SB2019022838 - Fedora 28 update for kernel, kernel-headers
Published: February 28, 2019 Updated: April 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2019-8980)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper memory operations in the kernel_read_file function, as defined in the fs/exec.c source code file. A remote attacker can send malicious file that triggers vfs_read failures and memory leak condition and perform a denial of service attack.
2) Privilege escalation (CVE-ID: CVE-2019-9162)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to array index error in SNMP NAT module (net/ipv4/netfilter/nf_nat_snmp_basic_main.c) when parsing ASN.1-encoded payloads in SNMP messages. A local user can set up new network namespaces that invoke iptables configuration and triggers SNMP translations, cause out-of-bounds read and write operations and execute arbitrary code on the system with elevated privileges.
Remediation
Install update from vendor's website.