SB2018112827 - Fedora 29 update for kernel, kernel-headers, kernel-tools
Published: November 28, 2018 Updated: April 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Security restrictions bypass (CVE-ID: CVE-2018-16862)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local attacker to bypass security restrictions on the target system.
The vulnerability exists due to an error when the cleancache subsystem clears an inode after the final file truncation (removal). A local attacker can supply new file created with the same inode that may contain leftover pages from cleancache and bypass security restrictions to conduct further attacks.
2) Null pointer dereference (CVE-ID: CVE-2018-19407)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the vcpu_scan_ioapic function, as defined in the arch/x86/kvm/x86.c source code file due to the failure of the I/O Advanced Programmable Interrupt Controller (I/O APIC) to initialize. A local attacker can access the system and execute an application that submits malicious system calls, trigger a NULL pointer dereference, which could result in a DoS condition.
Remediation
Install update from vendor's website.