RHSA-2018:3651

Affecting python-perf package, versions centos:7: <0:3.10.0-957.1.3.el7

medium severity
Do your applications use this vulnerable package? Test your applications

Overview

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646. Bug Fix(es): These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714371

CVE
RHSA-2018:3651
Snyk ID
SNYK-LINUX-PYTHONPERF-257494
Published
02 Dec, 2018