-2018-6927 https://access.redhat.com/security/cve/CVE-2018-1000004 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.5_Release_Notes/index.html

Package List

Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
ppc64: kernel-3.10.0-862.el7.ppc64.rpm kernel-bootwrapper-3.10.0-862.el7.ppc64.rpm kernel-debug-3.10.0-862.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debug-devel-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm kernel-devel-3.10.0-862.el7.ppc64.rpm kernel-headers-3.10.0-862.el7.ppc64.rpm kernel-tools-3.10.0-862.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-tools-libs-3.10.0-862.el7.ppc64.rpm perf-3.10.0-862.el7.ppc64.rpm perf-debuginfo-3.10.0-862.el7.ppc64.rpm python-perf-3.10.0-862.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64.rpm
ppc64le: kernel-3.10.0-862.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.el7.ppc64le.rpm kernel-debug-3.10.0-862.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm kernel-devel-3.10.0-862.el7.ppc64le.rpm kernel-headers-3.10.0-862.el7.ppc64le.rpm kernel-tools-3.10.0-862.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.el7.ppc64le.rpm perf-3.10.0-862.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.el7.ppc64le.rpm python-perf-3.10.0-862.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm
s390x: kernel-3.10.0-862.el7.s390x.rpm kernel-debug-3.10.0-862.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.el7.s390x.rpm kernel-debug-devel-3.10.0-862.el7.s390x.rpm kernel-debuginfo-3.10.0-862.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.el7.s390x.rpm kernel-devel-3.10.0-862.el7.s390x.rpm kernel-headers-3.10.0-862.el7.s390x.rpm kernel-kdump-3.10.0-862.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.el7.s390x.rpm perf-3.10.0-862.el7.s390x.rpm perf-debuginfo-3.10.0-862.el7.s390x.rpm python-perf-3.10.0-862.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.el7.s390x.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: kernel-debug-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-862.el7.ppc64.rpm perf-debuginfo-3.10.0-862.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-862.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.el7.noarch.rpm kernel-doc-3.10.0-862.el7.noarch.rpm
x86_64: kernel-3.10.0-862.el7.x86_64.rpm kernel-debug-3.10.0-862.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-devel-3.10.0-862.el7.x86_64.rpm kernel-headers-3.10.0-862.el7.x86_64.rpm kernel-tools-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.el7.x86_64.rpm perf-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.el7.x86_64.rpm perf-debuginfo-3.10.0-862.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2018:1062-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2018:1062
Issued Date: : 2018-04-10
CVE Names: CVE-2016-3672 CVE-2016-7913 CVE-2016-8633 CVE-2017-7294 CVE-2017-8824 CVE-2017-9725 CVE-2017-12154 CVE-2017-12190 CVE-2017-13166 CVE-2017-14140 CVE-2017-15116 CVE-2017-15121 CVE-2017-15126 CVE-2017-15127 CVE-2017-15129 CVE-2017-15265 CVE-2017-17448 CVE-2017-17449 CVE-2017-17558 CVE-2017-18017 CVE-2017-18203 CVE-2017-1000252 CVE-2017-1000407 CVE-2017-1000410 CVE-2018-5750 CVE-2018-6927 CVE-2018-1000004

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64


Bugs Fixed

1132610 - nfsd does not release free space of a file created with dd oflag=direct where there was no space left on device even after manual deletion

1324749 - CVE-2016-3672 kernel: unlimiting the stack disables ASLR

1334439 - Unable to disable IPv6 DAD or Optimistic DAD for all interfaces

1372079 - ixgbe nic is falsely advertising MII support

1391490 - CVE-2016-8633 kernel: Buffer overflow in firewire driver via crafted incoming packets

1402885 - CVE-2016-7913 kernel: media: use-after-free in [tuner-xc2028] media driver

1436798 - CVE-2017-7294 kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()

1450205 - Gratuitous ARP updates received in span of 2-3 seconds time frame are all ignored

1458032 - [Intel 7.5 Bug] KVMGT: Bogus PCI BAR emulation

1460213 - cls_matchall: kernel panic when used with classful qdiscs

1461282 - kernel: ICMP rate limiting is too aggressive on loopback

1471875 - soft lockups during unmount when dentry cache is very large

1488329 - CVE-2017-14140 kernel: Missing permission check in move_pages system call

1489088 - CVE-2017-9725 kernel: Incorrect type conversion for size during dma allocation

1489542 - Behavior change in autofs expiry timer when a path walk is done following commit from BZ 1413523

1490673 - Kernel Panic always happen immediately whenever make "debug.panic_on_rcu_stall=1" set on RHEL7.4

1490781 - CVE-2017-1000252 kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ

1491224 - CVE-2017-12154 Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register

1493125 - [RFE] Kernel address space layout randomization [KASLR] qemu support (kernel)

1495089 - CVE-2017-12190 kernel: memory leak when merging buffers in SCSI IO vectors1496836 - [RH 7.5 bug] Request for upstream commit 3664847d95e6 to be merged into RHEL 7.5/7.4

1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port()

1502601 - [Hyper-V][RHEL7.4] hang when thaw on microsoft hyper-v

1506382 - deadlock in nfs v4 client init

1507025 - [ESXi][RHEL7.5]x86/vmware: Skip timer_irq_works() check on VMware

1507026 - [ESXi][RHEL7.5]x86/vmware: Skip lapic calibration on VMware.

1514609 - CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function

1519160 - CVE-2017-1000410 kernel: Stack information leak in the EFS element

1519591 - CVE-2017-8824 kernel: Use-after-free vulnerability in DCCP socket

1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling

1520328 - CVE-2017-1000407 Kernel: KVM: DoS via write flood to I/O port 0x80

1520893 - CVE-2017-15121 kernel: vfs: BUG in truncate_inode_pages_range() and fuse client

1523481 - CVE-2017-15126 kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c

1525218 - CVE-2017-15127 kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c

1525474 - CVE-2017-17558 kernel: Unallocated memory access by malicious USB device via bNumInterfaces overflow

1525762 - CVE-2017-17449 kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity

1525768 - CVE-2017-17448 kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure

1531135 - CVE-2017-18017 kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c

1531174 - CVE-2017-15129 kernel: net: double-free and memory corruption in get_net_ns_by_id()

1534272 - md: raid0 device creation prints blank line to journalctl

1535315 - CVE-2018-1000004 kernel: Race condition in sound system can lead to denial of service

1539706 - CVE-2018-5750 kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

1542013 - RHEL-7.5: Cannot set port mirroring onto two interface

1544612 - CVE-2018-6927 kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact

1548412 - CVE-2017-13166 kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation

1550811 - CVE-2017-18203 kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service