Topic

An updated devtools/llvm-toolset-rhel7 container image is now available in the Red Hat Container Registry.

Description

The devtools/llvm-toolset-rhel7 container image provides Clang and LLVM
Toolset, a compiler toolset for building, debugging, and analyzing C and C++ applications using the Clang and LLVM compiler suite.

The devtools/llvm-toolset-rhel7 container image has been updated to provide fixes for CVE-2018-16871, CVE-2018-16884, CVE-2019-11811, and CVE-2019-11085.

To pull the devtools/llvm-toolset-rhel7 image, run the following command as root:

docker pull registry.access.redhat.com/devtools/llvm-toolset-rhel7

For details regarding Clang and LLVM Toolset and information on usage of the
image, see Using Clang and LLVM Toolset linked from the References section.

All users of the devtools/llvm-toolset-rhel7 container image are advised to pull this updated image from the Red Hat Container Registry.

Solution

The container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com using the "docker pull" command.

Affected Products

• Red Hat Developer Tools (for RHEL Server) 1 x86_64
• Red Hat Developer Tools (for RHEL Server for System Z) 1 s390x
• Red Hat Developer Tools (for RHEL Server for IBM Power LE) 1 ppc64le

Fixes

• BZ - 1655162 - CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence
• BZ - 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
• BZ - 1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c
• BZ - 1710405 - CVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation

CVEs

• CVE-2018-14618
• CVE-2018-16871
• CVE-2018-16884
• CVE-2019-11085
• CVE-2019-11811

References