A flaw was found in the upstream kernel Skcipher component. This vulnerability affects the skcipher_recvmsg function of the component Skcipher. The manipulation with an unknown input leads to a privilege escalation vulnerability References: https://source.android.com/security/bulletin/2018-01-01 Patch: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v3.18.78&id=36c84b22ac8aa041cbdfbe48a55ebb32e3521704 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f0414e54e4d1893c6f08260693f8ef84c929293
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6, and kernel-alt packages. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7, MRG-2 and real-time kernels. Future Linux kernel updates for the respective releases may address this issue.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2384
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2018:2395
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1170
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:1190