virus logo FortiClient Vulnerability

RedHat kernel CVE-2018-10902 Use After Free Vulnerability

description-logoDescription

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Previously backported upstream patch caused a change in the behavior of page fault handler. As a consequence, applications compiled through GNU Compiler Collection (GCC) version 4.4.7 sometimes generated stack access exceeding the 64K limit. Running such applications subsequently triggered a segmentation fault. With this update, the 64k limit check in the page fault handler has been removed. As a result, running the affected applications no longer triggers the segmentation fault in the described scenario. Note that removing the limit check does not impact the integrity of the kernel itself. (BZ#1644401)

affected-products-logoAffected Applications

kernel

CVE References

CVE-2018-10902

Other References

https://access.redhat.com/errata/RHSA-2019:0415
ID 56978
Created Jan 17, 2020
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor RedHat
Patch auto
Application kernel