Bugzilla – Bug 1106174
VUL-1: CVE-2018-14619: kernel-source: crash (possible privesc) in kernel crypto subsystem.
Last modified: 2019-05-29 09:12:14 UTC
via oss-sec CVE-2018-14619 Gday, Syzkaller/syzbot found a use-after-free bug in the cryptographic subsystem of the Linux kernel [1], that can be used to panic the system and possibly escalate privileges. The bug was introduced in commit 72548b093ee3, and has been addressed in b32a7dc8aef1882fbf983eb354837488cc9d54dc, a reproducer is available on the tail end of syzbots email to kernel list ( https://lkml.org/lkml/2017/11/27/866 ). Most RHEL kernels are not affected as they do not have the feature, but it does affect the kernel-alt package (the 4.11 based kernel for 64-bit ARM , IBM POWER9 (little endian ) and IBM z Systems ). Upstream fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b32a7dc8aef1882fbf983eb354837488cc9d54dc Reproducer: https://lkml.org/lkml/2017/11/27/866 Thanks. -- Wade Mealing Product Security - Kernel Red Hat References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14619
bad commit was in 4.14
The buggy commit isn't included in SLE15, either, so it's only about TW. And the fix commit is already in 4.15-rc4, so it's been fixed months ago on TW, too. Back to security team.
fixed