Upgrade RHEL:8 mysql:8.0/mecab-ipadic to version 0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de or higher. This issue was patched in RHSA-2019:2511 .

CVE-2019-2635 in mysql:8.0/mecab-ipadic | CVE-2019-2635

Threat Intelligence

0.05% (18^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Improper Input Validation vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-RHEL8-KERNELRTMODULESINTERNAL-6527717
published3 Apr 2024
disclosed2 Apr 2024

Report a new vulnerability Found a mistake?

Introduced: 2 Apr 2024

CVE-2023-52633 (opens in a new tab) CWE-20 (opens in a new tab)

Amendment

The Red Hat security team deemed this advisory irrelevant for RHEL:8.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt-modules-internal package and not the kernel-rt-modules-internal package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

um: time-travel: fix time corruption

In 'basic' time-travel mode (without =inf-cpu or =ext), we still get timer interrupts. These can happen at arbitrary points in time, i.e. while in timer_read(), which pushes time forward just a little bit. Then, if we happen to get the interrupt after calculating the new time to push to, but before actually finishing that, the interrupt will set the time to a value that's incompatible with the forward, and we'll crash because time goes backwards when we do the forwarding.

Fix this by reading the time_travel_time, calculating the adjustment, and doing the adjustment all with interrupts disabled.

Improper Input Validation The advisory has been revoked - it doesn't affect any version of package kernel-rt-modules-internal (opens in a new tab)