SB2018120635 - Fedora 28 update for kernel, kernel-headers, kernel-tools

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Null pointer dereference (CVE-ID: CVE-2018-19406)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the kvm_pv_send_ipi function, as defined in the arch/x86/kvm/lapic.c source code file due to the failure of the Advanced Programmable Interrupt Controller (APIC) map to initialize. A local attacker can access the system and execute an application that submits malicious system calls, trigger a NULL pointer dereference, which could result in a DoS condition.

2) Use-after-free error (CVE-ID: CVE-2018-19824)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists in the Advanced Linux Sound Architecture (ALSA) driver due to use-after-free error in the usb_audio_probefunction, as defined in the sound/usb/card.c source code file. A local attacker can supply a malicious USB sound device with no interfaces, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• https://bodhi.fedoraproject.org/updates/FEDORA-2018-a0914af224