Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2018:1350 - Security Advisory
Issued:
2018-05-08
Updated:
2018-05-10

RHSA-2018:1350 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: kernel security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

[Updated 10 May 2018]

The references to CVE-2017-5754 x86 (32-bit) mitigation were removed because Red Hat Enterprise Linux 6.5 Advanced Update Support does not include support for x86 32-bit architecture. Consequently, impact rating of this erratum was changed from Important to Moderate.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Kernel: error in exception handling leads to DoS (CVE-2018-8897)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting this issue.

Bug Fix(es):

  • The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1554256)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 6.5 x86_64

Fixes

  • BZ - 1567074 - CVE-2018-8897 Kernel: error in exception handling leads to DoS

CVEs

  • CVE-2018-8897

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/security/vulnerabilities/pop_ss
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.5

SRPM
kernel-2.6.32-431.89.2.el6.src.rpm SHA-256: 76d379caf09687cdee14b7e19836d0413d85ed6503b6e867d0fd5b98c18e2f6f
x86_64
kernel-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: a771f36d836fd5354d38a74a71b153f56aa0c39dde306b2945d0f6b30fc923e6
kernel-abi-whitelists-2.6.32-431.89.2.el6.noarch.rpm SHA-256: 90b388ed0745e8d6f5ef432e1b3fb10f91c54255a70d0c438a41e43fd85b6753
kernel-debug-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 5ffa9f6c66311944024cc3b59f02358de858e1253eeb44fc0b15c95e5d8e9bcc
kernel-debug-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 60e4b44197233b312000b0bb0f91be9375c2522585ab83a4786b9d5df622ae4a
kernel-debug-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 60e4b44197233b312000b0bb0f91be9375c2522585ab83a4786b9d5df622ae4a
kernel-debug-devel-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: b67a0f0ad9aa7b63433342a97d4af0b7f5bd0c5f9e17c6ac26fb819ca7b8aa06
kernel-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 91b453faf77e6bd058a11f89e3bc2f64ba16a001649907615165ef93a5b27af6
kernel-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 91b453faf77e6bd058a11f89e3bc2f64ba16a001649907615165ef93a5b27af6
kernel-debuginfo-common-x86_64-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 1a27f0d6e6d63540b7cd1e1e84bcd48535268ef54ae7f0fee34ce13cfbcb97aa
kernel-debuginfo-common-x86_64-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 1a27f0d6e6d63540b7cd1e1e84bcd48535268ef54ae7f0fee34ce13cfbcb97aa
kernel-devel-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: a44083fb6bff954586ecee96a14d1a821a6fc5107e36ffb26101f0637788b22f
kernel-doc-2.6.32-431.89.2.el6.noarch.rpm SHA-256: 1d2c56366ed95632abdf8f14b34fceba7b758026986813dc0273b4c562498f48
kernel-firmware-2.6.32-431.89.2.el6.noarch.rpm SHA-256: 5b6120465f4695dad7ffe4ec9e27ebddd96d2f97f6e3ac2c0d8fbf26bdaedefa
kernel-headers-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 276d4bee5c6dd773af530da0670f91f784609fc384a587073f3f50475cbc1123
perf-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 48b18c8a896b3bef1d867724e0078d82009ee1211a0cb89023faf74c08d3772a
perf-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: ed50a0cf78099fc22d54fc18b44a1ad4f5b5e0e5a794474b39f2b3783071d69f
perf-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: ed50a0cf78099fc22d54fc18b44a1ad4f5b5e0e5a794474b39f2b3783071d69f
python-perf-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: 6fc157d0cb5643577896cf7358195aa70fab7d417d1751e76e3da99ba7e38ec3
python-perf-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: ec7cc11f3718204516a718d38a6fb2cff2ac4743b0128d5b33254a8344564636
python-perf-debuginfo-2.6.32-431.89.2.el6.x86_64.rpm SHA-256: ec7cc11f3718204516a718d38a6fb2cff2ac4743b0128d5b33254a8344564636

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter