安全公告详情

NS-SA-2019-0053

2019-07-17 14:56:56

简介

critical: kernel/firefox security update

严重级别

critical

主题

An update for kernel/firefox is now available for NewStart CGSL MAIN 5.04/CGSL CORE 5.04.
NewStart Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

kernel: The python-perf package contains a module that permits applications written in the Python programming language to use the interface to manipulate perf events.
firefox: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.


Security Fix(es):
kernel: A use-after-free flaw can occur in the Linux kernel due to a race condition between packet_do_bind() and packet_notifier() functions called for an AF_PACKET socket. An unprivileged, local user could use this flaw to induce kernel memory corruption on the system, leading to an unresponsive system or to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.(CVE-2018-18559)
kernel: bugfix
firefox: A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.(CVE-2018-18500)
firefox: Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.(CVE-2018-18501)
firefox: An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.(CVE-2018-18505)
firefox: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F10.

影响组件

  • kernel
  • firefox

影响产品

  • CGSL MAIN 5.04
  • CGSL CORE 5.04

更新包

{"fix":[{"product":"CGSL MAIN 5.04","pkgs":[{"binary":["python-perf-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","perf-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.noarch.rpm","kernel-debug-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm","kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.noarch.rpm","kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.x86_64.rpm"],"source":"kernel-3.10.0-693.21.1.el7.cgslv5_4.10.265.gcc0fd42.src.rpm"},{"binary":["firefox-60.5.0-2.el7.centos.x86_64.rpm","firefox-debuginfo-60.5.0-2.el7.centos.x86_64.rpm"],"source":"firefox-60.5.0-2.el7.centos.src.rpm"}]},{"product":"CGSL CORE 5.04","pkgs":[{"binary":["kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.noarch.rpm","kernel-core-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","perf-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-debug-core-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","python-perf-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-debug-modules-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.noarch.rpm","kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm","kernel-modules-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.x86_64.rpm"],"source":"kernel-3.10.0-693.21.1.el7.cgslv5_4.10.268.g514b111.lite.src.rpm"},{"binary":["firefox-60.5.0-2.el7.centos.x86_64.rpm","firefox-debuginfo-60.5.0-2.el7.centos.x86_64.rpm"],"source":"firefox-60.5.0-2.el7.centos.src.rpm"}]}]}

CVE

参考