Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Tower
      • Red Hat Ansible Engine
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat Cloud Infrastructure
      • Red Hat Cloud Suite
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat OpenShift Application Runtimes
      • Red Hat Quay
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • JBoss Development and Management
      • Back
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat JBoss Operations Network
      • Red Hat Developer Studio
    • JBoss Integration and Automation
      • Back
      • Red Hat JBoss Data Virtualization
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
      • Red Hat 3scale API Management
    • Mobile
      • Back
      • Red Hat Mobile Application Platform
    • Support
    • Production Support
    • Development Support
    • Product Life Cycle & Update Policies
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem
    • Browse Certified Solutions
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • Español
    • Deutsch
    • Italiano
    • 한국어
    • Français
    • 日本語
    • Português
    • 中文 (中国)
    • русский
Red Hat Logo Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Tower
      • Red Hat Ansible Engine
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat Cloud Infrastructure
      • Red Hat Cloud Suite
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat OpenShift Application Runtimes
      • Red Hat Quay
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • JBoss Development and Management
      • Back
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat JBoss Operations Network
      • Red Hat Developer Studio
    • JBoss Integration and Automation
      • Back
      • Red Hat JBoss Data Virtualization
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
      • Red Hat 3scale API Management
    • Mobile
      • Back
      • Red Hat Mobile Application Platform
    • Support
    • Production Support
    • Development Support
    • Product Life Cycle & Update Policies
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem
    • Browse Certified Solutions
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • Español
    • Deutsch
    • Italiano
    • 한국어
    • Français
    • 日本語
    • Português
    • 中文 (中国)
    • русский
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Troubleshooting an issue? Try Solution Engine—our new support tool.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • Español
  • Deutsch
  • Italiano
  • 한국어
  • Français
  • 日本語
  • Português
  • 中文 (中国)
  • русский
Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • JBoss Development and Management

  • JBoss Integration and Automation

  • Mobile

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Tower
  • Red Hat Ansible Engine
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat Cloud Infrastructure
  • Red Hat Cloud Suite
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat OpenShift Application Runtimes
  • Red Hat Quay
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat JBoss Operations Network
  • Red Hat Developer Studio
  • Red Hat JBoss Data Virtualization
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
  • Red Hat 3scale API Management
  • Red Hat Mobile Application Platform
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycle & Update Policies

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem
  • Browse Certified Solutions
  • Partner Resources

Red Hat in the Public Cloud

Keep the support and benefits of a Red Hat subscription when you move to the public cloud.

Instructions

Tools

  • Solution Engine
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting
  • Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses for high-priority security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2018:3666 - Security Advisory
Issued:
2018-11-26
Updated:
2018-11-26

RHSA-2018:3666 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633)
  • kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646.

Bug Fix(es):

  • The kernel-rt packages have been upgraded to the 3.10.0-957.1.2 source tree, which provides a number of bug fixes over the previous version. (BZ#1632386)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1626035 - CVE-2018-14633 kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target
  • BZ - 1630124 - CVE-2018-14646 kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service
  • BZ - 1632386 - kernel-rt: update to the RHEL7.6.z batch#1 source tree

CVEs

  • CVE-2018-14633
  • CVE-2018-14646

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-957.1.3.rt56.913.el7.src.rpm SHA-256: 5b0a4858a86a250bcf968aadcba99fed71d3d8395466a4869662835de346cd0a
x86_64
kernel-rt-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: b229bc341b9a9f0a25c431c9dd7bbe8960b8ac1682eb4acb228e4d4d314b9168
kernel-rt-debug-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: ee3d3c44649fd45625c4a806f31a8ff7144b1b96d3f1b9f66886fd65280d0f3d
kernel-rt-debug-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 47688149becec5314960687754ec2d45991f52116179759e3ffcd34b3d2d4fe9
kernel-rt-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 85b4c33df35d15f3ab4f1ae5cf9d902effa3791f92f3d470557c264fa4f5c2b7
kernel-rt-doc-3.10.0-957.1.3.rt56.913.el7.noarch.rpm SHA-256: 2cd20a2cab769c5b66a4bfaa9f5b6e031cb68177d6d18c89e1ecc19057e2c463
kernel-rt-trace-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 0c9bb5317635044ce530d3d5afbf1dcee2ea513c50eed643f143b5d64423c388
kernel-rt-trace-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: bb9ee53ebf874aa88adbcb393eb5a9a9660fa9a0f8ae613ce02771ab0a8cd47a

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-957.1.3.rt56.913.el7.src.rpm SHA-256: 5b0a4858a86a250bcf968aadcba99fed71d3d8395466a4869662835de346cd0a
x86_64
kernel-rt-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: b229bc341b9a9f0a25c431c9dd7bbe8960b8ac1682eb4acb228e4d4d314b9168
kernel-rt-debug-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: ee3d3c44649fd45625c4a806f31a8ff7144b1b96d3f1b9f66886fd65280d0f3d
kernel-rt-debug-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 1408846553d707abbec4afd3d466bcdb686e821bba1f4b7c73d9855a367f8251
kernel-rt-debug-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 47688149becec5314960687754ec2d45991f52116179759e3ffcd34b3d2d4fe9
kernel-rt-debug-kvm-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 130d3e15af3afe3e9317e7f9a6ab0368681aa80da6f883720b1896ee82980e4f
kernel-rt-debug-kvm-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: a0475a4ec6fe6ac2e5a22667bdeb6c248d36a7fe9fddf1cd9814c00bc7cce613
kernel-rt-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 64a03b22c00ad36f9344cc86dd014cc7ea5cfb97b0e2a6834bbf14f2b90ac64c
kernel-rt-debuginfo-common-x86_64-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 60250e6c7e40b3b61a7ae7f45167b7bccbb2344b047054cf93993a1d58aae666
kernel-rt-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 85b4c33df35d15f3ab4f1ae5cf9d902effa3791f92f3d470557c264fa4f5c2b7
kernel-rt-doc-3.10.0-957.1.3.rt56.913.el7.noarch.rpm SHA-256: 2cd20a2cab769c5b66a4bfaa9f5b6e031cb68177d6d18c89e1ecc19057e2c463
kernel-rt-kvm-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 1735f195b1071794a492ba4a19029f3387352480600ceacad2cdbc471783d477
kernel-rt-kvm-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 6397943f934bc19771ac1efd074790a4fd7a6538ef2732795170a663370db09d
kernel-rt-trace-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 0c9bb5317635044ce530d3d5afbf1dcee2ea513c50eed643f143b5d64423c388
kernel-rt-trace-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 6403d418d2faed4849d467b881cec4a6cdef61a77fd0edfdb8e8e217898bada4
kernel-rt-trace-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: bb9ee53ebf874aa88adbcb393eb5a9a9660fa9a0f8ae613ce02771ab0a8cd47a
kernel-rt-trace-kvm-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 2560bf63bed1a83b8754abee01bf2424094e6c60e8dac8334dfb02bdff06c0fe
kernel-rt-trace-kvm-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 43100e3f82dc7c65f711fd7b1ffc553f631afb4f283bbee2bb9cb7149368a0ee

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • openshift.com
  • developers.redhat.com
  • connect.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2019 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter Facebook