- Issued:
- 2019-09-11
- Updated:
- 2019-09-11
RHSA-2019:2730 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise MRG 2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)
- kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)
- kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
- kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)
- kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Backport TCP follow-up for small buffers [mrg-r] (BZ#1732110)
- update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1734469)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- MRG Realtime 2 x86_64
Fixes
- BZ - 1599161 - CVE-2018-13405 kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members
- BZ - 1655162 - CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence
- BZ - 1655904 - CVE-2018-9568 kernel: Memory corruption due to incorrect socket cloning
- BZ - 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
- BZ - 1724389 - CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability
- BZ - 1734469 - update the MRG 2.5.z 3.10 realtime-kernel sources
MRG Realtime 2
| SRPM | |
|---|---|
| kernel-rt-3.10.0-693.58.1.rt56.652.el6rt.src.rpm | SHA-256: 266b0c1fd792ed3a3b502beca8dd93a700bdbbede60456382590f5fb16aa2e25 |
| x86_64 | |
| kernel-rt-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 712efd3944b61a3383cca4f50d723d65ced0ecc6c5c38e8ab46e13dacf237646 |
| kernel-rt-debug-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 0f5f8afd0f496e1f3f17aa1e1e9b2456a5f096680fccc3b6a91ecc336b98d348 |
| kernel-rt-debug-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 7a268d8ed9a381d1e1801bd6ef928043a641aa58c91f4d6df7e8e526d68420a8 |
| kernel-rt-debug-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 69ff291aec57a49893278c4ad4905f1201e3be3e9f24ae1ba884f61973ff119e |
| kernel-rt-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 38cc0054fde375c1a9d332c58592b9830fb9f846c9a682e31cda07965aae753c |
| kernel-rt-debuginfo-common-x86_64-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: d11051ecd45b1d9e030c9d8106b0d2b3b734f7af1ac6eb663813184b72e9007e |
| kernel-rt-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 0e773dc551326d98c4ca42cb4e05e552b48fb2c420a2fc6a3bc535773a232cfd |
| kernel-rt-doc-3.10.0-693.58.1.rt56.652.el6rt.noarch.rpm | SHA-256: fdd252676eb03c4b2723fe1d66cc8ca309de7a5e3ad7ab6bf81c42b7411509c2 |
| kernel-rt-firmware-3.10.0-693.58.1.rt56.652.el6rt.noarch.rpm | SHA-256: bb606274a6c0e87cf4df2b3adabdde3f224edb45a5099b1118e380514aedb1ce |
| kernel-rt-trace-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 9557689d5d697cfa03191be6633d38d76d70e494bf1e8c6a23dd7abe47d017ae |
| kernel-rt-trace-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: db7b59256e65fb1bf1ba74789f406f5e5384f69a49804a9ca7505ab2345cc54a |
| kernel-rt-trace-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 6d347cc8e4855e9ebcfcbc79c7614eb6e32f9bac9133a3bcd5c5c0bbea57c9a9 |
| kernel-rt-vanilla-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: d052d3583c4908a522ad83998c022de23d182ae2d196f3faf0f73512cb202965 |
| kernel-rt-vanilla-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: a70a27a39b0b7ea765ef53a3c706862c6fa1dbeb6ed1dc6f5c05a32a71c89994 |
| kernel-rt-vanilla-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm | SHA-256: 2c0df252ca53ba9913b76c89572bb16c47db819c64a3b605bfb2a968edcabac5 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.