SB2018031657 - Fedora 27 update for acpica-tools
Published: March 16, 2018 Updated: April 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Information exposure (CVE-ID: CVE-2017-13693)
The vulnerability allows a local user to gain access to sensitive information.
The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
2) Information exposure (CVE-ID: CVE-2017-13694)
The vulnerability allows a local user to gain access to sensitive information.
The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.
3) Information disclosure (CVE-ID: CVE-2017-13695)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists in the Linux kernel's ACPI subsystem where a function does not flush the operand cache and causes a kernel stack dump. A local user can pass a specially crafted ACPI table to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism.
Remediation
Install update from vendor's website.