- Issued:
- 2018-06-19
- Updated:
- 2018-06-19
RHSA-2018:1944 - Security Advisory
Synopsis
Moderate: kernel-rt security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- Kernel: FPU state information leakage via lazy FPU restore (CVE-2018-3665)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Julian Stecklina (Amazon.de), Thomas Prescher (cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting this issue.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64
Fixes
- BZ - 1585011 - CVE-2018-3665 Kernel: FPU state information leakage via lazy FPU restore
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-862.3.3.rt56.809.el7.src.rpm | SHA-256: 657cc5e8726cdcc3f9e8a4c6c5706117708491d4f0df4fdbfa26751a7da8f947 |
| x86_64 | |
| kernel-rt-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 4e9f92d39a76a05222c8ad1cbaed61e4e50f3e87eac05bebafdc7dd9415e2131 |
| kernel-rt-debug-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: eebd6c2cff0dc9bfd8a648885c923620e151586a0b02c86db1a0279e0a7384ba |
| kernel-rt-debug-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 72cb1f1b679742326b6ba919c86ede63dc0016c4511c47e2f2a5181acb9a524e |
| kernel-rt-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 6bbbdf8de529f4743012a352db646e9f4fdc2c39ed4bf4a217df3810c431dc84 |
| kernel-rt-doc-3.10.0-862.3.3.rt56.809.el7.noarch.rpm | SHA-256: 3a4b5c4feb7de623b2a8ae797644ec55461cc15963aacd54c4b061737759dbc7 |
| kernel-rt-trace-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 234ac485a3a3294c9a6dfb250b3979842640ba544146e33edcff643df2c375c0 |
| kernel-rt-trace-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 661d527486421a1557d15ba54d5a8a7b513458a2d18a73ac8352bf46d2377303 |
Red Hat Enterprise Linux for Real Time for NFV 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-862.3.3.rt56.809.el7.src.rpm | SHA-256: 657cc5e8726cdcc3f9e8a4c6c5706117708491d4f0df4fdbfa26751a7da8f947 |
| x86_64 | |
| kernel-rt-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 4e9f92d39a76a05222c8ad1cbaed61e4e50f3e87eac05bebafdc7dd9415e2131 |
| kernel-rt-debug-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: eebd6c2cff0dc9bfd8a648885c923620e151586a0b02c86db1a0279e0a7384ba |
| kernel-rt-debug-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 465f381809547cd486b478f0c67ae8c19c8f92ffc31889cfb3f1b4ea31241e9d |
| kernel-rt-debug-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 72cb1f1b679742326b6ba919c86ede63dc0016c4511c47e2f2a5181acb9a524e |
| kernel-rt-debug-kvm-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 0ca7193ec1d3d3fc3ae1518534795a1abea542746911372d46196a37631984d1 |
| kernel-rt-debug-kvm-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 30da1c94900444d72b1628b832897a056883bf9c34da3c669d61a4f00ef85d4b |
| kernel-rt-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 7bb65e48c6bc4462ab1f1bee82a4185ea45e749cc501fc57b995da7c6c37e796 |
| kernel-rt-debuginfo-common-x86_64-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: b7327787c0ec55e4b0484ad68fe65bf7a840ef290a392d20e0db1629f9303a77 |
| kernel-rt-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 6bbbdf8de529f4743012a352db646e9f4fdc2c39ed4bf4a217df3810c431dc84 |
| kernel-rt-doc-3.10.0-862.3.3.rt56.809.el7.noarch.rpm | SHA-256: 3a4b5c4feb7de623b2a8ae797644ec55461cc15963aacd54c4b061737759dbc7 |
| kernel-rt-kvm-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: bb4cf12f46ebfbcf0a5377a2082361ed6caa3a4f534f7e2f6db078646189ddef |
| kernel-rt-kvm-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 032e8c603c324d01c7390ac4199dee62c4dd5af2fde0b666443e80e0db8d73ca |
| kernel-rt-trace-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 234ac485a3a3294c9a6dfb250b3979842640ba544146e33edcff643df2c375c0 |
| kernel-rt-trace-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 5088bbe46575c966953ff4cafca5070faacc339312c75045885102c827cdccf7 |
| kernel-rt-trace-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 661d527486421a1557d15ba54d5a8a7b513458a2d18a73ac8352bf46d2377303 |
| kernel-rt-trace-kvm-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: e5115cf1f75a2e7488ecbfa77bda0d30a21b30f5abf539184eda9b7bd4499410 |
| kernel-rt-trace-kvm-debuginfo-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: f1d34b00f118faea272129969beb5454fe531a62a0f02d8d5753a3d127c519c6 |
Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-862.3.3.rt56.809.el7.src.rpm | SHA-256: 657cc5e8726cdcc3f9e8a4c6c5706117708491d4f0df4fdbfa26751a7da8f947 |
| x86_64 | |
| kernel-rt-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 4e9f92d39a76a05222c8ad1cbaed61e4e50f3e87eac05bebafdc7dd9415e2131 |
| kernel-rt-debug-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: eebd6c2cff0dc9bfd8a648885c923620e151586a0b02c86db1a0279e0a7384ba |
| kernel-rt-debug-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 72cb1f1b679742326b6ba919c86ede63dc0016c4511c47e2f2a5181acb9a524e |
| kernel-rt-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 6bbbdf8de529f4743012a352db646e9f4fdc2c39ed4bf4a217df3810c431dc84 |
| kernel-rt-doc-3.10.0-862.3.3.rt56.809.el7.noarch.rpm | SHA-256: 3a4b5c4feb7de623b2a8ae797644ec55461cc15963aacd54c4b061737759dbc7 |
| kernel-rt-trace-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 234ac485a3a3294c9a6dfb250b3979842640ba544146e33edcff643df2c375c0 |
| kernel-rt-trace-devel-3.10.0-862.3.3.rt56.809.el7.x86_64.rpm | SHA-256: 661d527486421a1557d15ba54d5a8a7b513458a2d18a73ac8352bf46d2377303 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
