drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Linux
Name: |
Denial of Service in Linux |
|
ID: |
FEDORA-2018-4ca01704a2 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 26 |
|
Datum: |
Mi, 18. April 2018, 07:46 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10021 |
|
Applikationen: |
Linux |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-4ca01704a2 2018-04-18 01:02:04.088410 ------------------------------------------------------------------------------- -
Name : kernel Product : Fedora 26 Version : 4.15.17 Release : 200.fc26 URL : http://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package
------------------------------------------------------------------------------- - Update Information:
The 4.15.17 update contains a number of important fixes across the tree. ------------------------------------------------------------------------------- - ChangeLog:
* Thu Apr 12 2018 Laura Abbott <labbott@redhat.com> - 4.15.17-200 - Linux v4.15.17 * Thu Apr 12 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-10021 (rhbz 1566407 1566409) * Mon Apr 9 2018 Laura Abbott <labbott@redhat.com> - 4.15.16-200 - Linux v4.15.16 * Mon Apr 2 2018 Laura Abbott <labbott@redhat.com> - 4.15.15-200 - Linux v4.15.15 * Thu Mar 29 2018 Laura Abbott <labbott@redhat.com> - 4.15.14-200 - Linux v4.15.14 * Thu Mar 29 2018 Jeremy Cline <jeremy@jcline.org> - Fix mounting NFS with kerberos (rhbz 1558977) * Mon Mar 26 2018 Laura Abbott <labbott@redhat.com> - 4.15.13-200 - Linux v4.15.13 * Thu Mar 22 2018 Laura Abbott <labbott@redhat.com> - 4.15.12-201 - Rebuild for kernel-devel fix * Thu Mar 22 2018 Jeremy Cline <jeremy@jcline.org> - Fix for nouveau backlight regression (rhbz 1511786) * Wed Mar 21 2018 Laura Abbott <labbott@redhat.com> - 4.15.12-200 - Linux v4.15.12 * Mon Mar 19 2018 Laura Abbott <labbott@redhat.com> - 4.15.11-200 - Linux v4.15.11 * Mon Mar 19 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2017-18232 (rhbz 1558066 1558067) * Thu Mar 15 2018 Laura Abbott <labbott@redhat.com> - 4.15.10-200 - Linux v4.15.10 - Fix for dock booting (rhbz 1549042) - Fix THP bug (rhbz 1546709) * Mon Mar 12 2018 Laura Abbott <labbott@redhat.com> - 4.15.9-200 - Linux v4.15.9 * Mon Mar 12 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-7995 (rhbz 1553911 1553918) - Fix CVE-2018-8043 (rhbz 1554199 1554200) * Fri Mar 9 2018 Laura Abbott <labbott@redhat.com> - 4.15.8-200 - Linux v4.15.8 * Thu Mar 8 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-7757 (rhbz 1553361 1553363) * Tue Mar 6 2018 Laura Abbott <labbott@redhat.com> - Fixes for IPMI crash (rbhz 1549316) * Mon Mar 5 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-5803 (rhbz 1551051 1551053) * Fri Mar 2 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-1065 (rhbz 1547824 1547831) * Wed Feb 28 2018 Laura Abbott <labbott@redhat.com> - 4.15.7-200 - Linux v4.15.7 - Fix IPMI crash (rhbz 1549316) * Mon Feb 26 2018 Laura Abbott <labbott@redhat.com> - 4.15.6-200 - Linux v4.15.6 * Fri Feb 23 2018 Laura Abbott <labbott@redhat.com> - 4.15.5-200 - Linux v4.15.5 * Mon Feb 19 2018 Laura Abbott <labbott@redhat.com> - 4.15.4-200 - Linux v4.15.4 * Mon Feb 19 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-1000026 (rhbz 1541846 1546744) * Tue Feb 13 2018 Laura Abbott <labbott@redhat.com> - 4.15.3-200 - Linux v4.15.3 rebase * Wed Feb 7 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.18-200 - Linux v4.14.18 * Mon Feb 5 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.17-200 - Linux v4.14.17 * Wed Jan 31 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.16-200 - Linux v4.14.16 * Mon Jan 29 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2018-5750 (rhbz 1539706 1539708) - Fix softlockup (rhbz 1492664 1492665) * Sat Jan 27 2018 Laura Abbott <labbott@fedoraproject.org> - Add support for Wacom tablet (rhbz 1539238) * Fri Jan 26 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.15-201 - Revert retpoline vermagic tag * Wed Jan 24 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.15-200 - Linux v4.14.15 - Fix CVE-2018-1000004 (rhbz 1535315 1535316) * Tue Jan 23 2018 Laura Abbott <labbott@fedoraproject.org> - Fix for nouveau crash (rhbz 1513150) * Thu Jan 18 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.14-300 - Add some ppc mitigations from upstream * Wed Jan 17 2018 Justin M. Forbes <jforbes@fedoraproject.org> - Linux v4.14.14 - Fixes (rhbz 1532458) * Fri Jan 12 2018 Jeremy Cline <jeremy@jcline.org> - Fix for CVE-2018-5344 (rhbz 1533909 1533911) - Fix for CVE-2018-5332 (rhbz 1533890 1533895) - Fix for CVE-2018-5333 (rhbz 1533891 1533895) * Wed Jan 10 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.13-200 - Linux v4.14.13 - Iniital retpoline fixes for Spectre v2 * Mon Jan 8 2018 Laura Abbott <labbott@redhat.com> - Disable CONFIG_RESET_ATTACK_MITIGATION (rhbz 1532058) * Fri Jan 5 2018 Laura Abbott <labbott@redhat.com> - Copy module linker script (rhbz 1531182) * Fri Jan 5 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.12-200 - Linux v4.14.12 - Add a patch to filter false positive kbd backlight change events (rhbz 1514969) * Wed Jan 3 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.11-200 - Linux v4.14.11 * Mon Jan 1 2018 Laura Abbott <labbott@redhat.com> - 4.14.10-200 - Linux v4.14.10 * Tue Dec 26 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.9-200 - Linux v4.14.9 - Fixes CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 (rhbz 1529120 1529123 1529124 1529125) - Fixes CVE-2017-17852 CVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856 CVE-2017-17857 (rhbz 1530269 1530270 1530271 1530272 1530273 1530274 1530279) * Wed Dec 20 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.8-200 - Linux v4.14.8 * Wed Dec 20 2017 Jeremy Cline <jeremy@jcline.org> - Backport fix e1000_check_for_copper_link_ich8lan return value * Tue Dec 19 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2017-17741 (rhbz 1527112 1527113) * Mon Dec 18 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.7-200 - Linux v4.14.7 - Fix CVE-2017-17712 (rhbz 1526427 1526933) * Thu Dec 14 2017 Jeremy Cline <jeremy@jcline.org> - 4.14.6-200 - Linux v4.14.6 - Security fix for CVE-2017-17449 (rhbz 1525762 1525763) - Security fix for CVE-2017-17450 (rhbz 1525761 1525764) - Security fix for CVE-2017-17448 (rhbz 1525768 1525769) * Wed Dec 13 2017 Jeremy Cline <jeremy@jcline.org> - Fix CVE-2017-17558 (rhbz 1525474 1525476) - Revert exec: avoid RLIMIT_STACK races with prlimit() * Tue Dec 12 2017 Jeremy Cline <jeremy@jcline.org> - Fix CVE-2017-8824 (rhbz 1519591 1520764) * Mon Dec 11 2017 Jeremy Cline <jeremy@jcline.org> - Re-fix USB null pointer dereference on ThinkPad X1 (rhbz 1462175) * Mon Dec 11 2017 Jeremy Cline <jeremy@jcline.org> - 4.14.5-200 - Linux v4.14.5 * Thu Dec 7 2017 Jeremy Cline <jeremy@jcline.org> - 4.14.4-200 - Linux v4.14.4 rebase - Fixes for dwmac-sun8i for A64/Pine64 - Fixes for Cavium ThunderX (rhbz 1521190) * Thu Nov 30 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.16-202 - Fix CVE-2017-1000405 (rhbz 1516514 1519115) * Wed Nov 29 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.16-201 - Fix USB null pointer dereference on ThinkPad X1 (rhbz 1462175) - Patches ppc64, ppc64le mm failure (rhbz 1518707) * Mon Nov 27 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.16-200 - Linux v4.13.16 - Fix CVE-2017-16649 (rhbz 1516267 1516274) - Fix CVE-2017-16650 (rhbz 1516265 1516274) - Fix CVE-2017-16644 (rhbz 1516273 1516274) - Fix CVE-2017-16647 (rhbz 1516270 1516274) * Tue Nov 21 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix cursor issues with QXL (rhbz 1507931) * Tue Nov 21 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.15-200 - Linux v4.13.15 * Mon Nov 20 2017 Laura Abbott <labbott@redhat.com> - Enable driver for the Behringer BCD 2000 (rhbz 1514945) * Sun Nov 19 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.14-200 - Linux v4.13.14 * Wed Nov 15 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.13-200 - Linux v4.13.13 - Fix CVE-2017-15115 (rhbz 1513346 1513345) * Wed Nov 15 2017 Peter Robinson <pbrobinson@fedoraproject.org> - Add fix for vc4 interupts * Wed Nov 8 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.12-200 - Linux v4.13.12 * Wed Nov 8 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2017-16532 (rhbz 1510835 1510854) - Fix CVE-2017-16538 (rhbz 1510826 1510854) * Mon Nov 6 2017 Laura Abbott <labbott@redhat.com> - Patches for ThinkPad X1 Carbon Gen5 Touchpad (rhbz 1509461) - Fix for KVM regression on some machines (rhbz 1490803) * Thu Nov 2 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.11-200 - Linux v4.13.11 - Fix CVE-2017-12193 (rhbz 1501215 1508717) - SMB3: Validate negotiate request must always be signed (rhbz 1502606) - Backport new SELinux NNP/nosuid patch to resolve interactions with systemd * Wed Nov 1 2017 Laura Abbott <labbott@fedoraproject.org> - Add fix for potential mlxsw firmware incompatibility * Fri Oct 27 2017 Jeremy Cline <jeremy@jcline.org> - 4.13.10-200 - Linux v4.13.10 * Mon Oct 23 2017 Laura Abbott <labbott@redhat.com> - 4.13.9-200 - Linux v4.13.9 * Wed Oct 18 2017 Laura Abbott <labbott@fedoraproject.org> - 4.13.8-200 - Linux v4.13.8 - Fix CVE-2017-12190 (rhbz 1495089 1503580) * Mon Oct 16 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.13.7-200 - Linux v4.13.7 - Fixes CVE-2017-5123 (rhbz 1500094 1501762) - Fix CVE-2017-15265 (rhbz 1501878 1501880) * Thu Oct 12 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.13.6-200 - Linux v4.13.6 - Fixes CVE-2017-1000255 (rhbz 1498067 1500335) * Thu Oct 12 2017 Peter Robinson <pbrobinson@fedoraproject.org> - Some minor ARM fixes and cleanups - Fixes for Cavium ThunderX plaforms * Wed Oct 11 2017 Jeremy Cline <jeremy@jcline.org> - Fix incorrect updates of uninstantiated keys crash the kernel (rhbz 1498016 1498017) * Tue Oct 10 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Disable kernel tracking on SMBus devices (rhbz 1482648) * Fri Oct 6 2017 Peter Robinson <pbrobinson@fedoraproject.org> - ARM ACPI fix for x-gene RHBZ #1498117 * Thu Oct 5 2017 Laura Abbott <labbott@fedoraproject.org> - 4.13.5-200 - Linux v4.13.5 - Fix for peaq_wmi nul spew (rhbz 1497861) - Fixes CVE-2017-14954 (rhbz 1497745 1497747) * Thu Sep 28 2017 Laura Abbott <labbott@redhat.com> - 4.13.4-200 - Linux v4.13.4 * Mon Sep 25 2017 Peter Robinson <pbrobinson@fedoraproject.org> - Add patch to fix PCI on tegra20 * Thu Sep 21 2017 Laura Abbott <labbott@redhat.com> - 4.13.3-200 - Linux v4.13.3 - Fix NFS locks (rhbz 1493498) - Fix bindport regression (rhbz 1432684) * Wed Sep 20 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.14-300 - Linux v4.12.14 - Fixes 1493435 1493436 - Fixes CVE-2017-14497 (rhbz 1492593 1492594) * Mon Sep 18 2017 Justin M. Forbes <jforbes@redhat.com> - Fixes for QXL (rhbz 1462381) * Thu Sep 14 2017 Justin M. Forbes <jforbes@redhat.com> - 4.12.13-300 - Linux v4.12.13 * Wed Sep 13 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix CVE-2017-12154 (rhbz 1491224 1491231) - Fix CVE-2017-12153 (rhbz 1491046 1491057) - Fix CVE-2017-1000251 (rhbz 1489716 1490906) * Mon Sep 11 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.12-300 - Linux v4.12.12 - QXL Fixes - Fix for xen ballow with AWS (rhbz 1463000) * Thu Sep 7 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.11-300 - Linux v4.12.11 * Thu Aug 31 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.10-300 - Fix CVE-2017-14051 (rhbz 1487126 1487127) * Wed Aug 30 2017 Justin M. Forbes <jforbes@redhat.com> - Linux v4.12.10 - Fix for CVE-2017-13693 (rhbz 1485346 1485356) - Fix for CVE-2017-13694 (rhbz 1485348) - Fix for CVE-2017-13695 (rhbz 1485349) - Fix for raid 1/10 (rhbz 1484587) * Fri Aug 25 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.9-300 - Linux v4.12.9 - For for AMD Stoney GPU (rhbz 1485086) - Fix for RT3573 regression (rhbz 1480829) - Fix for CVE-2017-7558 (rhbz 1480266 1484810) - Fix for kvm_stat (rhbz 1483527) * Thu Aug 17 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix for vmalloc_32 crash (rhbz 1482249 1482570) * Thu Aug 17 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.8-300 - Linux v4.12.8 * Wed Aug 16 2017 Laura Abbott <labbott@redhat.com> - Fix for iio race * Wed Aug 16 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix xen CVE-2017-12134 (rhbz 1477656 1481786) * Mon Aug 14 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.7-300 - Linux v4.12.7 * Fri Aug 11 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.6-300 - Linux v4.12.6 - Fix CVE-2017-1000111 (rhbz 1479304 1480464) - Fix CVE-2017-1000112 (rhbz 1479307 1480465) * Fri Aug 11 2017 Dan Horak <dan@danny.cz> - disable SWIOTLB on Power (#1480380) * Fri Aug 11 2017 Josh Boyer <jwboyer@fedoraproject.org> - Disable MEMORY_HOTPLUG_DEFAULT_ONLINE on ppc64 (rhbz 1476380) * Mon Aug 7 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.5-300 - Linux v4.12.5 - Fixes CVE-2017-7533 (rhbz 1468283 1478086) * Thu Aug 3 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Temp fix for QXL (rhbz 1462381) - Fix for signed module loading (rhbz 1476467) * Thu Aug 3 2017 Laura Abbott <labbott@redhat.com> - Keep UDF in the main kernel package (rhbz 1471314) * Thu Jul 27 2017 Justin M. Forbes <jforbes@redhat.com> - 4.12.4-300 - Linux v4.12.4 * Wed Jul 26 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Fix mtx (rhbz 1471302) * Tue Jul 25 2017 Justin M. Forbes <jforbes@fedoraproject.org> - Force python3 for kvm_stat because we can't dep (rhbz 1456722) * Tue Jul 25 2017 Peter Robinson <pbrobinson@fedoraproject.org> 4.12.3-301 - Bring in ARM patches from stabilization branch * Mon Jul 24 2017 Justin M. Forbes <jforbes@fedoraproject.org> - 4.12.3-300 - Linux v4.12.3 - Fix rhbz 1431375 * Mon Jul 17 2017 Laura Abbott <labbott@fedoraproject.org> - 4.11.11-300 - Linux v4.11.11 - Bring back /dev/port (rhbz 1471429 1451220) * Wed Jul 12 2017 Peter Robinson <pbrobinson@fedoraproject.org> - Build in i2c-rk3x to fix some device boot * Wed Jul 12 2017 Laura Abbott <labbott@fedoraproject.org> - 4.11.10-300 - Linux v4.11.10 * Mon Jul 10 2017 Laura Abbott <labbott@fedoraproject.org> - Only call pwm_add_table for the first PWM controller (rhbz 1458599) * Thu Jul 6 2017 Justin M. Forbes <jforbes@fedoraproject.org> - CVE-2017-10810 fix virtio-gpu mem leak (rhbz 1468023 1468024) * Wed Jul 5 2017 Laura Abbott <labbott@fedoraproject.org> - 4.11.9-300 - Linux v4.11.9 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1566407 - CVE-2018-10021 kernel: ata qc leak in drivers/scsi/libsas/sas_scsi_host.c allows local users to cause denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1566407 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-4ca01704a2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|