Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Multiple vulnerabilities are found in Oracle Linux Kernel which have been patched in the updated version.
IMPACT: NORMAL
PUBLISH DATE: 12-10-2018
OVERVIEW
Oracle Linux has issued an update for kernel. This update patches multiple vulnerabilities, which can be exploited by people with malicious intent, or by local users to disclose sensitive information, cause a DoS (Denial of Service), and gain elevated privileges.
ANALYSIS
The Following vulnerabilities have been detected in Oracle Linux 7 which have been patched in its updated version.
CVE-2018-14678
Linux kernel through 4.17.11 has an issue, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S fails to maintain RBX properly, which allows for a Denial of Service (uninitialized memory usage and system crash) caused by a local user. Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or attain escalated privileges.
CVE-2017-13695
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump. This enables local users to obtain sensitive information from kernel memory as well as bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
CVE-2018-12896
An issue was discovered in the Linux kernel through 4.17.3. The overrun accounting works in a way that causes an Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. Similarly, using crafted mmap, futex, timer_create, and timer_settime system calls, a local user will be enabled to cause a Denial of Service (signed integer flow).
CVE-2018-16658
An issue was discovered in the Linux kernel before 4.18.6. The cdrom_ioctl_drive_status faces an information leak in drivers/cdrom/cdrom.c which could be used by local attackers to read kernel memory. It happens because a cast from unsigned long to int interferes with bounds checking.
CVE-2018-7492
A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7. Exploiting this, local attackers can cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.
AFFECTED PRODUCTS
Oracle Linux 7
UPDATES
Apply updated packages concerning UEK Release 5 (x86-64, mainline Linux Kernel version 4.14.35) or UEK Release 5 (aarch64, mainline Linux Kernel version 4.14.35) via the yum or rpm utility (please see the vendor’s advisory for the packages).
https://linux.oracle.com/errata/ELSA-2018-4242.html
If you think you’re a victim of a cyber-attack, immediately send an email to info@rewterz.com.