Описание
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
Отчет
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 7 for ARM and Red Hat Enterprise Linux 7 for Power LE. This issue affects the versions of the Linux kernel as shipped with 6, 7 and Red Hat Enterprise MRG 2. Future updates for the respective releases may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2018:1854 | 19.06.2018 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2018:0676 | 10.04.2018 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2018:1062 | 10.04.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or ...
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
ELSA-2018-1854: kernel security and bug fix update (IMPORTANT)
EPSS
5.5 Medium
CVSS3