Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2018:2216 - Security Advisory
Issued:
2018-07-17
Updated:
2018-07-17

RHSA-2018:2216 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, x86 AMD)

Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting this issue.

Bug Fix(es):

  • When switching from the indirect branch speculation (IBRS) feature to the retpolines feature, the IBRS state of some CPUs was sometimes not handled correctly. Consequently, some CPUs were left with the IBRS Model-Specific Register (MSR) bit set to 1, which could lead to performance issues. With this update, the underlying source code has been fixed to clear the IBRS MSR bits correctly, thus fixing the bug. (BZ#1586145)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.2 x86_64

Fixes

  • BZ - 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass

CVEs

  • CVE-2018-3639

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/ssbd
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
kernel-3.10.0-327.71.1.el7.src.rpm SHA-256: 45f534e14c7118ca21b96b48aa6ecdfb172730e3f1f3567183ce11027c57d9d2
x86_64
kernel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: dff158a62db0228d0821e4e209fc2ef521a60e140fb1a2a68e526eebe3bafee0
kernel-abi-whitelists-3.10.0-327.71.1.el7.noarch.rpm SHA-256: cadef9d9aa15fd3a779aedefb8fec918095c875f4520e49f4fdf37b581fe73a6
kernel-debug-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1e2671114a837a8eacf3f98aebb42996a8b763583fd345ac9b69d66b14f3fbc9
kernel-debug-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 990e53a275bdf985eff4ca50bf5da2b1464579065150e806c93c56a33174ca13
kernel-debug-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 990e53a275bdf985eff4ca50bf5da2b1464579065150e806c93c56a33174ca13
kernel-debug-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1c9e06e9a438a82564b56c8f0ecfa8181c14dd27352d4c660ae2e2babd43b460
kernel-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 7c58a818cc256ccfb808e4bab8ff8d3b59003b64718deba96ad9820d893971f4
kernel-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 7c58a818cc256ccfb808e4bab8ff8d3b59003b64718deba96ad9820d893971f4
kernel-debuginfo-common-x86_64-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 45862fbba0dc8cf29d9c7db413cfaf9c29dbf893240c605da94369a8cf33c60b
kernel-debuginfo-common-x86_64-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 45862fbba0dc8cf29d9c7db413cfaf9c29dbf893240c605da94369a8cf33c60b
kernel-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: d4536d1df246d66a863e6d78eee3813c4d1b9b0471d46e30eaa3a11c4e571545
kernel-doc-3.10.0-327.71.1.el7.noarch.rpm SHA-256: d44933dd4911018537f1319e0841651365a8bb2b06da5c8e78a00dc7e9ad128c
kernel-headers-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 79f700a0612bf5bb3636bb2bba6bf3102984c3365779e51d3e79cbf50a257f63
kernel-tools-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 0b1d60be18547e899647c5fbb7d97f1c3c70ef09f7d74af25977bc393d692e18
kernel-tools-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 86342555990bd51a1a79eb421f0fa00f27c38c7765d1d1eff777abdde4905be8
kernel-tools-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 86342555990bd51a1a79eb421f0fa00f27c38c7765d1d1eff777abdde4905be8
kernel-tools-libs-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1827c6f863c81de7adcdd39afd88b2d69e7aeaf3d1078958fd58f82bdca42e62
kernel-tools-libs-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: c5d353424b5bc52c86ceccacf0e48417c0b258db48c8ca12f639be6324438dc4
perf-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 97d7ffe5fb1f77e0475647a963c5835d5f997085728edd78ace514e46472fba9
perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1b78d428f558ec135e95aaa8efddbd4b412d3c4b7fbd7a6c67639fc9fa7c1785
perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1b78d428f558ec135e95aaa8efddbd4b412d3c4b7fbd7a6c67639fc9fa7c1785
python-perf-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: e018661176fbec2732174e641c3850e921ecea61894b6f2855873624b156da9e
python-perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 609bddc38b5d9f6fea79dc4123670ee6fa91a12b281c13016eb30333fdf700df
python-perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 609bddc38b5d9f6fea79dc4123670ee6fa91a12b281c13016eb30333fdf700df

Red Hat Enterprise Linux Server - TUS 7.2

SRPM
kernel-3.10.0-327.71.1.el7.src.rpm SHA-256: 45f534e14c7118ca21b96b48aa6ecdfb172730e3f1f3567183ce11027c57d9d2
x86_64
kernel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: dff158a62db0228d0821e4e209fc2ef521a60e140fb1a2a68e526eebe3bafee0
kernel-abi-whitelists-3.10.0-327.71.1.el7.noarch.rpm SHA-256: cadef9d9aa15fd3a779aedefb8fec918095c875f4520e49f4fdf37b581fe73a6
kernel-debug-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1e2671114a837a8eacf3f98aebb42996a8b763583fd345ac9b69d66b14f3fbc9
kernel-debug-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 990e53a275bdf985eff4ca50bf5da2b1464579065150e806c93c56a33174ca13
kernel-debug-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 990e53a275bdf985eff4ca50bf5da2b1464579065150e806c93c56a33174ca13
kernel-debug-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1c9e06e9a438a82564b56c8f0ecfa8181c14dd27352d4c660ae2e2babd43b460
kernel-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 7c58a818cc256ccfb808e4bab8ff8d3b59003b64718deba96ad9820d893971f4
kernel-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 7c58a818cc256ccfb808e4bab8ff8d3b59003b64718deba96ad9820d893971f4
kernel-debuginfo-common-x86_64-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 45862fbba0dc8cf29d9c7db413cfaf9c29dbf893240c605da94369a8cf33c60b
kernel-debuginfo-common-x86_64-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 45862fbba0dc8cf29d9c7db413cfaf9c29dbf893240c605da94369a8cf33c60b
kernel-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: d4536d1df246d66a863e6d78eee3813c4d1b9b0471d46e30eaa3a11c4e571545
kernel-doc-3.10.0-327.71.1.el7.noarch.rpm SHA-256: d44933dd4911018537f1319e0841651365a8bb2b06da5c8e78a00dc7e9ad128c
kernel-headers-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 79f700a0612bf5bb3636bb2bba6bf3102984c3365779e51d3e79cbf50a257f63
kernel-tools-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 0b1d60be18547e899647c5fbb7d97f1c3c70ef09f7d74af25977bc393d692e18
kernel-tools-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 86342555990bd51a1a79eb421f0fa00f27c38c7765d1d1eff777abdde4905be8
kernel-tools-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 86342555990bd51a1a79eb421f0fa00f27c38c7765d1d1eff777abdde4905be8
kernel-tools-libs-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1827c6f863c81de7adcdd39afd88b2d69e7aeaf3d1078958fd58f82bdca42e62
kernel-tools-libs-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: c5d353424b5bc52c86ceccacf0e48417c0b258db48c8ca12f639be6324438dc4
perf-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 97d7ffe5fb1f77e0475647a963c5835d5f997085728edd78ace514e46472fba9
perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1b78d428f558ec135e95aaa8efddbd4b412d3c4b7fbd7a6c67639fc9fa7c1785
perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1b78d428f558ec135e95aaa8efddbd4b412d3c4b7fbd7a6c67639fc9fa7c1785
python-perf-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: e018661176fbec2732174e641c3850e921ecea61894b6f2855873624b156da9e
python-perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 609bddc38b5d9f6fea79dc4123670ee6fa91a12b281c13016eb30333fdf700df
python-perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 609bddc38b5d9f6fea79dc4123670ee6fa91a12b281c13016eb30333fdf700df

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.2

SRPM
kernel-3.10.0-327.71.1.el7.src.rpm SHA-256: 45f534e14c7118ca21b96b48aa6ecdfb172730e3f1f3567183ce11027c57d9d2
x86_64
kernel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: dff158a62db0228d0821e4e209fc2ef521a60e140fb1a2a68e526eebe3bafee0
kernel-abi-whitelists-3.10.0-327.71.1.el7.noarch.rpm SHA-256: cadef9d9aa15fd3a779aedefb8fec918095c875f4520e49f4fdf37b581fe73a6
kernel-debug-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1e2671114a837a8eacf3f98aebb42996a8b763583fd345ac9b69d66b14f3fbc9
kernel-debug-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 990e53a275bdf985eff4ca50bf5da2b1464579065150e806c93c56a33174ca13
kernel-debug-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 990e53a275bdf985eff4ca50bf5da2b1464579065150e806c93c56a33174ca13
kernel-debug-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1c9e06e9a438a82564b56c8f0ecfa8181c14dd27352d4c660ae2e2babd43b460
kernel-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 7c58a818cc256ccfb808e4bab8ff8d3b59003b64718deba96ad9820d893971f4
kernel-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 7c58a818cc256ccfb808e4bab8ff8d3b59003b64718deba96ad9820d893971f4
kernel-debuginfo-common-x86_64-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 45862fbba0dc8cf29d9c7db413cfaf9c29dbf893240c605da94369a8cf33c60b
kernel-debuginfo-common-x86_64-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 45862fbba0dc8cf29d9c7db413cfaf9c29dbf893240c605da94369a8cf33c60b
kernel-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: d4536d1df246d66a863e6d78eee3813c4d1b9b0471d46e30eaa3a11c4e571545
kernel-doc-3.10.0-327.71.1.el7.noarch.rpm SHA-256: d44933dd4911018537f1319e0841651365a8bb2b06da5c8e78a00dc7e9ad128c
kernel-headers-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 79f700a0612bf5bb3636bb2bba6bf3102984c3365779e51d3e79cbf50a257f63
kernel-tools-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 0b1d60be18547e899647c5fbb7d97f1c3c70ef09f7d74af25977bc393d692e18
kernel-tools-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 86342555990bd51a1a79eb421f0fa00f27c38c7765d1d1eff777abdde4905be8
kernel-tools-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 86342555990bd51a1a79eb421f0fa00f27c38c7765d1d1eff777abdde4905be8
kernel-tools-libs-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1827c6f863c81de7adcdd39afd88b2d69e7aeaf3d1078958fd58f82bdca42e62
kernel-tools-libs-devel-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: c5d353424b5bc52c86ceccacf0e48417c0b258db48c8ca12f639be6324438dc4
perf-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 97d7ffe5fb1f77e0475647a963c5835d5f997085728edd78ace514e46472fba9
perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1b78d428f558ec135e95aaa8efddbd4b412d3c4b7fbd7a6c67639fc9fa7c1785
perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 1b78d428f558ec135e95aaa8efddbd4b412d3c4b7fbd7a6c67639fc9fa7c1785
python-perf-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: e018661176fbec2732174e641c3850e921ecea61894b6f2855873624b156da9e
python-perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 609bddc38b5d9f6fea79dc4123670ee6fa91a12b281c13016eb30333fdf700df
python-perf-debuginfo-3.10.0-327.71.1.el7.x86_64.rpm SHA-256: 609bddc38b5d9f6fea79dc4123670ee6fa91a12b281c13016eb30333fdf700df

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat X (formerly Twitter)

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility