KernelCare update was released
5 views
Skip to first unread message
KernelCare
Feb 10, 2020, 11:30:07 AM2/10/20
to kernelcar...@googlegroups.com
Dear Customers,
KernelCare prepared security updates for your system.
Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare.conf will automatically update, and no action is needed for them.
You can manually update the server by running:
/usr/bin/kcarectl --update
Changelog:
rhel7:
CVE-2018-13093: An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel
through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occurs because of a lack of proper validation that cached inodes are free
during allocation.
CVE-2018-13094: An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the
Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after
xfs_da_shrink_inode() is called with a NULL bp.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the
Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can
occur for a corrupted xfs image upon encountering an inode that is in extent format,
but has more extents than fit in the inode fork.
cvelist: [CVE-2018-13093, CVE-2018-13094, CVE-2018-13095]
latest-version: kernel-3.10.0-1062.12.1.el7
oel7:
CVE-2018-13093: An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel
through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occurs because of a lack of proper validation that cached inodes are free
during allocation.
CVE-2018-13094: An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the
Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after
xfs_da_shrink_inode() is called with a NULL bp.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the
Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can
occur for a corrupted xfs image upon encountering an inode that is in extent format,
but has more extents than fit in the inode fork.
cvelist: [CVE-2018-13093, CVE-2018-13094, CVE-2018-13095]
latest-version: kernel-3.10.0-1062.12.1.el7
KernelCare prepared security updates for your system.
Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare.conf will automatically update, and no action is needed for them.
You can manually update the server by running:
/usr/bin/kcarectl --update
Changelog:
rhel7:
CVE-2018-13093: An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel
through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occurs because of a lack of proper validation that cached inodes are free
during allocation.
CVE-2018-13094: An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the
Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after
xfs_da_shrink_inode() is called with a NULL bp.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the
Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can
occur for a corrupted xfs image upon encountering an inode that is in extent format,
but has more extents than fit in the inode fork.
cvelist: [CVE-2018-13093, CVE-2018-13094, CVE-2018-13095]
latest-version: kernel-3.10.0-1062.12.1.el7
oel7:
CVE-2018-13093: An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel
through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occurs because of a lack of proper validation that cached inodes are free
during allocation.
CVE-2018-13094: An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the
Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after
xfs_da_shrink_inode() is called with a NULL bp.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the
Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can
occur for a corrupted xfs image upon encountering an inode that is in extent format,
but has more extents than fit in the inode fork.
cvelist: [CVE-2018-13093, CVE-2018-13094, CVE-2018-13095]
latest-version: kernel-3.10.0-1062.12.1.el7
Reply all
Reply to author
Forward
0 new messages