CVE-2018-3665
CVSS4.7
发布时间 :2018-06-21 16:29:00
修订时间 :2018-07-16 21:29:05
NMPS    

[原文]System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.


[CNNVD]CNNVD数据暂缺。


[机译]译文暂缺.

- CVSS (基础分值)

CVSS分值: 4.7 [中等(MEDIUM)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-200 [信息暴露]

- CPE (受影响的平台与产品)

cpe:/h:arm:cortex-a:15
cpe:/h:arm:cortex-a:57
cpe:/h:arm:cortex-a:72
cpe:/h:intel:core_i3:330e
cpe:/h:intel:core_i3:330m
cpe:/h:intel:core_i3:330um
cpe:/h:intel:core_i3:350m
cpe:/h:intel:core_i3:370m
cpe:/h:intel:core_i3:380m
cpe:/h:intel:core_i3:380um
cpe:/h:intel:core_i3:390m
cpe:/h:intel:core_i3:530
cpe:/h:intel:core_i3:540
cpe:/h:intel:core_i3:550
cpe:/h:intel:core_i3:560
cpe:/h:intel:core_i3:2100
cpe:/h:intel:core_i3:2100t
cpe:/h:intel:core_i3:2102
cpe:/h:intel:core_i3:2105
cpe:/h:intel:core_i3:2115c
cpe:/h:intel:core_i3:2120
cpe:/h:intel:core_i3:2120t
cpe:/h:intel:core_i3:2125
cpe:/h:intel:core_i3:2130
cpe:/h:intel:core_i3:2310e
cpe:/h:intel:core_i3:2310m
cpe:/h:intel:core_i3:2312m
cpe:/h:intel:core_i3:2328m
cpe:/h:intel:core_i3:2330e
cpe:/h:intel:core_i3:2330m
cpe:/h:intel:core_i3:2340ue
cpe:/h:intel:core_i3:2348m
cpe:/h:intel:core_i3:2350m
cpe:/h:intel:core_i3:2357m
cpe:/h:intel:core_i3:2365m
cpe:/h:intel:core_i3:2367m
cpe:/h:intel:core_i3:2370m
cpe:/h:intel:core_i3:2375m
cpe:/h:intel:core_i3:2377m
cpe:/h:intel:core_i3:3110m
cpe:/h:intel:core_i3:3115c
cpe:/h:intel:core_i3:3120m
cpe:/h:intel:core_i3:3120me
cpe:/h:intel:core_i3:3130m
cpe:/h:intel:core_i3:3210
cpe:/h:intel:core_i3:3217u
cpe:/h:intel:core_i3:3217ue
cpe:/h:intel:core_i3:3220
cpe:/h:intel:core_i3:3220t
cpe:/h:intel:core_i3:3225
cpe:/h:intel:core_i3:3227u
cpe:/h:intel:core_i3:3229y
cpe:/h:intel:core_i3:3240
cpe:/h:intel:core_i3:3240t
cpe:/h:intel:core_i3:3245
cpe:/h:intel:core_i3:3250
cpe:/h:intel:core_i3:3250t
cpe:/h:intel:core_i3:4000m
cpe:/h:intel:core_i3:4005u
cpe:/h:intel:core_i3:4010u
cpe:/h:intel:core_i3:4010y
cpe:/h:intel:core_i3:4012y
cpe:/h:intel:core_i3:4020y
cpe:/h:intel:core_i3:4025u
cpe:/h:intel:core_i3:4030u
cpe:/h:intel:core_i3:4030y
cpe:/h:intel:core_i3:4100e
cpe:/h:intel:core_i3:4100m
cpe:/h:intel:core_i3:4100u
cpe:/h:intel:core_i3:4102e
cpe:/h:intel:core_i3:4110e
cpe:/h:intel:core_i3:4110m
cpe:/h:intel:core_i3:4112e
cpe:/h:intel:core_i3:4120u
cpe:/h:intel:core_i3:4130
cpe:/h:intel:core_i3:4130t
cpe:/h:intel:core_i3:4150
cpe:/h:intel:core_i3:4150t
cpe:/h:intel:core_i3:4158u
cpe:/h:intel:core_i3:4160
cpe:/h:intel:core_i3:4160t
cpe:/h:intel:core_i3:4170
cpe:/h:intel:core_i3:4170t
cpe:/h:intel:core_i3:4330
cpe:/h:intel:core_i3:4330t
cpe:/h:intel:core_i3:4330te
cpe:/h:intel:core_i3:4340
cpe:/h:intel:core_i3:4340te
cpe:/h:intel:core_i3:4350
cpe:/h:intel:core_i3:4350t
cpe:/h:intel:core_i3:4360
cpe:/h:intel:core_i3:4360t
cpe:/h:intel:core_i3:4370
cpe:/h:intel:core_i3:4370t
cpe:/h:intel:core_i3:5005u
cpe:/h:intel:core_i3:5010u
cpe:/h:intel:core_i3:5015u
cpe:/h:intel:core_i3:5020u
cpe:/h:intel:core_i3:5157u
cpe:/h:intel:core_i3:6006u
cpe:/h:intel:core_i3:6098p
cpe:/h:intel:core_i3:6100
cpe:/h:intel:core_i3:6100e
cpe:/h:intel:core_i3:6100h
cpe:/h:intel:core_i3:6100t
cpe:/h:intel:core_i3:6100te
cpe:/h:intel:core_i3:6100u
cpe:/h:intel:core_i3:6102e
cpe:/h:intel:core_i3:6157u
cpe:/h:intel:core_i3:6167u
cpe:/h:intel:core_i3:6300
cpe:/h:intel:core_i3:6300t
cpe:/h:intel:core_i3:6320
cpe:/h:intel:core_i3:8100
cpe:/h:intel:core_i3:8350k
cpe:/h:intel:core_i5:430m
cpe:/h:intel:core_i5:430um
cpe:/h:intel:core_i5:450m
cpe:/h:intel:core_i5:460m
cpe:/h:intel:core_i5:470um
cpe:/h:intel:core_i5:480m
cpe:/h:intel:core_i5:520e
cpe:/h:intel:core_i5:520m
cpe:/h:intel:core_i5:520um
cpe:/h:intel:core_i5:540m
cpe:/h:intel:core_i5:540um
cpe:/h:intel:core_i5:560m
cpe:/h:intel:core_i5:560um
cpe:/h:intel:core_i5:580m
cpe:/h:intel:core_i5:650
cpe:/h:intel:core_i5:655k
cpe:/h:intel:core_i5:660
cpe:/h:intel:core_i5:661
cpe:/h:intel:core_i5:670
cpe:/h:intel:core_i5:680
cpe:/h:intel:core_i5:750
cpe:/h:intel:core_i5:750s
cpe:/h:intel:core_i5:760
cpe:/h:intel:core_i5:2300
cpe:/h:intel:core_i5:2310
cpe:/h:intel:core_i5:2320
cpe:/h:intel:core_i5:2380p
cpe:/h:intel:core_i5:2390t
cpe:/h:intel:core_i5:2400
cpe:/h:intel:core_i5:2400s
cpe:/h:intel:core_i5:2405s
cpe:/h:intel:core_i5:2410m
cpe:/h:intel:core_i5:2430m
cpe:/h:intel:core_i5:2435m
cpe:/h:intel:core_i5:2450m
cpe:/h:intel:core_i5:2450p
cpe:/h:intel:core_i5:2467m
cpe:/h:intel:core_i5:2500
cpe:/h:intel:core_i5:2500k
cpe:/h:intel:core_i5:2500s
cpe:/h:intel:core_i5:2500t
cpe:/h:intel:core_i5:2510e
cpe:/h:intel:core_i5:2515e
cpe:/h:intel:core_i5:2520m
cpe:/h:intel:core_i5:2537m
cpe:/h:intel:core_i5:2540m
cpe:/h:intel:core_i5:2550k
cpe:/h:intel:core_i5:2557m
cpe:/h:intel:core_i5:3210m
cpe:/h:intel:core_i5:3230m
cpe:/h:intel:core_i5:3317u
cpe:/h:intel:core_i5:3320m
cpe:/h:intel:core_i5:3330
cpe:/h:intel:core_i5:3330s
cpe:/h:intel:core_i5:3337u
cpe:/h:intel:core_i5:3339y
cpe:/h:intel:core_i5:3340
cpe:/h:intel:core_i5:3340m
cpe:/h:intel:core_i5:3340s
cpe:/h:intel:core_i5:3350p
cpe:/h:intel:core_i5:3360m
cpe:/h:intel:core_i5:3380m
cpe:/h:intel:core_i5:3427u
cpe:/h:intel:core_i5:3437u
cpe:/h:intel:core_i5:3439y
cpe:/h:intel:core_i5:3450
cpe:/h:intel:core_i5:3450s
cpe:/h:intel:core_i5:3470
cpe:/h:intel:core_i5:3470s
cpe:/h:intel:core_i5:3470t
cpe:/h:intel:core_i5:3475s
cpe:/h:intel:core_i5:3550
cpe:/h:intel:core_i5:3550s
cpe:/h:intel:core_i5:3570
cpe:/h:intel:core_i5:3570k
cpe:/h:intel:core_i5:3570s
cpe:/h:intel:core_i5:3570t
cpe:/h:intel:core_i5:3610me
cpe:/h:intel:core_i5:4200h
cpe:/h:intel:core_i5:4200m
cpe:/h:intel:core_i5:4200u
cpe:/h:intel:core_i5:4200y
cpe:/h:intel:core_i5:4202y
cpe:/h:intel:core_i5:4210h
cpe:/h:intel:core_i5:4210m
cpe:/h:intel:core_i5:4210u
cpe:/h:intel:core_i5:4210y
cpe:/h:intel:core_i5:4220y
cpe:/h:intel:core_i5:4250u
cpe:/h:intel:core_i5:4258u
cpe:/h:intel:core_i5:4260u
cpe:/h:intel:core_i5:4278u
cpe:/h:intel:core_i5:4288u
cpe:/h:intel:core_i5:4300m
cpe:/h:intel:core_i5:4300u
cpe:/h:intel:core_i5:4300y
cpe:/h:intel:core_i5:4302y
cpe:/h:intel:core_i5:4308u
cpe:/h:intel:core_i5:4310m
cpe:/h:intel:core_i5:4310u
cpe:/h:intel:core_i5:4330m
cpe:/h:intel:core_i5:4340m
cpe:/h:intel:core_i5:4350u
cpe:/h:intel:core_i5:4360u
cpe:/h:intel:core_i5:4400e
cpe:/h:intel:core_i5:4402e
cpe:/h:intel:core_i5:4402ec
cpe:/h:intel:core_i5:4410e
cpe:/h:intel:core_i5:4422e
cpe:/h:intel:core_i5:4430
cpe:/h:intel:core_i5:4430s
cpe:/h:intel:core_i5:4440
cpe:/h:intel:core_i5:4440s
cpe:/h:intel:core_i5:4460
cpe:/h:intel:core_i5:4460s
cpe:/h:intel:core_i5:4460t
cpe:/h:intel:core_i5:4570
cpe:/h:intel:core_i5:4570r
cpe:/h:intel:core_i5:4570s
cpe:/h:intel:core_i5:4570t
cpe:/h:intel:core_i5:4570te
cpe:/h:intel:core_i5:4590
cpe:/h:intel:core_i5:4590s
cpe:/h:intel:core_i5:4590t
cpe:/h:intel:core_i5:4670
cpe:/h:intel:core_i5:4670k
cpe:/h:intel:core_i5:4670r
cpe:/h:intel:core_i5:4670s
cpe:/h:intel:core_i5:4670t
cpe:/h:intel:core_i5:4690
cpe:/h:intel:core_i5:4690k
cpe:/h:intel:core_i5:4690s
cpe:/h:intel:core_i5:4690t
cpe:/h:intel:core_i5:5200u
cpe:/h:intel:core_i5:5250u
cpe:/h:intel:core_i5:5257u
cpe:/h:intel:core_i5:5287u
cpe:/h:intel:core_i5:5300u
cpe:/h:intel:core_i5:5350h
cpe:/h:intel:core_i5:5350u
cpe:/h:intel:core_i5:5575r
cpe:/h:intel:core_i5:5675c
cpe:/h:intel:core_i5:5675r
cpe:/h:intel:core_i5:6200u
cpe:/h:intel:core_i5:6260u
cpe:/h:intel:core_i5:6267u
cpe:/h:intel:core_i5:6287u
cpe:/h:intel:core_i5:6300hq
cpe:/h:intel:core_i5:6300u
cpe:/h:intel:core_i5:6350hq
cpe:/h:intel:core_i5:6360u
cpe:/h:intel:core_i5:6400
cpe:/h:intel:core_i5:6400t
cpe:/h:intel:core_i5:6402p
cpe:/h:intel:core_i5:6440eq
cpe:/h:intel:core_i5:6440hq
cpe:/h:intel:core_i5:6442eq
cpe:/h:intel:core_i5:6500
cpe:/h:intel:core_i5:6500t
cpe:/h:intel:core_i5:6500te
cpe:/h:intel:core_i5:6585r
cpe:/h:intel:core_i5:6600
cpe:/h:intel:core_i5:6600k
cpe:/h:intel:core_i5:6600t
cpe:/h:intel:core_i5:6685r
cpe:/h:intel:core_i5:8250u
cpe:/h:intel:core_i5:8350u
cpe:/h:intel:core_i5:8400
cpe:/h:intel:core_i5:8600k
cpe:/h:intel:core_i7:7y75
cpe:/h:intel:core_i7:610e
cpe:/h:intel:core_i7:620le
cpe:/h:intel:core_i7:620lm
cpe:/h:intel:core_i7:620m
cpe:/h:intel:core_i7:620ue
cpe:/h:intel:core_i7:620um
cpe:/h:intel:core_i7:640lm
cpe:/h:intel:core_i7:640m
cpe:/h:intel:core_i7:640um
cpe:/h:intel:core_i7:660lm
cpe:/h:intel:core_i7:660ue
cpe:/h:intel:core_i7:660um
cpe:/h:intel:core_i7:680um
cpe:/h:intel:core_i7:720qm
cpe:/h:intel:core_i7:740qm
cpe:/h:intel:core_i7:820qm
cpe:/h:intel:core_i7:840qm
cpe:/h:intel:core_i7:860
cpe:/h:intel:core_i7:860s
cpe:/h:intel:core_i7:870
cpe:/h:intel:core_i7:870s
cpe:/h:intel:core_i7:875k
cpe:/h:intel:core_i7:880
cpe:/h:intel:core_i7:920
cpe:/h:intel:core_i7:920xm
cpe:/h:intel:core_i7:930
cpe:/h:intel:core_i7:940
cpe:/h:intel:core_i7:940xm
cpe:/h:intel:core_i7:950
cpe:/h:intel:core_i7:960
cpe:/h:intel:core_i7:965
cpe:/h:intel:core_i7:970
cpe:/h:intel:core_i7:975
cpe:/h:intel:core_i7:980
cpe:/h:intel:core_i7:980x
cpe:/h:intel:core_i7:990x
cpe:/h:intel:core_i7:2600
cpe:/h:intel:core_i7:2600k
cpe:/h:intel:core_i7:2600s
cpe:/h:intel:core_i7:2610ue
cpe:/h:intel:core_i7:2617m
cpe:/h:intel:core_i7:2620m
cpe:/h:intel:core_i7:2629m
cpe:/h:intel:core_i7:2630qm
cpe:/h:intel:core_i7:2635qm
cpe:/h:intel:core_i7:2637m
cpe:/h:intel:core_i7:2640m
cpe:/h:intel:core_i7:2649m
cpe:/h:intel:core_i7:2655le
cpe:/h:intel:core_i7:2657m
cpe:/h:intel:core_i7:2670qm
cpe:/h:intel:core_i7:2675qm
cpe:/h:intel:core_i7:2677m
cpe:/h:intel:core_i7:2700k
cpe:/h:intel:core_i7:2710qe
cpe:/h:intel:core_i7:2715qe
cpe:/h:intel:core_i7:2720qm
cpe:/h:intel:core_i7:2760qm
cpe:/h:intel:core_i7:2820qm
cpe:/h:intel:core_i7:2860qm
cpe:/h:intel:core_i7:2920xm
cpe:/h:intel:core_i7:2960xm
cpe:/h:intel:core_i7:3517u
cpe:/h:intel:core_i7:3517ue
cpe:/h:intel:core_i7:3520m
cpe:/h:intel:core_i7:3537u
cpe:/h:intel:core_i7:3540m
cpe:/h:intel:core_i7:3555le
cpe:/h:intel:core_i7:3610qe
cpe:/h:intel:core_i7:3610qm
cpe:/h:intel:core_i7:3612qe
cpe:/h:intel:core_i7:3612qm
cpe:/h:intel:core_i7:3615qe
cpe:/h:intel:core_i7:3615qm
cpe:/h:intel:core_i7:3630qm
cpe:/h:intel:core_i7:3632qm
cpe:/h:intel:core_i7:3635qm
cpe:/h:intel:core_i7:3667u
cpe:/h:intel:core_i7:3687u
cpe:/h:intel:core_i7:3689y
cpe:/h:intel:core_i7:3720qm
cpe:/h:intel:core_i7:3740qm
cpe:/h:intel:core_i7:3770
cpe:/h:intel:core_i7:3770k
cpe:/h:intel:core_i7:3770s
cpe:/h:intel:core_i7:3770t
cpe:/h:intel:core_i7:3820qm
cpe:/h:intel:core_i7:3840qm
cpe:/h:intel:core_i7:4500u
cpe:/h:intel:core_i7:4510u
cpe:/h:intel:core_i7:4550u
cpe:/h:intel:core_i7:4558u
cpe:/h:intel:core_i7:4578u
cpe:/h:intel:core_i7:4600m
cpe:/h:intel:core_i7:4600u
cpe:/h:intel:core_i7:4610m
cpe:/h:intel:core_i7:4610y
cpe:/h:intel:core_i7:4650u
cpe:/h:intel:core_i7:4700ec
cpe:/h:intel:core_i7:4700eq
cpe:/h:intel:core_i7:4700hq
cpe:/h:intel:core_i7:4700mq
cpe:/h:intel:core_i7:4702ec
cpe:/h:intel:core_i7:4702hq
cpe:/h:intel:core_i7:4702mq
cpe:/h:intel:core_i7:4710hq
cpe:/h:intel:core_i7:4710mq
cpe:/h:intel:core_i7:4712hq
cpe:/h:intel:core_i7:4712mq
cpe:/h:intel:core_i7:4720hq
cpe:/h:intel:core_i7:4722hq
cpe:/h:intel:core_i7:4750hq
cpe:/h:intel:core_i7:4760hq
cpe:/h:intel:core_i7:4765t
cpe:/h:intel:core_i7:4770
cpe:/h:intel:core_i7:4770hq
cpe:/h:intel:core_i7:4770k
cpe:/h:intel:core_i7:4770r
cpe:/h:intel:core_i7:4770s
cpe:/h:intel:core_i7:4770t
cpe:/h:intel:core_i7:4770te
cpe:/h:intel:core_i7:4771
cpe:/h:intel:core_i7:4785t
cpe:/h:intel:core_i7:4790
cpe:/h:intel:core_i7:4790k
cpe:/h:intel:core_i7:4790s
cpe:/h:intel:core_i7:4790t
cpe:/h:intel:core_i7:4800mq
cpe:/h:intel:core_i7:4810mq
cpe:/h:intel:core_i7:4850hq
cpe:/h:intel:core_i7:4860hq
cpe:/h:intel:core_i7:4870hq
cpe:/h:intel:core_i7:4900mq
cpe:/h:intel:core_i7:4910mq
cpe:/h:intel:core_i7:4950hq
cpe:/h:intel:core_i7:4960hq
cpe:/h:intel:core_i7:4980hq
cpe:/h:intel:core_i7:5500u
cpe:/h:intel:core_i7:5550u
cpe:/h:intel:core_i7:5557u
cpe:/h:intel:core_i7:5600u
cpe:/h:intel:core_i7:5650u
cpe:/h:intel:core_i7:5700eq
cpe:/h:intel:core_i7:5700hq
cpe:/h:intel:core_i7:5750hq
cpe:/h:intel:core_i7:5775c
cpe:/h:intel:core_i7:5775r
cpe:/h:intel:core_i7:5850eq
cpe:/h:intel:core_i7:5850hq
cpe:/h:intel:core_i7:5950hq
cpe:/h:intel:core_i7:7500u
cpe:/h:intel:core_i7:7560u
cpe:/h:intel:core_i7:7567u
cpe:/h:intel:core_i7:7600u
cpe:/h:intel:core_i7:7660u
cpe:/h:intel:core_i7:7700
cpe:/h:intel:core_i7:7700hq
cpe:/h:intel:core_i7:7700k
cpe:/h:intel:core_i7:7700t
cpe:/h:intel:core_i7:7820eq
cpe:/h:intel:core_i7:7820hk
cpe:/h:intel:core_i7:7820hq
cpe:/h:intel:core_i7:7920hq
cpe:/h:intel:core_i7:8550u
cpe:/h:intel:core_i7:8650u
cpe:/h:intel:core_i7:8700
cpe:/h:intel:core_i7:8700k
cpe:/h:intel:core_m:5y10
cpe:/h:intel:core_m:5y10a
cpe:/h:intel:core_m:5y10c
cpe:/h:intel:core_m:5y31
cpe:/h:intel:core_m:5y51
cpe:/h:intel:core_m:5y70
cpe:/h:intel:core_m:5y71
cpe:/h:intel:core_m3:6y30
cpe:/h:intel:core_m3:7y30
cpe:/h:intel:core_m3:7y32
cpe:/h:intel:core_m5:6y54
cpe:/h:intel:core_m5:6y57
cpe:/h:intel:core_m7:6y75

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3665
(官方数据源) NVD

- 其它链接及资源

http://www.securityfocus.com/bid/104460
(VENDOR_ADVISORY)  BID  104460
http://www.securitytracker.com/id/1041124
(VENDOR_ADVISORY)  SECTRACK  1041124
http://www.securitytracker.com/id/1041125
(VENDOR_ADVISORY)  SECTRACK  1041125
https://access.redhat.com/errata/RHSA-2018:1852
(VENDOR_ADVISORY)  REDHAT  RHSA-2018:1852
https://access.redhat.com/errata/RHSA-2018:1944
(VENDOR_ADVISORY)  REDHAT  RHSA-2018:1944
https://access.redhat.com/errata/RHSA-2018:2164
(UNKNOWN)  REDHAT  RHSA-2018:2164
https://access.redhat.com/errata/RHSA-2018:2165
(UNKNOWN)  REDHAT  RHSA-2018:2165
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
(UNKNOWN)  MLIST  [debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
(UNKNOWN)  MLIST  [debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc
(VENDOR_ADVISORY)  FREEBSD  FreeBSD-SA-18:07
https://support.citrix.com/article/CTX235745
(VENDOR_ADVISORY)  CONFIRM  https://support.citrix.com/article/CTX235745
https://usn.ubuntu.com/3696-1/
(VENDOR_ADVISORY)  UBUNTU  USN-3696-1
https://usn.ubuntu.com/3696-2/
(VENDOR_ADVISORY)  UBUNTU  USN-3696-2
https://usn.ubuntu.com/3698-1/
(UNKNOWN)  UBUNTU  USN-3698-1
https://usn.ubuntu.com/3698-2/
(VENDOR_ADVISORY)  UBUNTU  USN-3698-2
https://www.debian.org/security/2018/dsa-4232
(VENDOR_ADVISORY)  DEBIAN  DSA-4232
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
(VENDOR_ADVISORY)  CONFIRM  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
https://www.synology.com/support/security/Synology_SA_18_31
(VENDOR_ADVISORY)  CONFIRM  https://www.synology.com/support/security/Synology_SA_18_31

- 漏洞信息 (F148195)

Red Hat Security Advisory 2018-1852-01 (PacketStormID:F148195)
2018-06-14 00:00:00
Red Hat  
advisory,kernel
linux,redhat
CVE-2018-3665
[点击下载]

Red Hat Security Advisory 2018-1852-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security update
Advisory ID:       RHSA-2018:1852-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1852
Issue date:        2018-06-14
CVE Names:         CVE-2018-3665 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch, ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - noarch, ppc64le

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* Kernel: FPU state information leakage via lazy FPU restore
(CVE-2018-3665)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Julian Stecklina (Amazon.de), Thomas Prescher
(cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting this
issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-862.3.3.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm
kernel-doc-3.10.0-862.3.3.el7.noarch.rpm

x86_64:
kernel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm
perf-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-862.3.3.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm
kernel-doc-3.10.0-862.3.3.el7.noarch.rpm

x86_64:
kernel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm
perf-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-862.3.3.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm
kernel-doc-3.10.0-862.3.3.el7.noarch.rpm

ppc64:
kernel-3.10.0-862.3.3.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debug-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-862.3.3.el7.ppc64.rpm
kernel-devel-3.10.0-862.3.3.el7.ppc64.rpm
kernel-headers-3.10.0-862.3.3.el7.ppc64.rpm
kernel-tools-3.10.0-862.3.3.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.ppc64.rpm
perf-3.10.0-862.3.3.el7.ppc64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
python-perf-3.10.0-862.3.3.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm

ppc64le:
kernel-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debug-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-devel-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-headers-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.ppc64le.rpm
perf-3.10.0-862.3.3.el7.ppc64le.rpm
perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
python-perf-3.10.0-862.3.3.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm

s390x:
kernel-3.10.0-862.3.3.el7.s390x.rpm
kernel-debug-3.10.0-862.3.3.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.s390x.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-862.3.3.el7.s390x.rpm
kernel-devel-3.10.0-862.3.3.el7.s390x.rpm
kernel-headers-3.10.0-862.3.3.el7.s390x.rpm
kernel-kdump-3.10.0-862.3.3.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
kernel-kdump-devel-3.10.0-862.3.3.el7.s390x.rpm
perf-3.10.0-862.3.3.el7.s390x.rpm
perf-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
python-perf-3.10.0-862.3.3.el7.s390x.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.s390x.rpm

x86_64:
kernel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm
perf-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

noarch:
kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm
kernel-doc-3.10.0-862.3.3.el7.noarch.rpm

ppc64le:
kernel-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debug-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-devel-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-headers-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.ppc64le.rpm
perf-3.10.0-862.3.3.el7.ppc64le.rpm
perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
python-perf-3.10.0-862.3.3.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm

s390x:
kernel-3.10.0-862.3.3.el7.s390x.rpm
kernel-debug-3.10.0-862.3.3.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.s390x.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-862.3.3.el7.s390x.rpm
kernel-devel-3.10.0-862.3.3.el7.s390x.rpm
kernel-headers-3.10.0-862.3.3.el7.s390x.rpm
kernel-kdump-3.10.0-862.3.3.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
kernel-kdump-devel-3.10.0-862.3.3.el7.s390x.rpm
perf-3.10.0-862.3.3.el7.s390x.rpm
perf-debuginfo-3.10.0-862.3.3.el7.s390x.rpm
python-perf-3.10.0-862.3.3.el7.s390x.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.s390x.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-862.3.3.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.ppc64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.ppc64.rpm

ppc64le:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.ppc64le.rpm
perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

noarch:
kernel-doc-3.10.0-862.3.3.el7.noarch.rpm

ppc64le:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.ppc64le.rpm
perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.ppc64le.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-862.3.3.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm
kernel-doc-3.10.0-862.3.3.el7.noarch.rpm

x86_64:
kernel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm
kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm
perf-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3665
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/solutions/3485131

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWyLMGNzjgjWX9erEAQgpYA/9Hvz73em4/tW/TzM8kN/cCUwrOo83OQGU
t6j7YpDHKYm6u3chj6nlBSXW7UV+aY/63QMRTnzMWsGF1facAikYVqjyVZG4C//9
6DpBILs3bNgOS2XuKo8QfNfA+0FahOKScaeczXnPjIJZMj+v+2ykh2uTYENC4eLd
nnUymlRLm7MXcdmi3XSTmfBoBgcx4Beu+cLrZsdhxK0cFjw646KbiKqhbLbfVFK/
R+s49rsRJNWBw9DWaXskgAYOsznZA8EWNr5ncAwQ73ovIXy2k9qPvUJA/RNEOVZd
83LDx4IUs1VQ1xts38E0/tdnNV63bJ+oiv8j4P/tAXF3Ze/E46IvTdFu5U8bVCCD
ka1Ix+8YIvDHbvZCB62STZAA9N7vdCYZg/4o8NqsDnVE/7G18SbJsOhmKunMVybE
f0VSC19vyY6lVSBOY3Iyi/agO7tH0pY0YgHQDOQV/uGaCfR8lxvSbx37WCdXfDwm
OJ0iUeFO12PYewTtpdz5uayRbtRxLvroEADLalyaJAfatCn5hPIhGVUCPkUEqzSu
pRQov4JT1WgB2i5w50OAfFsMbnri5+CoaHOeBIZpQP36EqGGkji4Qaf9hyVLxwl4
N9cBzCJlC8Ssx/QVGFq1cqDt6iKgO/cxHskK3fCa8f/S4r7WR2ZLB5KaaJFk6Q9F
m88/SMEZ3SU=
=W4TZ
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
    

- 漏洞信息 (F148246)

Red Hat Security Advisory 2018-1944-01 (PacketStormID:F148246)
2018-06-19 00:00:00
Red Hat  
advisory,kernel
linux,redhat
CVE-2018-3665
[点击下载]

Red Hat Security Advisory 2018-1944-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel-rt security update
Advisory ID:       RHSA-2018:1944-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1944
Issue date:        2018-06-19
CVE Names:         CVE-2018-3665 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* Kernel: FPU state information leakage via lazy FPU restore
(CVE-2018-3665)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Julian Stecklina (Amazon.de), Thomas Prescher
(cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting this
issue.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore

6. Package List:

Red Hat Enterprise Linux for Real Time for NFV (v. 7):

Source:
kernel-rt-3.10.0-862.3.3.rt56.809.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-862.3.3.rt56.809.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm

Red Hat Enterprise Linux Realtime (v. 7):

Source:
kernel-rt-3.10.0-862.3.3.rt56.809.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-862.3.3.rt56.809.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3665
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/solutions/3485131

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWykCy9zjgjWX9erEAQgb7RAAm5cR8D84yU/biBBQdXNwrxtBgtXEZ7AQ
NSCDWYSIWA/AYzajiRwars3KyDbaT+6WFwJH/q8TuLKRxI95swsdVCtGI7bVBHuk
frk2lS/uarjTpxKhOtda7PRsDpUJajeqw4WLxotUHloC5FzBH+DiK98dcwsjkQ2J
NoBFeutpBENHZJmjI5K4IPBLM7NGhpOtooiJNZ/1Sk8uTI2u+74Cle/GgNj5s9T7
ohNJhIQ6h/C/3WJCShaiDJiqCY7VXD7qqHnoACAReuLn2Dm6wi84xMCZaM/NMDYd
KogDJ+e80pNg50AluF2qy2PY7HdT8be7Jn5uGXx+i0pPCyua0WyIq5hy4gTGcAsV
pEPU2ZaStug2GzlYWylJQfsVMFAxoMDQo9PzziqKQMWr7hffVT6zLozOdEprWcj+
M19K1CghitdyIzU5vtcLrugt2k8fuYgtkdKQu5FHX1DC9iovx0GQhkGooaZkQpqZ
P755THjdgy8ex1sLgUrg22+ff6BlTyRPC/oVYjPYI0Qq5v0n1obMqcu8vfjLisWk
5RBwPS0BzJVRpky7IElY5lDwHPd+AhRTRSZjAiFyWcyO2ZJBLAk+m1H0Wn/zfbbA
SdJ/l44PlX/+RP+sbFnYQsgk/1IjvicVTsrUK7PfJPwTgMUioV/6crQoNz/Hwfq7
E3Q7inLdji8=
=9gYJ
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
    

- 漏洞信息 (F148264)

FreeBSD Security Advisory - FreeBSD-SA-18:07.lazyfpu (PacketStormID:F148264)
2018-06-21 00:00:00
Julian Stecklina  security.freebsd.org
advisory,local
freebsd,bsd
CVE-2018-3665
[点击下载]

FreeBSD Security Advisory - A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used. Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-SA-18:07.lazyfpu                                    Security Advisory
                                                          The FreeBSD Project

Topic:          Lazy FPU State Restore Information Disclosure

Category:       core
Module:         kernel
Announced:      2018-06-21
Credits:        Julian Stecklina from Amazon Germany
                Thomas Prescher from Cyberus Technology GmbH
                Zdenek Sojka from SYSGO AG
                Colin Percival
Affects:        All supported version of FreeBSD.
Corrected:      2018-06-14 18:50:49 UTC (stable/11, 11.2-PRERELEASE)
                2018-06-15 13:21:37 UTC (releng/11.2, 11.2-RC3)
                2018-06-21 05:17:13 UTC (releng/11.1, 11.1-RELEASE-p11)
CVE Name:       CVE-2018-3665

Special Note:   This advisory only addresses this issue for FreeBSD 11.x on
                i386 and amd64.  We expect to update this advisory to include
                10.x in the near future.

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.

I.   Background

Modern CPUs have a floating point unit (FPU) which needs to maintain state
per thread.  One technique is to only save and to only restore the FPU state
for a thread when a thread attempts to utilize the FPU.  This technique is
called Lazy FPU state restore.

II.  Problem Description

A subset of Intel processors can allow a local thread to infer data from
another thread through a speculative execution side channel when Lazy FPU
state restore is used.

III. Impact

Any local thread can potentially read FPU state information from other
threads running on the host.  This could include cryptographic keys when the
AES-NI CPU feature is present.

IV.  Workaround

No workaround is available, but non-Intel branded CPUs are not believed
to be vulnerable.

V.   Solution

The patch changes from Lazy FPU state restore to Eager FPU state restore.
This new technique is the recommended practice from Intel and in some cases
can actually increase performance, depending on workload.

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Afterward, reboot the system.

2) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

Afterward, reboot the system.

3) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/SA-18:07/lazyfpu-11.patch
# fetch https://security.FreeBSD.org/patches/SA-18:07/lazyfpu-11.patch.asc
# gpg --verify lazyfpu-11.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

VI.  Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path                                                      Revision
- -------------------------------------------------------------------------
stable/11/                                                        r335169
releng/11.2/                                                      r335196
releng/11.1/                                                      r335465
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html>

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc>
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlsrN1hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cJTLA/+Kt7QLkNCVudaiE+d+VMuC2f1aGhqoyd+36xL9rNsn2ShZhIo+gq1dhXn
2lJiOYCPN5cJkasj1YdP2bSIv25nTcFMp0rKOww0A1scOnzi66LAD+DXmGVUhmaA
MPyrnuL7rbuPq9ls9FGAO2XURwB9IrGYtqPuVWmNyn+HyKBYcGCkL5+UEnHeUCg8
oopJudZgrGBVMFCsqG6K/b+3uc397Hyq0PZzpyWFfkaxrbTwVMMwgWyTxIYaPVs7
2g7WK2JWjJNk0IWQGot9qpKYDRyxc9PPFX/0blwOLe1Wwrt5nEF+9av89HQJ6PXF
+Ws5w8Gnhi9wWuK19ew1j0nvP+f0zw09r4GuEzhZXADAz733HNK5dtsS/dMJi2wa
9fQ0s1joT3JFDvWZKUQS2mNuhpvBfYoI0d0OEJT2H2eycFYe4B+VNhB2V1e9wLn6
9X4+Vbc2LEOF09klQQFMYNMEyQzLtfq2gHIoD37sCw9mMrYKWjgy3NhY5AKrfGHG
OcBsvnaXCW/x9/kV9Pfoel/psrmjcQdp4QEKAZbRNwvJG5sGhtsQXTp0Nk+BCuVy
G0NNB9306dLfk0OTZ02SiOUjVagXObyo+LgWTBO6FryDlHVkopsYNkB5oRx9fLrm
68r7OXidl0ndGqnh87meMVH1/Fu/rr09Jd4osIzS+Gc0Dt7NOEQ=
=8fnI
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F148257)

Debian Security Advisory 4232-1 (PacketStormID:F148257)
2018-06-20 00:00:00
Debian  debian.org
advisory
linux,debian
CVE-2018-3665
[点击下载]

Debian Linux Security Advisory 4232-1 - This update provides mitigations for the "lazy FPU" vulnerability affecting a range of Intel CPUs, which could result in leaking CPU register states belonging to another vCPU previously scheduled on the same CPU.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4232-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 20, 2018                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen
CVE ID         : CVE-2018-3665

This update provides mitigations for the "lazy FPU" vulnerability
affecting a range of Intel CPUs, which could result in leaking CPU
register states belonging to another vCPU previously scheduled on the
same CPU. For additional information please refer to
https://xenbits.xen.org/xsa/advisory-267.html

For the stable distribution (stretch), this problem has been fixed in
version 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlsp+ycACgkQEMKTtsN8
TjaS5g/9FZbJH3HX+T6CsX0buGcfuJlbCACF/GYlNakcLTLDEIgnt8VHc/APX1zP
f+lUhpPwK8IEkO1HwPlp94OE4/4P1kMw+mqE58VOKczEZIdlTESoLZYYvwQ1HBwl
wgPaS7FykrLT/TPCuKTyqEGENrtmSMOAEKB1E7cIGBEthcCapdOK8xDe67qX0R6b
dnP3gDJpYRWrvMUZGURGLpVlV1fIUB1ki9O6PyA8rcm/pXLQQVqoeZ9CV+/AxA2E
2GLSLPpSNPcTtQC9lQeQ0Wp27nAC/Sb2dj0A2cByeTcDit2m53KDnhLzMammmXfi
TkY24lIgp0I0dIFRQSD6HJar1oI5gvw2xJulDCFNtWG8RQfT4zRBfxCcTe7ldhx1
R/wh8czaPLg/ysJAFP8wZjcNgNMutpX2K7kTdi2mtND9yw3Xw0Ev+ZXKvtxNzXTb
QLefmNUwqbqcoH7sIxfbCQdSA7fTqtBXzShmamuAQYO8Sa1a2PM7MEgPTtvCiRFy
aCDJ6nFlIiS94RnHtrZcOtBngMWAOLPocWFVLJOCvWS8Qp+Mu1ZqgLrSqlhealy5
hd3+b0bvSRJq9aJzMgxXMbpGI7sHGNhvE87iruSoqJN1oDBACwyx7heTPUuSQFHe
jlPuMujmWVI+VzknrDTFMFNLfOX1ZqjO9bm4lEJ6iAbikOlL56E=
=enDo
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F148403)

Ubuntu Security Notice USN-3698-1 (PacketStormID:F148403)
2018-07-02 00:00:00
Ubuntu  security.ubuntu.com
advisory,denial of service,kernel,local
linux,ubuntu
CVE-2017-12154,CVE-2017-12193,CVE-2017-15265,CVE-2018-1130,CVE-2018-3665,CVE-2018-5750,CVE-2018-5803,CVE-2018-6927,CVE-2018-7755,CVE-2018-7757
[点击下载]

Ubuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

=========================================================================
Ubuntu Security Notice USN-3698-1
July 02, 2018

linux vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel

Details:

It was discovered that the nested KVM implementation in the Linux kernel in
some situations did not properly prevent second level guests from reading
and writing the hardware CR8 register. A local attacker in a guest could
use this to cause a denial of service (system crash). (CVE-2017-12154)

Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array
implementation in the Linux kernel sometimes did not properly handle adding
a new entry. A local attacker could use this to cause a denial of service
(system crash). (CVE-2017-12193)

It was discovered that a race condition existed in the ALSA subsystem of
the Linux kernel when creating and deleting a port via ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-15265)

It was discovered that a null pointer dereference vulnerability existed in
the DCCP protocol implementation in the Linux kernel. A local attacker
could use this to cause a denial of service (system crash). (CVE-2018-1130)

Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)

Wang Qize discovered that an information disclosure vulnerability existed
in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A
local attacker could use this to expose sensitive information (kernel
pointer addresses). (CVE-2018-5750)

It was discovered that the SCTP Protocol implementation in the Linux kernel
did not properly validate userspace provided payload lengths in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-5803)

It was discovered that an integer overflow error existed in the futex
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2018-6927)

It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)

It was discovered that a memory leak existed in the SAS driver subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-7757)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  linux-image-3.13.0-153-generic  3.13.0-153.203
  linux-image-3.13.0-153-generic-lpae  3.13.0-153.203
  linux-image-3.13.0-153-lowlatency  3.13.0-153.203
  linux-image-3.13.0-153-powerpc-e500  3.13.0-153.203
  linux-image-3.13.0-153-powerpc-e500mc  3.13.0-153.203
  linux-image-3.13.0-153-powerpc-smp  3.13.0-153.203
  linux-image-3.13.0-153-powerpc64-emb  3.13.0-153.203
  linux-image-3.13.0-153-powerpc64-smp  3.13.0-153.203
  linux-image-generic             3.13.0.153.163
  linux-image-generic-lpae        3.13.0.153.163
  linux-image-lowlatency          3.13.0.153.163
  linux-image-powerpc-e500        3.13.0.153.163
  linux-image-powerpc-e500mc      3.13.0.153.163
  linux-image-powerpc-smp         3.13.0.153.163
  linux-image-powerpc64-emb       3.13.0.153.163
  linux-image-powerpc64-smp       3.13.0.153.163

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://usn.ubuntu.com/usn/usn-3698-1
  CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130,
  CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927,
  CVE-2018-7755, CVE-2018-7757

Package Information:
  https://launchpad.net/ubuntu/+source/linux/3.13.0-153.203
    

- 漏洞信息 (F148402)

Ubuntu Security Notice USN-3696-1 (PacketStormID:F148402)
2018-07-02 00:00:00
Ubuntu  security.ubuntu.com
advisory,denial of service,overflow,kernel,local
linux,ubuntu
CVE-2017-13695,CVE-2017-18255,CVE-2017-18257,CVE-2018-1000204,CVE-2018-10021,CVE-2018-10087,CVE-2018-10124,CVE-2018-3665,CVE-2018-5814,CVE-2018-7755
[点击下载]

Ubuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

=========================================================================
Ubuntu Security Notice USN-3696-1
July 02, 2018

linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-raspi2: Linux kernel for Raspberry Pi 2
- linux-snapdragon: Linux kernel for Snapdragon processors

Details:

It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)

Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)

It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)

It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)

It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)

Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)

Jakub Jirasek discovered that multiple use-after-errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)

It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)

Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)

It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  linux-image-4.4.0-1029-kvm      4.4.0-1029.34
  linux-image-4.4.0-1062-aws      4.4.0-1062.71
  linux-image-4.4.0-1092-raspi2   4.4.0-1092.100
  linux-image-4.4.0-1095-snapdragon  4.4.0-1095.100
  linux-image-4.4.0-130-generic   4.4.0-130.156
  linux-image-4.4.0-130-generic-lpae  4.4.0-130.156
  linux-image-4.4.0-130-lowlatency  4.4.0-130.156
  linux-image-4.4.0-130-powerpc-e500mc  4.4.0-130.156
  linux-image-4.4.0-130-powerpc-smp  4.4.0-130.156
  linux-image-4.4.0-130-powerpc64-emb  4.4.0-130.156
  linux-image-4.4.0-130-powerpc64-smp  4.4.0-130.156
  linux-image-aws                 4.4.0.1062.64
  linux-image-generic             4.4.0.130.136
  linux-image-generic-lpae        4.4.0.130.136
  linux-image-kvm                 4.4.0.1029.28
  linux-image-lowlatency          4.4.0.130.136
  linux-image-powerpc-e500mc      4.4.0.130.136
  linux-image-powerpc-smp         4.4.0.130.136
  linux-image-powerpc64-emb       4.4.0.130.136
  linux-image-powerpc64-smp       4.4.0.130.136
  linux-image-raspi2              4.4.0.1092.92
  linux-image-snapdragon          4.4.0.1095.87

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://usn.ubuntu.com/usn/usn-3696-1
  CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204,
  CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665,
  CVE-2018-5814, CVE-2018-7755

Package Information:
  https://launchpad.net/ubuntu/+source/linux/4.4.0-130.156
  https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1062.71
  https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1029.34
  https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1092.100
  https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1095.100
    

- 漏洞信息 (F148408)

Ubuntu Security Notice USN-3698-2 (PacketStormID:F148408)
2018-07-03 00:00:00
Ubuntu  security.ubuntu.com
advisory,denial of service,kernel,local,vulnerability
linux,ubuntu
CVE-2017-12154,CVE-2017-12193,CVE-2017-15265,CVE-2018-1130,CVE-2018-3665,CVE-2018-5750,CVE-2018-5803,CVE-2018-6927,CVE-2018-7755,CVE-2018-7757
[点击下载]

Ubuntu Security Notice 3698-2 - USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.

==========================================================================
Ubuntu Security Notice USN-3698-2
July 02, 2018

linux-lts-trusty vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM

Details:

USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 ESM.

It was discovered that the nested KVM implementation in the Linux kernel in
some situations did not properly prevent second level guests from reading
and writing the hardware CR8 register. A local attacker in a guest could
use this to cause a denial of service (system crash). (CVE-2017-12154)

Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array
implementation in the Linux kernel sometimes did not properly handle adding
a new entry. A local attacker could use this to cause a denial of service
(system crash). (CVE-2017-12193)

It was discovered that a race condition existed in the ALSA subsystem of
the Linux kernel when creating and deleting a port via ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-15265)

It was discovered that a null pointer dereference vulnerability existed in
the DCCP protocol implementation in the Linux kernel. A local attacker
could use this to cause a denial of service (system crash). (CVE-2018-1130)

Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)

Wang Qize discovered that an information disclosure vulnerability existed
in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A
local attacker could use this to expose sensitive information (kernel
pointer addresses). (CVE-2018-5750)

It was discovered that the SCTP Protocol implementation in the Linux kernel
did not properly validate userspace provided payload lengths in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-5803)

It was discovered that an integer overflow error existed in the futex
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2018-6927)

It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)

It was discovered that a memory leak existed in the SAS driver subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-7757)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  linux-image-3.13.0-153-generic  3.13.0-153.203~precise1
  linux-image-3.13.0-153-generic-lpae  3.13.0-153.203~precise1
  linux-image-generic-lpae-lts-trusty  3.13.0.153.143
  linux-image-generic-lts-trusty  3.13.0.153.143

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://usn.ubuntu.com/usn/usn-3698-2
  https://usn.ubuntu.com/usn/usn-3698-1
  CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130,
  CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927,
  CVE-2018-7755, CVE-2018-7757

    

- 漏洞信息 (F148405)

Ubuntu Security Notice USN-3696-2 (PacketStormID:F148405)
2018-07-03 00:00:00
Ubuntu  security.ubuntu.com
advisory,denial of service,overflow,kernel,local,vulnerability
linux,ubuntu
CVE-2017-13695,CVE-2017-18255,CVE-2017-18257,CVE-2018-1000204,CVE-2018-10021,CVE-2018-10087,CVE-2018-10124,CVE-2018-3665,CVE-2018-5814,CVE-2018-7755
[点击下载]

Ubuntu Security Notice 3696-2 - USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

==========================================================================
Ubuntu Security Notice USN-3696-2
July 02, 2018

linux-lts-xenial, linux-aws vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)

Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)

It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)

It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)

It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)

Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)

Jakub Jirasek discovered that multiple use-after-errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)

It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)

Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)

It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  linux-image-4.4.0-1024-aws      4.4.0-1024.25
  linux-image-4.4.0-130-generic   4.4.0-130.156~14.04.1
  linux-image-4.4.0-130-generic-lpae  4.4.0-130.156~14.04.1
  linux-image-4.4.0-130-lowlatency  4.4.0-130.156~14.04.1
  linux-image-4.4.0-130-powerpc-e500mc  4.4.0-130.156~14.04.1
  linux-image-4.4.0-130-powerpc-smp  4.4.0-130.156~14.04.1
  linux-image-4.4.0-130-powerpc64-emb  4.4.0-130.156~14.04.1
  linux-image-4.4.0-130-powerpc64-smp  4.4.0-130.156~14.04.1
  linux-image-aws                 4.4.0.1024.24
  linux-image-generic-lpae-lts-xenial  4.4.0.130.110
  linux-image-generic-lts-xenial  4.4.0.130.110
  linux-image-lowlatency-lts-xenial  4.4.0.130.110
  linux-image-powerpc-e500mc-lts-xenial  4.4.0.130.110
  linux-image-powerpc-smp-lts-xenial  4.4.0.130.110
  linux-image-powerpc64-emb-lts-xenial  4.4.0.130.110
  linux-image-powerpc64-smp-lts-xenial  4.4.0.130.110

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://usn.ubuntu.com/usn/usn-3696-2
  https://usn.ubuntu.com/usn/usn-3696-1
  CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204,
  CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665,
  CVE-2018-5814, CVE-2018-7755

Package Information:
  https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1024.25
  https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-130.156~14.04.1

    

- 漏洞信息 (F148420)

Kernel Live Patch Security Notice LSN-0040-1 (PacketStormID:F148420)
2018-07-05 00:00:00
Benjamin M. Romer  
advisory,denial of service,kernel,local
linux
CVE-2018-1092,CVE-2018-1093,CVE-2018-3665,CVE-2018-7755
[点击下载]

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

==========================================================================
Kernel Live Patch Security Notice 0040-1
July 03, 2018

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu:

| Series           | Base kernel  | Arch     | flavors          |
|------------------+--------------+----------+------------------|
| Ubuntu 14.04 LTS | 4.4.0        | amd64    | generic          |
| Ubuntu 14.04 LTS | 4.4.0        | amd64    | lowlatency       |
| Ubuntu 16.04 LTS | 4.4.0        | amd64    | generic          |
| Ubuntu 16.04 LTS | 4.4.0        | amd64    | lowlatency       |
| Ubuntu 18.04 LTS | 4.15.0       | amd64    | generic          |
| Ubuntu 18.04 LTS | 4.15.0       | amd64    | lowlatency       |

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Wen Xu discovered that the ext4 filesystem implementation in the Linux
kernel did not properly handle corrupted meta data in some situations. An
attacker could use this to specially craft an ext4 file system that caused
a denial of service (system crash) when mounted. (CVE-2018-1093)

Wen Xu discovered that the ext4 filesystem implementation in the Linux
kernel did not properly handle corrupted meta data in some situations. An
attacker could use this to specially craft an ext4 file system that caused
a denial of service (system crash) when mounted. (CVE-2018-1092)

It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)

Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazy restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)

Update instructions:

The problem can be corrected by updating your livepatches to the following
versions:

| Kernel                   | Version  | flavors                  |
|--------------------------+----------+--------------------------|
| 4.4.0-124.148            | 40.6     | lowlatency, generic      |
| 4.4.0-124.148~14.04.1    | 40.6     | generic, lowlatency      |
| 4.4.0-127.153            | 40.6     | lowlatency, generic      |
| 4.4.0-127.153~14.04.1    | 40.6     | lowlatency, generic      |
| 4.4.0-128.154            | 40.6     | generic, lowlatency      |
| 4.4.0-128.154~14.04.1    | 40.6     | generic, lowlatency      |
| 4.15.0-20.21             | 40.7     | generic, lowlatency      |
| 4.15.0-22.24             | 40.7     | lowlatency, generic      |
| 4.15.0-23.25             | 40.7     | lowlatency, generic      |

References:
  CVE-2018-1093, CVE-2018-1092, CVE-2018-7755, CVE-2018-3665

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
    

- 漏洞信息 (F148486)

Red Hat Security Advisory 2018-2164-01 (PacketStormID:F148486)
2018-07-11 00:00:00
Red Hat  
advisory,denial of service,kernel,vulnerability
linux,redhat
CVE-2018-10675,CVE-2018-10872,CVE-2018-3639,CVE-2018-3665
[点击下载]

Red Hat Security Advisory 2018-2164-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2018:2164-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:2164
Issue date:        2018-07-10
CVE Names:         CVE-2018-3639 CVE-2018-3665 CVE-2018-10675
                   CVE-2018-10872
====================================================================
1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* An industry-wide issue was found in the way many modern microprocessor
designs have implemented speculative execution of Load & Store instructions
(a commonly used performance optimization). It relies on the presence of a
precisely-defined instruction sequence in the privileged code as well as
the fact that memory read from address to which a recent memory write has
occurred may see an older value and subsequently cause an update into the
microprocessor's data cache even for speculatively executed instructions
that never actually commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by conducting targeted cache
side-channel attacks. (CVE-2018-3639, x86 AMD)

* kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy
function allows local denial of service or other unspecified impact
(CVE-2018-10675)

* Kernel: FPU state information leakage via lazy FPU restore
(CVE-2018-3665)

* kernel: error in exception handling leads to DoS (CVE-2018-8897
regression) (CVE-2018-10872)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Ken Johnson (Microsoft Security Response
Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639 and
Julian Stecklina (Amazon.de), Thomas Prescher (cyberus-technology.de), and
Zdenek Sojka (sysgo.com) for reporting CVE-2018-3665.

Bug Fix(es):

* Previously, microcode updates on 32 and 64-bit AMD and Intel
architectures were not synchronized. As a consequence, it was not possible
to apply the microcode updates. This fix adds the synchronization to the
microcode updates so that processors of the stated architectures receive
updates at the same time. As a result, microcode updates are now
synchronized. (BZ#1574592)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
1575065 - CVE-2018-10675 kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy function allows local denial-of-service or other unspecified impact
1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore
1596094 - CVE-2018-10872 kernel: error in exception handling leads to DoS (CVE-2018-8897 regression)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
kernel-2.6.32-754.2.1.el6.src.rpm

i386:
kernel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-headers-2.6.32-754.2.1.el6.i686.rpm
perf-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm

noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
kernel-2.6.32-754.2.1.el6.src.rpm

noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
kernel-2.6.32-754.2.1.el6.src.rpm

i386:
kernel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-headers-2.6.32-754.2.1.el6.i686.rpm
perf-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm

noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-754.2.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debug-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-754.2.1.el6.ppc64.rpm
kernel-devel-2.6.32-754.2.1.el6.ppc64.rpm
kernel-headers-2.6.32-754.2.1.el6.ppc64.rpm
perf-2.6.32-754.2.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-754.2.1.el6.s390x.rpm
kernel-debug-2.6.32-754.2.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.2.1.el6.s390x.rpm
kernel-devel-2.6.32-754.2.1.el6.s390x.rpm
kernel-headers-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-754.2.1.el6.s390x.rpm
perf-2.6.32-754.2.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm

ppc64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-754.2.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm
python-perf-2.6.32-754.2.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.ppc64.rpm

s390x:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.2.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm
python-perf-2.6.32-754.2.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.s390x.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
kernel-2.6.32-754.2.1.el6.src.rpm

i386:
kernel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-headers-2.6.32-754.2.1.el6.i686.rpm
perf-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm

noarch:
kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpm
kernel-doc-2.6.32-754.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.2.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-754.2.1.el6.x86_64.rpm
perf-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

i386:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.2.1.el6.i686.rpm
perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm
python-perf-2.6.32-754.2.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.2.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-2.6.32-754.2.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.2.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-3639
https://access.redhat.com/security/cve/CVE-2018-3665
https://access.redhat.com/security/cve/CVE-2018-10675
https://access.redhat.com/security/cve/CVE-2018-10872
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBW0TykdzjgjWX9erEAQj7nQ/8DBiN11jNNGxND1Io2xuiZ+/RqzFz4IXv
VMTrhukotRz5vbQWziRcHl0DVUttBBbwzdoNUu4RH4rxHv0J0GTLYusgyWlyDJP8
D229CT7o6lK4RjPryXFsu/4YsIzu8Vz35KB8SpW6gUkXibANrCWDEHEqc9+6mQ6g
VFe0wAu1Tw3PKre0zK+XL/uxkvjk8ZeDINe8WVUDloBOnxFMnZZjEcZsIO9JfjBr
krlU1QTQcPeKsrv6gofNXBOeQn0JZS1BVDy0JiNoOihJqPPBLA5RkyZzWouy6FDt
xVTN7BEuILTUszfcygXA17OdNUzJm/L6a4rFXno4+eN5u5Ucx46/abXhWhRzcwvV
+7IuGNs83aTZufXNbWDtiGFkIyKE5NyX7U7SOoxz42AxesSxJ6SKJFD4iBu/0YrU
h9BvuHkkVNu+NsYT6rajqwz5ytkEbCJAX7xvNnu7Wi18tWKEWklqAFYSqVnpopO2
8xSW2+OTSkAQ9uiGAz9aTLLca2Zi/I8kjAcNyv4tASUcvodNzUE/OuERC5hvOZ6X
6j/POh7W7xA3cAg216EEj4X12BIwArqt8hjZ6hO5cd7ZfnWof7BVEjLnqtyJjhzi
Xap6Pf/NG4/iSO1kEFLo3Uw9sQVoPRU4Hg1KXJJy+XboBQ3/K9ctCU5qvTRApmmM
OjBeir/Q654=I9wq
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
    

- 漏洞信息 (F148482)

Red Hat Security Advisory 2018-2165-01 (PacketStormID:F148482)
2018-07-10 00:00:00
Red Hat  
advisory,kernel
linux,redhat
CVE-2017-13305,CVE-2018-3665
[点击下载]

Red Hat Security Advisory 2018-2165-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel-rt security, and enhancement update
Advisory ID:       RHSA-2018:2165-01
Product:           Red Hat Enterprise MRG for RHEL-6
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:2165
Issue date:        2018-07-10
CVE Names:         CVE-2017-13305 CVE-2018-3665 
=====================================================================

1. Summary:

Updated kernel-rt packages that fix two security issues and add one
enhancement are now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Buffer over-read in keyring subsystem allows exposing potentially
sensitive information to local attacker (CVE-2017-13305)

* Kernel: FPU state information leakage via lazy FPU restore
(CVE-2018-3665)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Julian Stecklina (Amazon.de), Thomas Prescher
(cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting
CVE-2018-3665.

Enhancement(s):

* The kernel-rt packages have been upgraded to version
3.10.0-693.35.1.rt56.623, which provides a number of bug fixes over the
previous version. (BZ#1579972)

Users of kernel-rt are advised to upgrade to these updated packages, which
add this enhancement.

The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1579972 - Update the kernel-rt sources with the latest 3.10 sources.
1581637 - CVE-2017-13305 kernel: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker
1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore

6. Package List:

Red Hat MRG Realtime for RHEL 6 Server v.2:

Source:
kernel-rt-3.10.0-693.35.1.rt56.625.el6rt.src.rpm

noarch:
kernel-rt-doc-3.10.0-693.35.1.rt56.625.el6rt.noarch.rpm
kernel-rt-firmware-3.10.0-693.35.1.rt56.625.el6rt.noarch.rpm

x86_64:
kernel-rt-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-debug-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-debug-devel-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-debuginfo-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-devel-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-trace-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-trace-devel-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-vanilla-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-vanilla-debuginfo-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm
kernel-rt-vanilla-devel-3.10.0-693.35.1.rt56.625.el6rt.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-13305
https://access.redhat.com/security/cve/CVE-2018-3665
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBW0TqE9zjgjWX9erEAQgCcQ/+KZE3vwR2SxWBBAwuaxyydGRXAR5frynw
4ADYBgdV1mDFStGFp3Eby/Uble+NTha1GWwpk7lvWeouwalVxVhXadwQHPCxQueo
WpwgCWiMXfdV0SmhpUaX8PXC6cObebdKtLF5QR2M97oCHxz/G9SSrCYv1Exqz9CX
npGBmFQPwGTxrAfLxOd5UQ9K8qyRBVKxbFa07jKAXhYRM2lRzx9QV9PV9ffR+76X
e5Jqmlm8RazlzpWcHckeFY/BWfIZHhRBk5b4dqoEmSkgG+PdW8btvwZYgoRd0PNk
0he+LTXjBcEfAU3bzrbRWfjewEJ9h6kaMBc1Yc60e/LvZZc13kgUZRQb7aTyDfWg
o+HXuqHK2T1Dl5dvjOZJtbKiKYXy8eIYvYQysAoVZ3kJ6IgsiaM00Fb4Y62SAeX1
oMVHekIXBL7KbQsWFj2OLjJEpoD+UcBMnzribsWIIstL5kDtqumBcZUFEXV7svQu
3hWspmaFVag+ogf05uf8aAJhv6xqslyNZnvabwoUS4y6LDTtAHe2vtqpb87tf9YS
nl/Qk4+48e2MLk+v7y6WqJoo9dYfGGQ14vuavhVTERq5f9nBMUjognvbhztoe5dp
PFg76T0KuMj/+nSrkMexDqeKFOlA7D4hSNEcIk4wpNBLots8tVfmUg0fo39gewLA
nhJ7o32zOcM=
=qUb0
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
    

- 漏洞信息 (F148468)

Apple Security Advisory 2018-7-9-4 (PacketStormID:F148468)
2018-07-09 00:00:00
Apple  apple.com
advisory,vulnerability
apple
CVE-2018-3665,CVE-2018-4178,CVE-2018-4248,CVE-2018-4268,CVE-2018-4269,CVE-2018-4277,CVE-2018-4280,CVE-2018-4283,CVE-2018-4285,CVE-2018-4289,CVE-2018-4293
[点击下载]

Apple Security Advisory 2018-7-9-4 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan are now available and address information leakage vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update
2018-004 Sierra, Security Update 2018-004 El Capitan

macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update 2018-004 El Capitan are now available and address
the following:

AMD
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to determine kernel
memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2018-4289: shrek_wzw of Qihoo 360 Nirvan Team

APFS
Available for: macOS High Sierra 10.13.5
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4268: Mac working with Trend Micro's Zero Day Initiative

ATS
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to gain root privileges
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2018-4285: Mohamed Ghannam (@_simo36)

CFNetwork
Available for: macOS High Sierra 10.13.5
Impact: Cookies may unexpectedly persist in Safari
Description: A cookie management issue was addressed with improved
checks.
CVE-2018-4293: an anonymous researcher

CoreCrypto
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4269: Abraham Masri (@cheesecakeufo)

DesktopServices
Available for: macOS Sierra 10.12.6
Impact: A local user may be able to view sensitive user information
Description: A permissions issue existed in which execute permission
was incorrectly granted. This issue was addressed with improved
permission validation.
CVE-2018-4178: Arjen Hendrikse

IOGraphics
Available for: macOS High Sierra 10.13.5
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed with improved input
validation.
CVE-2018-4283: @panicaII working with Trend Micro's Zero Day
Initiative

Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.5
Impact: Systems using IntelA(r) Core-based microprocessors may
potentially allow a local process to infer data utilizing Lazy FP
state restore from another process through a speculative execution
side channel
Description: Lazy FP state restore instead of eager save and restore
of the state upon a context switch. Lazy restored states are
potentially vulnerable to exploits where one process may infer
register values of other processes through a speculative execution
side channel that infers their value.

An information disclosure issue was addressed with FP/SIMD register
state sanitization.
CVE-2018-3665: Julian Stecklina of Amazon Germany, Thomas Prescher of
Cyberus Technology GmbH (cyberus-technology.de), Zdenek Sojka of
SYSGO AG (sysgo.com), and Colin Percival

libxpc
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.5
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4280: Brandon Azad

libxpc
Available for: macOS High Sierra 10.13.5
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4248: Brandon Azad

LinkPresentation
Available for: macOS High Sierra 10.13.5
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)

Additional recognition

Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.

Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.

Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.

Help Viewer
We would like to acknowledge Wojciech ReguAa (@_r3ggi) of SecuRing
for their assistance.

Kernel
We would like to acknowledge juwei lin (@panicaII) of Trend Micro
working with Trend Micro's Zero Day Initiative for their
assistance.

Security
We would like to acknowledge Brad Dahlsten of Iowa State University
for their assistance.

Installation note:

macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update 2018-004 El Capitan may be obtained from the
Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltDyFIpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCYjTxAA
o5FZCAbCUKeJg2B51qvpra/F/lZRam+p/SML93i8FfferCJwm/8L1rNB6HMWNMLQ
GaP4RYuCL2MS2fcmxUX+UkM29O3hilMMqp0xDbR5A0qf8gMglJ6He0fH8v2kg1Ta
NgT2lvwuhbAgaix7cl6zTgOZpXTz7sbihUcdfkSliJV05xwJjCtjiJB/9c7VylQ3
f4ZYDtBpYJbAoD2l68DmQqUN398lJbdv4zjJRYgbZNeCxtKS6ejhuvwGNLTSaBdP
ukaLRMJeq2hfI7ZMeNOc5b6TyDrPmsTYjyAqsaOfT44M6OtmsbP+PzNRao3VceEt
Lr/AObtxnBlTvyTytkV1tbSTfSzTI+1nVPyXwTFoS8Tq5mhTmxNd+NFO0phAqWYm
G3QkOqcSnenMf/mcP2T/wTCCxV5wxbhdKZUVJiCvppBDbbmgLrjh3SDxC2Oipb8z
2+LTVP5WTcp1zBPXmOFQ0eChq5oP5QDSCwv3f/CW9c9PR6bkNfVIY72vpZL1mBQH
R2pUWRC+HBJfoTnbKut4X6A0i5AM0BiZ57LQgUfAVUHhJHn1LLgAWZh532WSUMXA
HNmPzfS77sDM9rlwm7t+UMmYtolScYmj/g1d67o7R0X1Ga7/0L3fdd3Tl2pvDdr1
EZ5vqkVl6IwWJYq3V502ZQ+Otqt97CmqXcPiqjcvb+M=
=u5r+
-----END PGP SIGNATURE-----
    

- 漏洞信息

Intel Core Microprocessors CVE-2018-3665 Information Disclosure Vulnerability
Design Error 104460
No Yes
2018-06-13 12:00:00 2018-06-19 05:00:00
Julian Stecklina from Amazon Germany, Thomas Prescher from Cyberus Technology GmbH, Zdenek Sojka from SYSGO AG, and Colin Percival

- 受影响的程序版本

Xen Xen 0
Redhat Virtualization Host 4
Redhat Enterprise Mrg 2
Redhat Enterprise Linux Workstation 7
Redhat Enterprise Linux Server - Extended Update Support 7.5
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux for Scientific Computing 7
Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.5
Redhat Enterprise Linux for Power, little endian 7
Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.5
Redhat Enterprise Linux for Power, big endian 7
Redhat Enterprise Linux for Power 9 7
Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.5
Redhat Enterprise Linux for IBM z Systems 7
Redhat Enterprise Linux for IBM System z (Structure A) 7
Redhat Enterprise Linux for ARM 64 7
Redhat Enterprise Linux EUS Compute Node 7.5
Redhat Enterprise Linux Desktop 7
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
Linux kernel 4.17.1
Linux kernel 4.16.11
Linux kernel 4.16.9
Linux kernel 4.16.6
Linux kernel 4.16.3
Linux kernel 4.15.14
Linux kernel 4.15.11
Linux kernel 4.15.9
Linux kernel 4.15.4
Linux kernel 4.14.31
Linux kernel 4.14.13
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.0
+ SuSE Linux 6.4
+ SuSE Linux 6.3
+ Trustix Secure Linux 1.5
Linux kernel 4.14.11
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.0
+ SuSE Linux 6.4
+ SuSE Linux 6.3
+ Trustix Secure Linux 1.5
Linux kernel 4.14.10
Linux kernel 4.14.6
Linux kernel 4.14.5
Linux kernel 4.14.1
Linux kernel 4.13.11
Linux kernel 4.13.10
Linux kernel 4.13.9
Linux kernel 4.13.8
Linux kernel 4.13.7
Linux kernel 4.13.6
Linux kernel 4.13.4
Linux kernel 4.13.3
Linux kernel 4.12.9
Linux kernel 4.12.4
Linux kernel 4.12.3
Linux kernel 4.12.2
Linux kernel 4.11.9
Linux kernel 4.11.5
Linux kernel 4.11.4
Linux kernel 4.11.3
Linux kernel 4.11.2
Linux kernel 4.11.1
Linux kernel 4.11
Linux kernel 4.10.15
Linux kernel 4.10.13
Linux kernel 4.10.12
Linux kernel 4.10.10
Linux kernel 4.10.6
Linux kernel 4.10.4
Linux kernel 4.10
Linux kernel 4.9.91
Linux kernel 4.9.74
Linux kernel 4.9.71
Linux kernel 4.9.68
Linux kernel 4.9.36
Linux kernel 4.9.13
Linux kernel 4.9.8
Linux kernel 4.9.4
Linux kernel 4.9.3
Linux kernel 4.9.9
Linux kernel 4.9.11
Linux kernel 4.9-rc8
Linux kernel 4.9-rc4
Linux kernel 4.9-rc3
Linux kernel 4.9-rc1
Linux kernel 4.9
Linux kernel 4.16-rc7
Linux kernel 4.16-rc6
Linux kernel 4.16-rc
Linux kernel 4.16
Linux kernel 4.15.8
Linux kernel 4.15.7
Linux kernel 4.15-rc5
Linux kernel 4.15
Linux kernel 4.14.8
Linux kernel 4.14.7
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.0
+ SuSE Linux 6.4
+ SuSE Linux 6.3
+ Trustix Secure Linux 1.5
Linux kernel 4.14.4
Linux kernel 4.14.3
Linux kernel 4.14.2
Linux kernel 4.14.15
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ SuSE Linux 7.0
+ SuSE Linux 6.4
+ SuSE Linux 6.3
+ Trustix Secure Linux 1.5
Linux kernel 4.14.14
Linux kernel 4.14.0-rc1
Linux kernel 4.14-rc5
Linux kernel 4.14-rc1
Linux kernel 4.14
Linux kernel 4.13.5
Linux kernel 4.13.2
Linux kernel 4.13.1
Linux kernel 4.13-rc1
Linux kernel 4.13
Linux kernel 4.12.10
Linux kernel 4.12.1
Linux kernel 4.12-rc1
Linux kernel 4.12
Linux kernel 4.11.8
Linux kernel 4.11.7
Linux kernel 4.11-rc8
Linux kernel 4.11-rc7
Linux kernel 4.11-rc6
Linux kernel 4.11-rc5
Linux kernel 4.11-rc4
Linux kernel 4.11-rc3
Linux kernel 4.11-rc2
Linux kernel 4.11-rc1
Linux kernel 4.11
Linux kernel 4.10.9
Linux kernel 4.10.8
Linux kernel 4.10.7
Linux kernel 4.10.5
Linux kernel 4.10.3
Linux kernel 4.10.2
Linux kernel 4.10.11
Linux kernel 4.10.1
Linux kernel 4.10-rc8
Linux kernel 4.10-rc1
Intel Core Microprocessors 0
Citrix XenServer 7.3
Citrix XenServer 7.1 LTSR CU1
Citrix XenServer 7.1
Citrix XenServer 7.0

- 漏洞讨论

Intel Core Microprocessors are prone to an information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站