• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2018-8460 & CVE-2018-8491 – Microsoft Internet Explorer 11 Multiple Memory Corruption Vulnerabilities
October 12, 2018
Rewterz Threat Advisory – Google Chrome Multiple Vulnerabilities
October 17, 2018

Rewterz Threat Advisory – Oracle Linux update for kernel-uek

October 12, 2018

Multiple vulnerabilities are found in Oracle Linux Kernel which have been patched in the updated version.

 

 

IMPACT:  NORMAL

 

 

PUBLISH DATE:  12-10-2018

 

 

OVERVIEW

 

 

Oracle Linux has issued an update for kernel. This update patches multiple vulnerabilities, which can be exploited by people with malicious intent, or by local users to disclose sensitive information, cause a DoS (Denial of Service), and gain elevated privileges.

 

 

ANALYSIS

 

 

The Following vulnerabilities have been detected in Oracle Linux 7 which have been patched in its updated version.

 

 

CVE-2018-14678

 

 

Linux kernel through 4.17.11 has an issue, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S fails to maintain RBX properly, which allows for a Denial of Service (uninitialized memory usage and system crash) caused by a local user. Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or attain escalated privileges.

 

 

CVE-2017-13695

 

 

The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump. This enables local users to obtain sensitive information from kernel memory as well as bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.

 

 

CVE-2018-12896

 

 

An issue was discovered in the Linux kernel through 4.17.3. The overrun accounting works in a way that causes an Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. Similarly, using crafted mmap, futex, timer_create, and timer_settime system calls, a local user will be enabled to cause a Denial of Service (signed integer flow).

 

 

CVE-2018-16658

 

 

An issue was discovered in the Linux kernel before 4.18.6. The cdrom_ioctl_drive_status faces an information leak in drivers/cdrom/cdrom.c which could be used by local attackers to read kernel memory. It happens because a cast from unsigned long to int interferes with bounds checking.

 

 

CVE-2018-7492

 

 

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7. Exploiting this, local attackers can cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.

 

 

AFFECTED PRODUCTS

 

 

Oracle Linux 7

 

 

UPDATES

 

 

Apply updated packages concerning UEK Release 5 (x86-64, mainline Linux Kernel version 4.14.35) or UEK Release 5 (aarch64, mainline Linux Kernel version 4.14.35) via the yum or rpm utility (please see the vendor’s advisory for the packages).

 

https://linux.oracle.com/errata/ELSA-2018-4242.html

 

If you think you’re a victim of a cyber-attack, immediately send an email to info@rewterz.com.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.