RHEL 7 : kernel-alt (RHSA-2018:2772)

Medium Nessus Plugin ID 117779


The remote Red Hat host is missing one or more security updates.


An update for kernel-alt is now available for Red Hat Enterprise Linux

Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es) :

* kernel: Infoleak/use-after-free in __oom_reap_task_mm function in
mm/ oom_kill.c (CVE-2017-18202)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

Bug Fix(es) :

* Previously, on certain little-endian variants of IBM Power Systems,
there was no 'sysfs spec_store_bypass' file. As a consequence,
there was no way to indicate the Speculative Store Bypass Disable
(SSBD) mitigation status. This update adds infrastructure code into
the kernel to create the /sys/ devices/system/cpu/vulnerabilities/*
files. As a result, sysfs spec_store_bypass shows whether the SSBD
mitigation is disabled or enabled. (BZ#1602340)

* Previously, the kernel architectures for IBM z Systems were missing
support to display the status of the Spectre v2 mitigations. As a
consequence, the /sys/devices/system/cpu/vulnerabilities/spectre_v2
file did not exist. With this update, the kernel now shows the status
in the above mentioned file and as a result, the file now reports
either 'Vulnerable' or 'Mitigation: execute trampolines' message.


Update the affected packages.

See Also



Plugin Details

Severity: Medium

ID: 117779

File Name: redhat-RHSA-2018-2772.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2018/09/27

Modified: 2018/11/26

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo, p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-doc, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:kernel-kdump, p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo, p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:redhat:enterprise_linux:perf-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-perf, p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo, cpe:/o:redhat:enterprise_linux:7

Patch Publication Date: 2018/09/25

Reference Information

CVE: CVE-2017-18202

RHSA: 2018:2772