Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2018:3666 - Security Advisory
Issued:
2018-11-26
Updated:
2018-11-26

RHSA-2018:3666 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633)
  • kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service (CVE-2018-14646)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Vincent Pelletier for reporting CVE-2018-14633 and Christian Brauner for reporting CVE-2018-14646.

Bug Fix(es):

  • The kernel-rt packages have been upgraded to the 3.10.0-957.1.2 source tree, which provides a number of bug fixes over the previous version. (BZ#1632386)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1626035 - CVE-2018-14633 kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target
  • BZ - 1630124 - CVE-2018-14646 kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service
  • BZ - 1632386 - kernel-rt: update to the RHEL7.6.z batch#1 source tree

CVEs

  • CVE-2018-14633
  • CVE-2018-14646

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-957.1.3.rt56.913.el7.src.rpm SHA-256: 5b0a4858a86a250bcf968aadcba99fed71d3d8395466a4869662835de346cd0a
x86_64
kernel-rt-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: b229bc341b9a9f0a25c431c9dd7bbe8960b8ac1682eb4acb228e4d4d314b9168
kernel-rt-debug-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: ee3d3c44649fd45625c4a806f31a8ff7144b1b96d3f1b9f66886fd65280d0f3d
kernel-rt-debug-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 47688149becec5314960687754ec2d45991f52116179759e3ffcd34b3d2d4fe9
kernel-rt-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 85b4c33df35d15f3ab4f1ae5cf9d902effa3791f92f3d470557c264fa4f5c2b7
kernel-rt-doc-3.10.0-957.1.3.rt56.913.el7.noarch.rpm SHA-256: 2cd20a2cab769c5b66a4bfaa9f5b6e031cb68177d6d18c89e1ecc19057e2c463
kernel-rt-trace-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 0c9bb5317635044ce530d3d5afbf1dcee2ea513c50eed643f143b5d64423c388
kernel-rt-trace-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: bb9ee53ebf874aa88adbcb393eb5a9a9660fa9a0f8ae613ce02771ab0a8cd47a

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-957.1.3.rt56.913.el7.src.rpm SHA-256: 5b0a4858a86a250bcf968aadcba99fed71d3d8395466a4869662835de346cd0a
x86_64
kernel-rt-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: b229bc341b9a9f0a25c431c9dd7bbe8960b8ac1682eb4acb228e4d4d314b9168
kernel-rt-debug-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: ee3d3c44649fd45625c4a806f31a8ff7144b1b96d3f1b9f66886fd65280d0f3d
kernel-rt-debug-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 1408846553d707abbec4afd3d466bcdb686e821bba1f4b7c73d9855a367f8251
kernel-rt-debug-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 47688149becec5314960687754ec2d45991f52116179759e3ffcd34b3d2d4fe9
kernel-rt-debug-kvm-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 130d3e15af3afe3e9317e7f9a6ab0368681aa80da6f883720b1896ee82980e4f
kernel-rt-debug-kvm-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: a0475a4ec6fe6ac2e5a22667bdeb6c248d36a7fe9fddf1cd9814c00bc7cce613
kernel-rt-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 64a03b22c00ad36f9344cc86dd014cc7ea5cfb97b0e2a6834bbf14f2b90ac64c
kernel-rt-debuginfo-common-x86_64-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 60250e6c7e40b3b61a7ae7f45167b7bccbb2344b047054cf93993a1d58aae666
kernel-rt-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 85b4c33df35d15f3ab4f1ae5cf9d902effa3791f92f3d470557c264fa4f5c2b7
kernel-rt-doc-3.10.0-957.1.3.rt56.913.el7.noarch.rpm SHA-256: 2cd20a2cab769c5b66a4bfaa9f5b6e031cb68177d6d18c89e1ecc19057e2c463
kernel-rt-kvm-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 1735f195b1071794a492ba4a19029f3387352480600ceacad2cdbc471783d477
kernel-rt-kvm-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 6397943f934bc19771ac1efd074790a4fd7a6538ef2732795170a663370db09d
kernel-rt-trace-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 0c9bb5317635044ce530d3d5afbf1dcee2ea513c50eed643f143b5d64423c388
kernel-rt-trace-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 6403d418d2faed4849d467b881cec4a6cdef61a77fd0edfdb8e8e217898bada4
kernel-rt-trace-devel-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: bb9ee53ebf874aa88adbcb393eb5a9a9660fa9a0f8ae613ce02771ab0a8cd47a
kernel-rt-trace-kvm-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 2560bf63bed1a83b8754abee01bf2424094e6c60e8dac8334dfb02bdff06c0fe
kernel-rt-trace-kvm-debuginfo-3.10.0-957.1.3.rt56.913.el7.x86_64.rpm SHA-256: 43100e3f82dc7c65f711fd7b1ffc553f631afb4f283bbee2bb9cb7149368a0ee

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter