- Issued:
- 2018-11-26
- Updated:
- 2018-11-26
RHSA-2018:3656 - Security Advisory
Synopsis
Important: kernel-alt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)
- kernel: Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714391
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1631205 - CVE-2018-17182 kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation
- BZ - 1635475 - CVE-2018-18021 kernel: Privilege escalation on arm64 via KVM hypervisor
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.2.2.el7a.src.rpm | SHA-256: a443c71ddcb98ee630ed3b87cd9ad6bd66c311ab8bfef7cfd0def38813bb5cb6 |
| aarch64 | |
| kernel-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: dcfa5faf10dc45f636fa4adeeb55cf23357fcddc553c8debcf16a1d5c2557a9d |
| kernel-abi-whitelists-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7d8b0eb169dda16807adb4d4ca3f9e570bc64746c9ad207ad767aab4973168ca |
| kernel-debug-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: d7a21290f8962f09c1b6f5666e0367f0b45566a0d2124e1c54b5d715a42497e6 |
| kernel-debug-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 54f0d05a0e98a9b32d944f48bc2fee874f864d5a1d4f8bdf1ca4e32c7f5d6a4f |
| kernel-debug-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 54f0d05a0e98a9b32d944f48bc2fee874f864d5a1d4f8bdf1ca4e32c7f5d6a4f |
| kernel-debug-devel-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: d1ef7be96f74b1c92b78c63b28c59cd2574278be37699133f90588a860e9f080 |
| kernel-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 274988be754f1bf0d89c9e697492bcc98d32e0d1eab08862df49f232d4e73356 |
| kernel-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 274988be754f1bf0d89c9e697492bcc98d32e0d1eab08862df49f232d4e73356 |
| kernel-debuginfo-common-aarch64-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 31a4d228e81cbf01e61e73a4a29bc9505d106aba297bfdde87af371ec3bdaa5d |
| kernel-debuginfo-common-aarch64-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 31a4d228e81cbf01e61e73a4a29bc9505d106aba297bfdde87af371ec3bdaa5d |
| kernel-devel-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: df9136faa356b02b4e389c62d17b71d5ef510ca39f6baeabe78068a1c67051a3 |
| kernel-doc-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7deb0a9fc933383d246928cc29bab89d0d1c4b87bdf766a26df7f4ff4b7cc0f6 |
| kernel-doc-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7deb0a9fc933383d246928cc29bab89d0d1c4b87bdf766a26df7f4ff4b7cc0f6 |
| kernel-headers-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 1120b46f644affee950206aa5db90376ee8b000956ac107e5ede91baaf510a27 |
| kernel-tools-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 08f70cb42b3ff71fe61f97ae9906221e5fe8630b32a46384c52fa9555645a763 |
| kernel-tools-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: ee8562f8d628de1cb50f0d41538378e0972e5d1ac87b08d7d47e769dea5a5cb2 |
| kernel-tools-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: ee8562f8d628de1cb50f0d41538378e0972e5d1ac87b08d7d47e769dea5a5cb2 |
| kernel-tools-libs-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 14bb7b27cd4e6c2b0fed9a11d45a9ef1bd78ab677b5ca311b8f4f8c61e9a6f6b |
| kernel-tools-libs-devel-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 297df0839d4a76c4bfa7c0024a0837a10d5053b9e5e78ff648e5533f209c34b4 |
| perf-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: efecf53f9f27a89de0a64513d9a7e6b477c2ed977697048475de3acfde20922a |
| perf-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 750796bd0819017b25f14bacb8afa61a4a60f34d264c3aa9764c09e182950e77 |
| perf-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 750796bd0819017b25f14bacb8afa61a4a60f34d264c3aa9764c09e182950e77 |
| python-perf-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: 541c33c6b12a14275f570e4521c3a6922bc94f9da3d3fb6c4b11aa208493a9e0 |
| python-perf-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: bc6722e4e6277f22f060a54df1006f249457feb14d089a50637674cd71ece4b7 |
| python-perf-debuginfo-4.14.0-115.2.2.el7a.aarch64.rpm | SHA-256: bc6722e4e6277f22f060a54df1006f249457feb14d089a50637674cd71ece4b7 |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.2.2.el7a.src.rpm | SHA-256: a443c71ddcb98ee630ed3b87cd9ad6bd66c311ab8bfef7cfd0def38813bb5cb6 |
| ppc64le | |
| kernel-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: f96250ecc666b28691c49c34ad667c200a44f2173ee1fce756cf7b083e2f1a42 |
| kernel-abi-whitelists-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7d8b0eb169dda16807adb4d4ca3f9e570bc64746c9ad207ad767aab4973168ca |
| kernel-bootwrapper-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: eeae604b48d0a2ad9a1314dacc7c605343f6a49b8407e393a704277a98882d0e |
| kernel-debug-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 21e98182ceceff934b78767984ec7e47c1c9fa28073cda150590bf23a9b5cef8 |
| kernel-debug-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 8f12f54a40ca87c7cde4c344f109e83a0b901031b65f8cab7a19a550dc13203d |
| kernel-debug-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 8f12f54a40ca87c7cde4c344f109e83a0b901031b65f8cab7a19a550dc13203d |
| kernel-debug-devel-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 16a1ab761c83911cbf2b494afcd44244f1067976952182b2c78037ad8f426476 |
| kernel-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 08dc6338ce1dbcc775d4614df274718e0418101a433c868b97705da6d28999d2 |
| kernel-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 08dc6338ce1dbcc775d4614df274718e0418101a433c868b97705da6d28999d2 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 27afc70e25ec9eee8e5a0cf769aed77e52bb5f167ed62a1a0ae9172cd5cbb57f |
| kernel-debuginfo-common-ppc64le-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 27afc70e25ec9eee8e5a0cf769aed77e52bb5f167ed62a1a0ae9172cd5cbb57f |
| kernel-devel-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 2ed8399060991e22ebca601fd675c39458dd4cb1079399153be10272d4c98461 |
| kernel-doc-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7deb0a9fc933383d246928cc29bab89d0d1c4b87bdf766a26df7f4ff4b7cc0f6 |
| kernel-headers-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 4fc786721a37b0348c9398db10cb68552f174d47ae109fde1238cc53a9dc30bf |
| kernel-tools-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: cb580a2d4fea9885142758007e05365ac70d57784b518699a5186f90b82214ea |
| kernel-tools-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 9f22998c757b070d9b16fa03a51568b329fafe9966f86c8f99d97f0570371553 |
| kernel-tools-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 9f22998c757b070d9b16fa03a51568b329fafe9966f86c8f99d97f0570371553 |
| kernel-tools-libs-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 20d934defd162d50d11bc01427685cda96cb00c92ad62b3dea557579596f16dd |
| kernel-tools-libs-devel-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 9ca7e7da1f3c56b2a0a0006dacc7d02fc7a819c427440ce4e92ef5ead9e8f6f2 |
| perf-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 3b441d30848b17183cf019830f7c93e8e302a193f52323b210e6e31a9a9e4c60 |
| perf-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: b7e01eeb18cc5cb5d619139cbad9b204585e0fed06cde5f284b4ef1c8f04ee77 |
| perf-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: b7e01eeb18cc5cb5d619139cbad9b204585e0fed06cde5f284b4ef1c8f04ee77 |
| python-perf-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 42273bf91802009f40c280828641dbde2a8febcc0628f984e0db64d12ef394c7 |
| python-perf-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 17d0e3e412b71da77f0b24d535c64c3eb8c6d56cc98940c454c14c91bc451e77 |
| python-perf-debuginfo-4.14.0-115.2.2.el7a.ppc64le.rpm | SHA-256: 17d0e3e412b71da77f0b24d535c64c3eb8c6d56cc98940c454c14c91bc451e77 |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.2.2.el7a.src.rpm | SHA-256: a443c71ddcb98ee630ed3b87cd9ad6bd66c311ab8bfef7cfd0def38813bb5cb6 |
| s390x | |
| kernel-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 73d73d2bfccb90573d77c919f4e0d7b77fc20d46d1c0eeff21b1daab6c664734 |
| kernel-abi-whitelists-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7d8b0eb169dda16807adb4d4ca3f9e570bc64746c9ad207ad767aab4973168ca |
| kernel-debug-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: c00c3b4499675f3772a0f855733303e59e2445b98a3b706548f0a382d3d58999 |
| kernel-debug-debuginfo-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 27577c894a77cf97948a895dc3c6fd3bcbef4152efd1ac4f4ca11a65aa7ef220 |
| kernel-debug-devel-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 752627790a08adc3877c4f0dee1c1b0b7c0d46ee8f30995ca8897d7e26b415fc |
| kernel-debuginfo-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: c9ccd729426367ee1690a71ffaf56a6835d70c0d69fca286c85d8e174818f410 |
| kernel-debuginfo-common-s390x-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 3e687cd50153c3cfa4cf6da9c5e745877ccbee69fe959f0cfab035b58716fd91 |
| kernel-devel-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 0ed3f11b9814f1bb298d9568b968ced870ea5d58a6670f5c0ae3e358f29aca5d |
| kernel-doc-4.14.0-115.2.2.el7a.noarch.rpm | SHA-256: 7deb0a9fc933383d246928cc29bab89d0d1c4b87bdf766a26df7f4ff4b7cc0f6 |
| kernel-headers-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 690fc1e51e6c14e71ed9894435f996e88dcc68f07253266eb571b317d8726461 |
| kernel-kdump-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: eba835fcccad442a57349802dfa17dc9de43d3d120e5eb1994889d06d9bf2e5c |
| kernel-kdump-debuginfo-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 9a88429ff534b63b9f55d2e8b3f67b7b3828895d63049847fa713bf5d47c7d1f |
| kernel-kdump-devel-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 7953e02a03bfa8ef3ab8f9012506f4756197e85ec3115805f82243bd4eeb3aea |
| perf-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 28956eb0a694418d6feb80047c106e9be9c83c13ee7d51d9477df4e52ae019fc |
| perf-debuginfo-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 78b119d92670bb710dd698acf96400008670f405eb2c7b5d531501cb4135226b |
| python-perf-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 0d21180b08370cfa0146752b7d70855e50574ccd04f9371a1d0b40a42e333c79 |
| python-perf-debuginfo-4.14.0-115.2.2.el7a.s390x.rpm | SHA-256: 35ce9b7efb7cd7eab61610a5f0e9fe353fc833f8cad3a3dc16969fe9e3cadaae |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
