Red Hat 製品エラータ RHSA-2018:3590 - Security Advisory
発行日:
2018-11-13
更新日:
2018-11-13

RHSA-2018:3590 - Security Advisory

概要

Important: kernel security and bug fix update

タイプ/重大度

Security Advisory: Important

Red Hat Lightspeed patch analysis

このアドバイザリーの影響を受けるシステムを特定し、修正します。

影響を受けるシステムの表示

トピック

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

説明

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391)
  • kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344)
  • kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact (CVE-2018-10675)
  • kernel: Integer overflow in Linux's create_elf_tables function (CVE-2018-14634)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391 and Qualys Research Labs for reporting CVE-2018-14634.

Bug Fix(es):

  • Previously, a kernel panic occurred when the kernel tried to make an out of bound access to the array that describes the L1 Terminal Fault (L1TF) mitigation state on systems without Extended Page Tables (EPT) support. This update extends the array of mitigation states to cover all the states, which effectively prevents out of bound array access. Also, this update enables rejecting invalid, irrelevant values, that might be erroneously provided by the userspace. As a result, the kernel no longer panics in the described scenario. (BZ#1629565)
  • Previously, a packet was missing the User Datagram Protocol (UDP) payload checksum during a full checksum computation, if the hardware checksum was not applied. As a consequence, a packet with an incorrect checksum was dropped by a peer. With this update, the kernel includes the UDP payload checksum during the full checksum computation. As a result, the checksum is computed correctly and the packet can be received by the peer. (BZ#1635792)
  • Previously, a transform lookup through the xfrm framework could be performed on an already transformed destination cache entry (dst_entry). When using User Datagram Protocol (UDP) over IPv6 with a connected socket in conjunction with Internet Protocol Security (IPsec) in Encapsulating Security Payload (ESP) transport mode. As a consequence, invalid IPv6 fragments transmitted from the host or the kernel occasionally terminated unexpectedly due to a socket buffer (SKB) underrun. With this update, the xfrm lookup on an already transformed dst_entry is not possible. As a result, using UDP iperf utility over IPv6 ESP no longer causes invalid IPv6 fragment transmissions or a kernel panic. (BZ#1639586)

解決策

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

影響を受ける製品

  • Red Hat Enterprise Linux Server - AUS 7.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.2 x86_64

修正

  • BZ - 1575065 - CVE-2018-10675 kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact
  • BZ - 1609664 - CVE-2018-5391 kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)
  • BZ - 1610958 - CVE-2017-18344 kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c
  • BZ - 1624498 - CVE-2018-14634 kernel: Integer overflow in Linux's create_elf_tables function

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
kernel-3.10.0-327.76.1.el7.src.rpm SHA-256: 2d5d389baafb9ea942534a323dfba32b2d806fae2011359716b711ac6decd39a
x86_64
kernel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 1aa051c3bdabfa70b6b81435dead3da48d2304fabf7b41574465b11c3a5b4b2a
kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm SHA-256: 21ce72f1eedf0e18dbca60a158fc3795b54f0db88bf4766a410ba15ce4581a09
kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: c90764a9d26dfa68198c3b8b414541d4532c09649b1bc0aa7551c59645f21e1c
kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d2297a1af5047fab5474fc7b4003c05346ec15800229ed62f60b1b25ef0623cf
kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d2297a1af5047fab5474fc7b4003c05346ec15800229ed62f60b1b25ef0623cf
kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 72b0389439d64d3bba592888152183f14bd18c3216475dc7d2e2f7b2fd7cd5ef
kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d19e78bdb7d32e705349f81d047f0574f2ad7249407b689942c8c8a335d1e282
kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d19e78bdb7d32e705349f81d047f0574f2ad7249407b689942c8c8a335d1e282
kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 998452ab76620d1561cc519798556dbe9a673ecffec6b11385f8bcd36a970f81
kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 998452ab76620d1561cc519798556dbe9a673ecffec6b11385f8bcd36a970f81
kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 454f055dd2f85f30ae3e775ab136eb8fff95297d70eb3f1b0385781cc7581927
kernel-doc-3.10.0-327.76.1.el7.noarch.rpm SHA-256: 7f0670f0ff034c88db3fa4e564ac2061169f5589622a4963f06f8dc28b5590aa
kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 5acd5af9c02a6af9455736f32f68a956a8cde7fe04afaf2abf1b7370f95c3ffd
kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 14da409b21b35ce7d4612b8c0f2649dab56bc48e366cb9abcf6e145747133b4c
kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 87e1a79dd118e6ca2d4329ee01edf19cbf82de1e043c7178ccfb13d7a9a284d3
kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 87e1a79dd118e6ca2d4329ee01edf19cbf82de1e043c7178ccfb13d7a9a284d3
kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 9db72bd4d0afef0b3e6617c05800d005e309563a2473f5bbf9644e3793b4616b
kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: bdd3365024cc2bde12e220b504c991f55aa55aa44e45514ca624a8f4d6e23ab6
perf-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: e1affa0db61d7dedc84143dbceffb425e78803d7ffa8b9304f5ea749163fffc6
perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 0e289b52061b3744b62a38de551f0072fa4c35f5ce83a71b0b16684884195c4a
perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 0e289b52061b3744b62a38de551f0072fa4c35f5ce83a71b0b16684884195c4a
python-perf-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: b2f92f3aaff9dba2ce9c238076822c4177d75d0ed9412db68bedb9dc10235c39
python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: a8da1c7d54e8dda89553286a79dfb7dc99cfd96b576c32a940076dd9adac683a
python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: a8da1c7d54e8dda89553286a79dfb7dc99cfd96b576c32a940076dd9adac683a

Red Hat Enterprise Linux Server - TUS 7.2

SRPM
kernel-3.10.0-327.76.1.el7.src.rpm SHA-256: 2d5d389baafb9ea942534a323dfba32b2d806fae2011359716b711ac6decd39a
x86_64
kernel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 1aa051c3bdabfa70b6b81435dead3da48d2304fabf7b41574465b11c3a5b4b2a
kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm SHA-256: 21ce72f1eedf0e18dbca60a158fc3795b54f0db88bf4766a410ba15ce4581a09
kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: c90764a9d26dfa68198c3b8b414541d4532c09649b1bc0aa7551c59645f21e1c
kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d2297a1af5047fab5474fc7b4003c05346ec15800229ed62f60b1b25ef0623cf
kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d2297a1af5047fab5474fc7b4003c05346ec15800229ed62f60b1b25ef0623cf
kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 72b0389439d64d3bba592888152183f14bd18c3216475dc7d2e2f7b2fd7cd5ef
kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d19e78bdb7d32e705349f81d047f0574f2ad7249407b689942c8c8a335d1e282
kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d19e78bdb7d32e705349f81d047f0574f2ad7249407b689942c8c8a335d1e282
kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 998452ab76620d1561cc519798556dbe9a673ecffec6b11385f8bcd36a970f81
kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 998452ab76620d1561cc519798556dbe9a673ecffec6b11385f8bcd36a970f81
kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 454f055dd2f85f30ae3e775ab136eb8fff95297d70eb3f1b0385781cc7581927
kernel-doc-3.10.0-327.76.1.el7.noarch.rpm SHA-256: 7f0670f0ff034c88db3fa4e564ac2061169f5589622a4963f06f8dc28b5590aa
kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 5acd5af9c02a6af9455736f32f68a956a8cde7fe04afaf2abf1b7370f95c3ffd
kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 14da409b21b35ce7d4612b8c0f2649dab56bc48e366cb9abcf6e145747133b4c
kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 87e1a79dd118e6ca2d4329ee01edf19cbf82de1e043c7178ccfb13d7a9a284d3
kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 87e1a79dd118e6ca2d4329ee01edf19cbf82de1e043c7178ccfb13d7a9a284d3
kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 9db72bd4d0afef0b3e6617c05800d005e309563a2473f5bbf9644e3793b4616b
kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: bdd3365024cc2bde12e220b504c991f55aa55aa44e45514ca624a8f4d6e23ab6
perf-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: e1affa0db61d7dedc84143dbceffb425e78803d7ffa8b9304f5ea749163fffc6
perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 0e289b52061b3744b62a38de551f0072fa4c35f5ce83a71b0b16684884195c4a
perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 0e289b52061b3744b62a38de551f0072fa4c35f5ce83a71b0b16684884195c4a
python-perf-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: b2f92f3aaff9dba2ce9c238076822c4177d75d0ed9412db68bedb9dc10235c39
python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: a8da1c7d54e8dda89553286a79dfb7dc99cfd96b576c32a940076dd9adac683a
python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: a8da1c7d54e8dda89553286a79dfb7dc99cfd96b576c32a940076dd9adac683a

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.2

SRPM
kernel-3.10.0-327.76.1.el7.src.rpm SHA-256: 2d5d389baafb9ea942534a323dfba32b2d806fae2011359716b711ac6decd39a
x86_64
kernel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 1aa051c3bdabfa70b6b81435dead3da48d2304fabf7b41574465b11c3a5b4b2a
kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm SHA-256: 21ce72f1eedf0e18dbca60a158fc3795b54f0db88bf4766a410ba15ce4581a09
kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: c90764a9d26dfa68198c3b8b414541d4532c09649b1bc0aa7551c59645f21e1c
kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d2297a1af5047fab5474fc7b4003c05346ec15800229ed62f60b1b25ef0623cf
kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d2297a1af5047fab5474fc7b4003c05346ec15800229ed62f60b1b25ef0623cf
kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 72b0389439d64d3bba592888152183f14bd18c3216475dc7d2e2f7b2fd7cd5ef
kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d19e78bdb7d32e705349f81d047f0574f2ad7249407b689942c8c8a335d1e282
kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: d19e78bdb7d32e705349f81d047f0574f2ad7249407b689942c8c8a335d1e282
kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 998452ab76620d1561cc519798556dbe9a673ecffec6b11385f8bcd36a970f81
kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 998452ab76620d1561cc519798556dbe9a673ecffec6b11385f8bcd36a970f81
kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 454f055dd2f85f30ae3e775ab136eb8fff95297d70eb3f1b0385781cc7581927
kernel-doc-3.10.0-327.76.1.el7.noarch.rpm SHA-256: 7f0670f0ff034c88db3fa4e564ac2061169f5589622a4963f06f8dc28b5590aa
kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 5acd5af9c02a6af9455736f32f68a956a8cde7fe04afaf2abf1b7370f95c3ffd
kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 14da409b21b35ce7d4612b8c0f2649dab56bc48e366cb9abcf6e145747133b4c
kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 87e1a79dd118e6ca2d4329ee01edf19cbf82de1e043c7178ccfb13d7a9a284d3
kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 87e1a79dd118e6ca2d4329ee01edf19cbf82de1e043c7178ccfb13d7a9a284d3
kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 9db72bd4d0afef0b3e6617c05800d005e309563a2473f5bbf9644e3793b4616b
kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: bdd3365024cc2bde12e220b504c991f55aa55aa44e45514ca624a8f4d6e23ab6
perf-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: e1affa0db61d7dedc84143dbceffb425e78803d7ffa8b9304f5ea749163fffc6
perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 0e289b52061b3744b62a38de551f0072fa4c35f5ce83a71b0b16684884195c4a
perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: 0e289b52061b3744b62a38de551f0072fa4c35f5ce83a71b0b16684884195c4a
python-perf-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: b2f92f3aaff9dba2ce9c238076822c4177d75d0ed9412db68bedb9dc10235c39
python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: a8da1c7d54e8dda89553286a79dfb7dc99cfd96b576c32a940076dd9adac683a
python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm SHA-256: a8da1c7d54e8dda89553286a79dfb7dc99cfd96b576c32a940076dd9adac683a

Red Hat のセキュリティーに関する連絡先は secalert@redhat.com です。 連絡先の詳細は https://access.redhat.com/security/team/contact/ をご覧ください。