Bug 1661435 (CVE-2018-11987)
Summary: | CVE-2018-11987 kernel: Double-free in ion_system_heap.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, anemec, bhu, blc, carnil, dhoward, hkrzesin, hwkernel-mgr, kernel-mgr, mlangsdo, nmurray, nsl, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-01-09 14:00:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1661436 |
Description
Andrej Nemec
2018-12-21 09:06:03 UTC
Based on the references, this looks to be in android drivers. Can you confirm the upstream kernel is affected? (In reply to Nicholas Luedtke from comment #1) > Based on the references, this looks to be in android drivers. Can you > confirm the upstream kernel is affected? Hi Nicholas, we are currently analyzing the issue to see if there's any chance it could affect our kernels. We'll update the bug with the results afterwards. Andrej, do you know if there was any conclusion on the affected status for affecting mainline kernel? (In reply to Salvatore Bonaccorso from comment #3) > Andrej, do you know if there was any conclusion on the affected status for > affecting mainline kernel? Hi Salvatore, unfortunately we weren't able to dig into this further because of Christmas. There will be an update to this bug as soon as analysis is done. |