CVE-2018-8781 resolution for Centos 7

Support for security such as Firewalls and securing linux
Post Reply
bayupermadi
Posts: 7
Joined: 2017/07/03 05:20:55
Location: Malang, Indonesia

CVE-2018-8781 resolution for Centos 7

Post by bayupermadi » 2018/05/16 10:17:28

Hi,

I just announced by our security that new CVE known CVE-2018-8781 has published. Based on my understanding, this vulnerability hit the USB module. I've check the Redhat webpage about this but cannot find the resolution. Here is the page https://access.redhat.com/security/cve/cve-2018-8781

I've tried to upgrade our Centos to kernel 3.10.0-862.2.3.el7.x86_64, but from rpm changelog information no update for CVE-2018-8781.

Can you help where I can get the information of the kernel fixing status?

Thank you for your information,

Bayu Permadi

User avatar
avij
Forum Moderator
Posts: 2621
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: CVE-2018-8781 resolution for Centos 7

Post by avij » 2018/05/16 10:21:58

That page you linked to (and the related Bugzilla entry) has all the information that is available.

If you are looking for a schedule for when a fix might be published, that information is not available either.

User avatar
TrevorH
Forum Moderator
Posts: 23213
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2018-8781 resolution for Centos 7

Post by TrevorH » 2018/05/16 12:05:52

There doesn't appear to be a udldrmfb module but there is a udl module that appears to be the thing affected. Since this is for USB attached displays, if you don't use one then you could mitigate this by blacklisting that module so it will not load.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply