Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2018:2603 - Security Advisory
Issued:
2018-08-29
Updated:
2018-08-29

RHSA-2018:2603 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646)

Red Hat would like to thank Intel OSSIRT (Intel.com) for reporting these issues.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 5.9 x86_64
  • Red Hat Enterprise Linux Server - AUS 5.9 i386

Fixes

  • BZ - 1585005 - CVE-2018-3620 CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)

CVEs

  • CVE-2018-3620
  • CVE-2018-3646

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 5.9

SRPM
kernel-2.6.18-348.41.1.el5.src.rpm SHA-256: c2a0e4bbb972c1a18067f4226983c73f1f3907aca7e0c1a7555e13c256ef811a
x86_64
kernel-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 5b86e743b47cbc21c967cfee7c2d216cd7da2b9e9e34a11f5cbea3e4b9ad7f31
kernel-debug-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 9d7ad663de0ed2dba1f4f574963ea4c21e7c62e309d18aa40cd1defc2241c7d0
kernel-debug-debuginfo-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 8ccbd60edcfa62c3ff9aaca4c88c102ae2e2c3ef606077c4d16b2ed86d817079
kernel-debug-devel-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: d7c325c4bd40f54ab212b5f3a1c2fd4a89e4341de5256d01b83f944aaf2e4dd4
kernel-debuginfo-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 818a148b3d43a11930b5ca8d07d1259c57d0de4b3c866b9d7f24da4f497b77b8
kernel-debuginfo-common-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: fe6725df9da5e8044161437d969594ada93e8cc5f4c02d90d5944de95ba22499
kernel-devel-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 0116ca47e01948d680af663480fd679b53aad7af270961b7d3a764bb633464ae
kernel-doc-2.6.18-348.41.1.el5.noarch.rpm SHA-256: cb0b375f8af52b82f3ac767599194fd654d18703df73e1f794d908175b111e9f
kernel-headers-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: e580a520b5cb3b90715da3004feb36659f9518b86d4e015b83e08c5ff8cde051
kernel-xen-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 5a7dae2b0bbfdbb085ba3bce0831586ecefab3dfcacb9c22562ea5006b450a8c
kernel-xen-debuginfo-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 65405705324c6c40833e81c7dd0ada131dc6ae64d54617d871aac49ded2e1ead
kernel-xen-devel-2.6.18-348.41.1.el5.x86_64.rpm SHA-256: 3baf615ba0ca46f0ab4917f048416525fce0885111e2b49cfb6d33da2e2a007a
i386
kernel-2.6.18-348.41.1.el5.i686.rpm SHA-256: c0518aaa9c7b31fe33fe3bed1ac7cfad257f431ac4dca1bf38ffba6c6f63acaa
kernel-PAE-2.6.18-348.41.1.el5.i686.rpm SHA-256: 54276425ba60d44f10f292f4e0e1eefa02049a4e0a8261bfa3bf67d1fda3b53f
kernel-PAE-debuginfo-2.6.18-348.41.1.el5.i686.rpm SHA-256: ef42670eae0cd81e4e5a93e63666c5053c709b673db8a54986484a977e4ad8e9
kernel-PAE-devel-2.6.18-348.41.1.el5.i686.rpm SHA-256: 8e1a5f60af5137598ae572e2cd3393e622f35d3a009ceccbb9fa0f35a788a57b
kernel-debug-2.6.18-348.41.1.el5.i686.rpm SHA-256: 78805fecb0f28973c26271bc07d89ef761f4357cce3f67df75e14284bc916482
kernel-debug-debuginfo-2.6.18-348.41.1.el5.i686.rpm SHA-256: 0948f845fa9223177db03bfd46906b197b649227e0690cb8a04c81c511dc6b2b
kernel-debug-devel-2.6.18-348.41.1.el5.i686.rpm SHA-256: bf8a46158b8ff729449649e1f41e8ebab7e683362ff7cd911ffe3d1c073ea1d3
kernel-debuginfo-2.6.18-348.41.1.el5.i686.rpm SHA-256: 332c4f4ad6b43310ab9c85e73390f1fc75962157f374f20b74559d61048952e3
kernel-debuginfo-common-2.6.18-348.41.1.el5.i686.rpm SHA-256: 09f903e221191098a010a5cfdfbc595dfaf9c2285ca4ee561e2c6cbded03ccd0
kernel-devel-2.6.18-348.41.1.el5.i686.rpm SHA-256: 78599e5e1a11e17f4746c961661545cdd9f043c952964ab9080e7d140e89c22e
kernel-doc-2.6.18-348.41.1.el5.noarch.rpm SHA-256: cb0b375f8af52b82f3ac767599194fd654d18703df73e1f794d908175b111e9f
kernel-headers-2.6.18-348.41.1.el5.i386.rpm SHA-256: 11a7cf66ed67f9749909f2b047880467f4a96d595d434d102236420e31498393
kernel-xen-2.6.18-348.41.1.el5.i686.rpm SHA-256: 73bea404d1c76f2d4b7805afe0c5e54705a51de6e02937334b774e23f64cc8b7
kernel-xen-debuginfo-2.6.18-348.41.1.el5.i686.rpm SHA-256: 7d8fa3e9e8aff691505acb8ce8fc39ad82b969957891db784b6ff45ecb204c4e
kernel-xen-devel-2.6.18-348.41.1.el5.i686.rpm SHA-256: 9e7269ff4484c1f904d0f3d1de7b3c1c40bddfb5a8845dd0ffdc54788a796a80

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility