SB2020122317 - Red Hat Enterprise Linux 7.6 update for kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020122317

SB2020122317 - Red Hat Enterprise Linux 7.6 update for kernel

Published: December 23, 2020

Security Bulletin ID SB2020122317
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Low 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2017-18551)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a boundary error in the "drivers/i2c/i2c-core-smbus.c" file when processing untrusted input. A local authenticated user access the system and execute an application that submits malicious input to the affected software, trigger an out-of-bounds write condition in the "i2c_smbus_xfer_emulated" function and execute arbitrary code or cause a DoS condition on the target system.




2) Race condition (CVE-ID: CVE-2018-20836)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.


3) Out-of-bounds write (CVE-ID: CVE-2019-9454)

The vulnerability allows a local privileged user to execute arbitrary code.

In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.


4) Use-after-free (CVE-ID: CVE-2019-19447)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.


5) Out-of-bounds write (CVE-ID: CVE-2019-20636)

The vulnerability allows a local privileged user to execute arbitrary code.

In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.


6) Input validation error (CVE-ID: CVE-2020-12770)

The vulnerability allows a local user to execute arbitrary code on the system.

The vulnerability exists due to the "sg_write" lacks an "sg_remove_request" call in a certain failure case. A local user can pass specially crafted input to the application and execute arbitrary code on the target system.


Remediation

Install update from vendor's website.

References