Red Hat Product Errata RHSA-2019:2730 - Security Advisory

Issued:: 2019-09-11
Updated:: 2019-09-11

RHSA-2019:2730 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)
kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)
kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)
kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Backport TCP follow-up for small buffers [mrg-r] (BZ#1732110)
update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1734469)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

MRG Realtime 2 x86_64

Fixes

BZ - 1599161 - CVE-2018-13405 kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members
BZ - 1655162 - CVE-2018-16871 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence
BZ - 1655904 - CVE-2018-9568 kernel: Memory corruption due to incorrect socket cloning
BZ - 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
BZ - 1724389 - CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability
BZ - 1734469 - update the MRG 2.5.z 3.10 realtime-kernel sources

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Realtime 2

SRPM
kernel-rt-3.10.0-693.58.1.rt56.652.el6rt.src.rpm	SHA-256: 266b0c1fd792ed3a3b502beca8dd93a700bdbbede60456382590f5fb16aa2e25
x86_64
kernel-rt-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 712efd3944b61a3383cca4f50d723d65ced0ecc6c5c38e8ab46e13dacf237646
kernel-rt-debug-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 0f5f8afd0f496e1f3f17aa1e1e9b2456a5f096680fccc3b6a91ecc336b98d348
kernel-rt-debug-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 7a268d8ed9a381d1e1801bd6ef928043a641aa58c91f4d6df7e8e526d68420a8
kernel-rt-debug-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 69ff291aec57a49893278c4ad4905f1201e3be3e9f24ae1ba884f61973ff119e
kernel-rt-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 38cc0054fde375c1a9d332c58592b9830fb9f846c9a682e31cda07965aae753c
kernel-rt-debuginfo-common-x86_64-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: d11051ecd45b1d9e030c9d8106b0d2b3b734f7af1ac6eb663813184b72e9007e
kernel-rt-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 0e773dc551326d98c4ca42cb4e05e552b48fb2c420a2fc6a3bc535773a232cfd
kernel-rt-doc-3.10.0-693.58.1.rt56.652.el6rt.noarch.rpm	SHA-256: fdd252676eb03c4b2723fe1d66cc8ca309de7a5e3ad7ab6bf81c42b7411509c2
kernel-rt-firmware-3.10.0-693.58.1.rt56.652.el6rt.noarch.rpm	SHA-256: bb606274a6c0e87cf4df2b3adabdde3f224edb45a5099b1118e380514aedb1ce
kernel-rt-trace-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 9557689d5d697cfa03191be6633d38d76d70e494bf1e8c6a23dd7abe47d017ae
kernel-rt-trace-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: db7b59256e65fb1bf1ba74789f406f5e5384f69a49804a9ca7505ab2345cc54a
kernel-rt-trace-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 6d347cc8e4855e9ebcfcbc79c7614eb6e32f9bac9133a3bcd5c5c0bbea57c9a9
kernel-rt-vanilla-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: d052d3583c4908a522ad83998c022de23d182ae2d196f3faf0f73512cb202965
kernel-rt-vanilla-debuginfo-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: a70a27a39b0b7ea765ef53a3c706862c6fa1dbeb6ed1dc6f5c05a32a71c89994
kernel-rt-vanilla-devel-3.10.0-693.58.1.rt56.652.el6rt.x86_64.rpm	SHA-256: 2c0df252ca53ba9913b76c89572bb16c47db819c64a3b605bfb2a968edcabac5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories