Red Hat update for pki-core

1) Memory leak

EUVDB-ID: #VU13580

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10805

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within ReadYCBCRImage in coders/ycbcr.c. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for IBM z Systems: 7

Red Hat Enterprise Linux for Scientific Computing: 7

Red Hat Enterprise Linux EUS Compute Node: 7.5

Red Hat Enterprise Linux for Power: 9

Red Hat Enterprise Linux Desktop: 7

Red Hat Enterprise Linux Workstation: 7

Red Hat Enterprise Linux Server: 7

External links

http://access.redhat.com/errata/RHSA-2018:1979

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU13579

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10804

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within WriteTIFFImage in coders/tiff.c. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for IBM z Systems: 7

Red Hat Enterprise Linux for Scientific Computing: 7

Red Hat Enterprise Linux EUS Compute Node: 7.5

Red Hat Enterprise Linux for Power: 9

Red Hat Enterprise Linux Desktop: 7

Red Hat Enterprise Linux Workstation: 7

Red Hat Enterprise Linux Server: 7

External links

http://access.redhat.com/errata/RHSA-2018:1979

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource exhaustion

EUVDB-ID: #VU13364

Risk: Low

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C]

CVE-ID: CVE-2018-10801

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input processed by the TIFFClientOpen function, as defined in the tif_unix.c source code file. A remote attacker can use the .bmp2tiff command to execute a file that submits malicious input to the system, trigger memory leaks and cause the affected software to crash, resulting in a DoS condition.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for IBM z Systems: 7

Red Hat Enterprise Linux for Scientific Computing: 7

Red Hat Enterprise Linux EUS Compute Node: 7.5

Red Hat Enterprise Linux for Power: 9

Red Hat Enterprise Linux Desktop: 7

Red Hat Enterprise Linux Workstation: 7

Red Hat Enterprise Linux Server: 7

External links

http://access.redhat.com/errata/RHSA-2018:1979

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.