SB2018120635 - Fedora 28 update for kernel, kernel-headers, kernel-tools
Published: December 6, 2018 Updated: April 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Null pointer dereference (CVE-ID: CVE-2018-19406)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the kvm_pv_send_ipi function, as defined in the arch/x86/kvm/lapic.c source code file due to the failure of the Advanced Programmable Interrupt Controller (APIC) map to initialize. A local attacker can access the system and execute an application that submits malicious system calls, trigger a NULL pointer dereference, which could result in a DoS condition.
2) Use-after-free error (CVE-ID: CVE-2018-19824)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists in the Advanced Linux Sound Architecture (ALSA) driver due to use-after-free error in the usb_audio_probefunction, as defined in the sound/usb/card.c source code file. A local attacker can supply a malicious USB sound device with no interfaces, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.