| Errata ID | 318 |
|---|---|
| Date | 2018-04-04 |
| Source package | linux |
| Fixed in version | 4.9.30-2A~4.2.0.201803221415 |
| Description | This update of the Linux kernel to version 4.9.89 addresses the following issues: * CVE-2017-5753 cpu: speculative execution bounds-check bypass * CVE-2017-16911: vhci_cd driver in usbip/vhci_sysfs.c:port_show_vhci() discloses kernel memory addresses to local attackers * CVE-2017-17448: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure * CVE-2017-17450: Unchecked capabilities in net/netfilter/xt_osf.c allows for unprivileged modification to systemwide fingerprint list * CVE-2018-5344 kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service * CVE-2018-1000028: Improper sorting of GIDs in nfsd can lead to incorrect permissions being applied * CVE-2017-8824: Use-after-free vulnerability in DCCP socket * CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver. * CVE-2017-18193: Mishandled extent trees in fs/f2fs/extent_cache.c can allow a local user to cause a denial of service video driver. * CVE-2018-7480: Double free in block/blk-cgroup.c:blkcg_init_queue() can allow a local user to cause a denial of service |
| Additional notes | This is the first of three parts. |
| CVE ID | CVE-2017-5753 CVE-2017-16911 CVE-2017-17448 CVE-2017-17450 CVE-2018-5344 CVE-2018-1000028 CVE-2017-8824 CVE-2017-13166 CVE-2017-18193 CVE-2018-7480 |
| UCS Bug number | #46209 |
