I was found that the fix present in RHEL-7.5 RHSA-2018:3507 for flaw CVE-2018-14648 was not sufficient.
Other RHEL versions are not affected.
The CVE was partially fixed, following upstream fix was missing in the original RHEL-7.5 build :
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7.5 Extended Update Support
Via RHSA-2019:1789 https://access.redhat.com/errata/RHSA-2019:1789
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):