In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsThere is no fixed version for RHEL:7
kernel-rt-doc
.
Note: Versions mentioned in the description apply only to the upstream kernel-rt-doc
package and not the kernel-rt-doc
package as distributed by RHEL
.
See How to fix?
for RHEL:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands
In 'mgmt_hci_cmd_sync()', check whether the size of parameters passed in 'struct mgmt_cp_hci_cmd_sync' matches the total size of the data (i.e. 'sizeof(struct mgmt_cp_hci_cmd_sync)' plus trailing bytes). Otherwise, large invalid 'params_len' will cause 'hci_cmd_sync_alloc()' to do 'skb_put_data()' from an area beyond the one actually passed to 'mgmt_hci_cmd_sync()'.