Key Information Vulnerability ID: Bug 1619846 (CVE-2018-14625) - CVE-2018-14625 Description: - A vulnerability was discovered in the Linux kernel that could allow an attacker to perform uncontrolled reads of kernel memory within a VM guest. - A race condition between the and functions may allow an attacker to exploit the AF_VSOCK protocol to leak 4 bytes of information, or potentially intercept or corrupt AF_VSOCK messages destined for other clients. Introduced by: https://github.com/torvalds/linux/commit/433fc58e6bf2c8bd97e57153ed28e64fd78207b8 Impact: - All versions of Fedora - Red Hat Enterprise Linux 7 Fix Information: - The issue has been resolved in the following products: - Red Hat Enterprise Linux 7 via RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2029 - Red Hat Enterprise Linux 7 via RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:2043 - Red Hat Enterprise Linux 7 via RHSA-2019:4154 https://access.redhat.com/errata/RHSA-2019:4154 Status: Closed (errata) Priority: Medium Severity: Medium