[Ksplice][RHEL7-Updates] New Ksplice updates for RHEL 7 (RHSA-2018:3651)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed Nov 28 05:31:21 PST 2018
Synopsis: RHSA-2018:3651 can now be patched using Ksplice
CVEs: CVE-2018-14633 CVE-2018-14646
Systems running Red Hat Enterprise Linux 7 can now use Ksplice to
patch against the latest Red Hat Security Advisory, RHSA-2018:3651.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running RHEL 7 install
these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2018-14646: Denial-of-service in network namespace netlink capabilities.
A NULL pointer dereference in the netlink code for a network namespaced
process could result in a kernel crash. A local user in the namespace
could use this flaw to crash the host.
* CVE-2018-14633: Remote privilege escalation in iSCSI CHAP authentication.
A stack buffer overflow in the iSCSI CHAP authentication code could
allow an unauthenticated remote attacker to corrupt stack memory and
crash the system or potentially, execute code on the target system.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-RHEL7-Updates
mailing list