- Issued:
- 2018-09-25
- Updated:
- 2018-09-25
RHSA-2018:2772 - Security Advisory
Synopsis
Important: kernel-alt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- kernel: Infoleak/use-after-free in __oom_reap_task_mm function in mm/oom_kill.c (CVE-2017-18202)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Previously, on certain little-endian variants of IBM Power Systems, there was no “sysfs spec_store_bypass” file. As a consequence, there was no way to indicate the Speculative Store Bypass Disable (SSBD) mitigation status. This update adds infrastructure code into the kernel to create the /sys/devices/system/cpu/vulnerabilities/* files. As a result, sysfs spec_store_bypass shows whether the SSBD mitigation is disabled or enabled. (BZ#1602340)
- Previously, the kernel architectures for IBM z Systems were missing support to display the status of the Spectre v2 mitigations. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spectre_v2 file did not exist. With this update, the kernel now shows the status in the above mentioned file and as a result, the file now reports either "Vulnerable" or "Mitigation: execute trampolines" message. (BZ#1619667)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1549621 - CVE-2017-18202 kernel: Infoleak/use-after-free in __oom_reap_task_mm function in mm/oom_kill.c
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-49.13.1.el7a.src.rpm | SHA-256: b396be3722377668c5a1864c65caa4802a1999aff43b4991dc520d9b2e7b5ae3 |
| aarch64 | |
| kernel-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 678036eef8118d3eb12280785a871ba1f9368e69e531ab6a2841149b85a81a3a |
| kernel-abi-whitelists-4.14.0-49.13.1.el7a.noarch.rpm | SHA-256: f4629f6e98d7aa6f5e2a8dd4feea236b9aca2f127e90265299e7063c229e0190 |
| kernel-debug-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 17f25803fe245df3bff7652508e6110b8c9aa4cb1342fb0f09b8dd1d9f78738f |
| kernel-debug-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: b594ce3b43fad67f4ccd282e87393665a9acedc2d78d4b5b25a3518cc0f55a5e |
| kernel-debug-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: b594ce3b43fad67f4ccd282e87393665a9acedc2d78d4b5b25a3518cc0f55a5e |
| kernel-debug-devel-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: eda9d9965b5368d5419a0e7590315f0290513fddc1431b7a4807d9d3c1cf34f0 |
| kernel-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 234e39494b0037b7f962a3df199e4f467d92088685be92f97a161d04c65cedcf |
| kernel-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 234e39494b0037b7f962a3df199e4f467d92088685be92f97a161d04c65cedcf |
| kernel-debuginfo-common-aarch64-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: bf9e89e5b0c05ebdb4c54e229169a7ee8e70682449b0b57dd1d7bb6dfa822684 |
| kernel-debuginfo-common-aarch64-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: bf9e89e5b0c05ebdb4c54e229169a7ee8e70682449b0b57dd1d7bb6dfa822684 |
| kernel-devel-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 0c37b6bf4a37a672af1c32f3332e4c966d76b0699b04fb66ff9d7ac7170890ef |
| kernel-doc-4.14.0-49.13.1.el7a.noarch.rpm | SHA-256: 2a8cdd106fdd01ef3cee9da289f1f17bd87b87dbbc9bd331c0d7dbb42469f387 |
| kernel-headers-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: cf641f422af563b4245587d1e04da67a891d36e7c0c67d19e7977634d31b4055 |
| kernel-tools-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: d557fe4657a594f48dd103defa48b6737284c947bb0fba4e30c11c640e924296 |
| kernel-tools-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 889c9a0e4961dbe8734098ab8d82822282387b53351155ed5aad45027e712d3e |
| kernel-tools-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 889c9a0e4961dbe8734098ab8d82822282387b53351155ed5aad45027e712d3e |
| kernel-tools-libs-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 2714d8c059dc606a0e4a6dee924b8a17bef662da3247da85c115be3ca3f49aa4 |
| kernel-tools-libs-devel-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: d43216bf8d0bd5cb27100ffda9030c277638b772b8f841ade6d6fdad5245e22c |
| perf-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 3d09ed98e7591dfd752d50ec72fad9b8a5db881e297b734c1d9f018ca23dd5bf |
| perf-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 2ef792da4028718cc825e5d2b82b2e0c58f618d7d66ff7bafe6c3318334bc3e4 |
| perf-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 2ef792da4028718cc825e5d2b82b2e0c58f618d7d66ff7bafe6c3318334bc3e4 |
| python-perf-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: ccdcf24dc8e00acfe517cb055452c87740429188b1b9d83211112b0da005debd |
| python-perf-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 9d6ce19795f7533fed5e79f904aae3153109d5c1583fe512d5987a91f472bf44 |
| python-perf-debuginfo-4.14.0-49.13.1.el7a.aarch64.rpm | SHA-256: 9d6ce19795f7533fed5e79f904aae3153109d5c1583fe512d5987a91f472bf44 |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-49.13.1.el7a.src.rpm | SHA-256: b396be3722377668c5a1864c65caa4802a1999aff43b4991dc520d9b2e7b5ae3 |
| ppc64le | |
| kernel-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 188a50c704595f10bb999d3a1bd6e583d887ee3258dd38afcfa43a1adbdb8183 |
| kernel-abi-whitelists-4.14.0-49.13.1.el7a.noarch.rpm | SHA-256: f4629f6e98d7aa6f5e2a8dd4feea236b9aca2f127e90265299e7063c229e0190 |
| kernel-bootwrapper-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: c252863c89592df023c0c7b65729c2b676f5aa06cfbeb804d57b34c0ab17e1dc |
| kernel-debug-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 4868e1788f206319e4c6800574f3a7dfd734b16929d4456159cf6fee4ca02bbf |
| kernel-debug-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 96c409249c3a0457e21b574dd56ee1541e1eec060c3756837b38121ba971d970 |
| kernel-debug-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 96c409249c3a0457e21b574dd56ee1541e1eec060c3756837b38121ba971d970 |
| kernel-debug-devel-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: c8eb9006e1825589d75fe6a73c2fd8c3afe7a67f94e2cbae09a7dc250c7f1222 |
| kernel-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: f0b8f2955ae97ece173591061dec6e1205a8af43baafa77c540bff5092a5cfb0 |
| kernel-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: f0b8f2955ae97ece173591061dec6e1205a8af43baafa77c540bff5092a5cfb0 |
| kernel-debuginfo-common-ppc64le-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: f15c52322d1e4e3b79da5a13b619be6e3fbf7444c9c75e53a8c4cf6d4dd595ee |
| kernel-debuginfo-common-ppc64le-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: f15c52322d1e4e3b79da5a13b619be6e3fbf7444c9c75e53a8c4cf6d4dd595ee |
| kernel-devel-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: bbce28c4fe2bad8b573bba06aafe43ca9f8ccf5e429f27b9841eae8bf5f6257c |
| kernel-doc-4.14.0-49.13.1.el7a.noarch.rpm | SHA-256: 2a8cdd106fdd01ef3cee9da289f1f17bd87b87dbbc9bd331c0d7dbb42469f387 |
| kernel-headers-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: e0d450b8652eb17cf8a482d6ea12af34b9b8949f521a8f958e8d07b4530b8cbe |
| kernel-tools-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: d28c99b8fae01fe92a2b70cf3b15ba26c4ec87e194115ebfe8878b4a310134fa |
| kernel-tools-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 1bb16c4da1a3e56e1962da466b8dbddfbe02372640d0f33f97a97378987eb738 |
| kernel-tools-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 1bb16c4da1a3e56e1962da466b8dbddfbe02372640d0f33f97a97378987eb738 |
| kernel-tools-libs-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: e377df4f87d72d59f4d98e8a736d53b016d97b3b064b5351f4861cf342c4150e |
| kernel-tools-libs-devel-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: e0eceecf8721d872cb5d06e8cf8e79c2e93d0ad60f82837edb8ca6b555bbdd0d |
| perf-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 05c5366a0709f2797fd9ada0793fd670ac5454daead906ad1396224709805acc |
| perf-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: d868376cfda3a005a8be85f5b8bb8bb8f11bcc1158f2f750020217647ebe5def |
| perf-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: d868376cfda3a005a8be85f5b8bb8bb8f11bcc1158f2f750020217647ebe5def |
| python-perf-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 1040ad15f0dc2bc608ba5f17969d64844b720dd724edc8534624d406b2cc1024 |
| python-perf-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 546e54b352e712a19381231ad1f49282d841acd3cf260f2564182c83754cfdef |
| python-perf-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm | SHA-256: 546e54b352e712a19381231ad1f49282d841acd3cf260f2564182c83754cfdef |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-49.13.1.el7a.src.rpm | SHA-256: b396be3722377668c5a1864c65caa4802a1999aff43b4991dc520d9b2e7b5ae3 |
| s390x | |
| kernel-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: f1d3dc9060a5b48f5a11c8162853c7e99dda2f95f92e4a012245952f00b81830 |
| kernel-abi-whitelists-4.14.0-49.13.1.el7a.noarch.rpm | SHA-256: f4629f6e98d7aa6f5e2a8dd4feea236b9aca2f127e90265299e7063c229e0190 |
| kernel-debug-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 6e2d1d724f39b9d4feafb9f9350acaf04360a3af34f2d740b507a398e73aa52f |
| kernel-debug-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: ee674a91d246adba6a43f14020368ed373fc09105af4428dc4fd0c934f83b2c6 |
| kernel-debug-devel-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: baf5fc2f6667e8962ef105c4a99be23f6013941c72b883650ea3e28ebf0c55bc |
| kernel-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 5e3cbfc0ee47c9ac91b80fbca79ffd5700f05156bb20e0febcbfa420c17506cf |
| kernel-debuginfo-common-s390x-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 37131d4aa13419d94bda9b71c8db874f5fcbfc5198f462722a8090312bd828b0 |
| kernel-devel-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 2c3475b9b7a02232f90c857dc65f423155c4eb2af71d4b440822ce3f2ead18bd |
| kernel-doc-4.14.0-49.13.1.el7a.noarch.rpm | SHA-256: 2a8cdd106fdd01ef3cee9da289f1f17bd87b87dbbc9bd331c0d7dbb42469f387 |
| kernel-headers-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: fa0f1237b17737c5a32f5cf025ee40fb47092ebd74a4910b9d14c42865099d0b |
| kernel-kdump-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 192a2a12a108c690c16a7c383b508b81a3b6b6ad967ea334b5671b0d08e95889 |
| kernel-kdump-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: a847655a0d384edd7b12144b6bc0fd1ab331dd8c0ba1fa1728243d9fb120ce6f |
| kernel-kdump-devel-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: cfc3cc2574a0338e95fcafbb6fca6cbc6d25f80cee7ca1423708ddae67d52920 |
| perf-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: a4bc85813c07aae33e09a41245b0d19c5fbca6c54e1ebff94f407a93185d73b5 |
| perf-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 7353081ccfbc4427dcdb23fa887b243c6c4502cc6290eddcbacb3c12dd854102 |
| python-perf-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 2b7518c6dfd77bcb36059a5d0a8781e2d93b65139b9a94e507b6d0cec6cdd0dc |
| python-perf-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm | SHA-256: 667c67f67ed101132e75d5d2fe184153021e98db311e64c9b8d50a8efb7c58c1 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
