A flaw was found in the Linux kernel's ACPI subsystem where a function does not flush the operand cache and causes a kernel stack dump. This allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism when using a specially crafted ACPI table.
Find out more about CVE-2017-13695 from the MITRE CVE dictionary dictionary and NIST NVD.
Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/
The Red Hat Security Response Team has rated this issue as having moderate security impact.
The risks associated with fixing this bug are greater than the moderate
severity security risk. We therefore currently have no plans to fix this flaw
in Red Hat Enterprise Linux 5,6,7 and Red Hat Enterprise MRG.
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 3.3 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity Impact | None |
| Availability Impact | None |
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise MRG 2 | realtime-kernel | Will not fix |
| Red Hat Enterprise Linux 7 | acpica-tools | Will not fix |
| Red Hat Enterprise Linux 7 | kernel | Will not fix |
| Red Hat Enterprise Linux 7 | kernel-rt | Will not fix |
| Red Hat Enterprise Linux 7 | kernel-alt | Will not fix |
| Red Hat Enterprise Linux 6 | kernel | Will not fix |
| Red Hat Enterprise Linux 5 | kernel | Will not fix |
Vulmon