vulnerability

Oracle Linux: CVE-2017-7616: ELSA-2018-1854: kernel security and bug fix update (IMPORTANT) (Multiple Advisories)

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
2017-04-08
Added
2018-06-26
Modified
2025-01-24

Description

Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.
Incorrect error handling in the set_mempolicy() and mbind() compat syscalls in 'mm/mempolicy.c' in the Linux kernel allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

Solution(s)

oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.