- Issued:
- 2019-09-23
- Updated:
- 2019-09-23
RHSA-2019:2862 - Security Advisory
Synopsis
Important: kernel-alt security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.13.1.el7a.src.rpm | SHA-256: f2565f317de2d9729af2e8d6d26a94a890135a06d8c3b3ae2b4788830a7056d4 |
| aarch64 | |
| kernel-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 705788b5acfadbc7f4d7695f41a6dcefe0703887ab7144ee35f2bdd5a96c5023 |
| kernel-abi-whitelists-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: dc16c46bd48e0b70c25d3bd08f1457867fdf7eec6577c2910ae474fe053ae339 |
| kernel-debug-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: f22170f48fddac21e11dafa31a29b2f112a75221b0ba12963861b0c49b8a0715 |
| kernel-debug-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 3569de5fb6dbe0ba7aae0afe799ae60d7a07f6d0574e7186b30020262f9a1154 |
| kernel-debug-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 3569de5fb6dbe0ba7aae0afe799ae60d7a07f6d0574e7186b30020262f9a1154 |
| kernel-debug-devel-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: a6312d66e916126c1b3af21221005e2165df6329386a78dc5a3e2d0c35c8d900 |
| kernel-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 89bd90f73953caea4e6249ada9410df93f4bbe6355206406e50e00cc83640ddb |
| kernel-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 89bd90f73953caea4e6249ada9410df93f4bbe6355206406e50e00cc83640ddb |
| kernel-debuginfo-common-aarch64-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 5d790685a4e876bac095e2d23eb785c8374387c6910ba16f3095c04588af635e |
| kernel-debuginfo-common-aarch64-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 5d790685a4e876bac095e2d23eb785c8374387c6910ba16f3095c04588af635e |
| kernel-devel-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 23581a1f679b91cb35578dcc15c8090ddce5948a3ee1c9e6e8d669f5a772877e |
| kernel-doc-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: b1236264bf0d2afa4dd07dd4caab4c4442a9c414a8be0484391c484b2018ff2a |
| kernel-doc-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: b1236264bf0d2afa4dd07dd4caab4c4442a9c414a8be0484391c484b2018ff2a |
| kernel-headers-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 64eb03824f3a183326da4932d3884c29eb6cf8796e6c8ed5548d98ba3069a6a9 |
| kernel-tools-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 1ea7a1e66783c82b9af20545bb844d717a3b1de85c9d3a6c7ca764b3676f357d |
| kernel-tools-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 9f299487dda080ff9c3fe44bcb5723dc76cb1ad8366aca733287bd2f26aae3f3 |
| kernel-tools-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 9f299487dda080ff9c3fe44bcb5723dc76cb1ad8366aca733287bd2f26aae3f3 |
| kernel-tools-libs-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 400fa6c9d60e9dbc706b09ac5f7f0c30f424e1151dbeec82555c297692668860 |
| kernel-tools-libs-devel-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 1485212681068e53136c9c3b85185e5704521715aef12f0ebe65ccfbf7f00006 |
| perf-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 8b32d611fb5a9d9ca04dd9acabe612202f00bcf13820f9ca605f652643c860b5 |
| perf-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 487c826fe6563b49f8e8ffcb010855699abbec6db2f5cb2ba4b231bc03e46394 |
| perf-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 487c826fe6563b49f8e8ffcb010855699abbec6db2f5cb2ba4b231bc03e46394 |
| python-perf-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 3b0953dac9e4fe046f12bbd01bf4a015ff20e5e65dbacb21478f755847f66a29 |
| python-perf-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 97538673541bbbb7e3c384ba42c284a3cb9e060b04c08ebfc969ec348460d4f2 |
| python-perf-debuginfo-4.14.0-115.13.1.el7a.aarch64.rpm | SHA-256: 97538673541bbbb7e3c384ba42c284a3cb9e060b04c08ebfc969ec348460d4f2 |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.13.1.el7a.src.rpm | SHA-256: f2565f317de2d9729af2e8d6d26a94a890135a06d8c3b3ae2b4788830a7056d4 |
| ppc64le | |
| kernel-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 49b7d3c312c2105d845d8f158427cc0088ec61832f1e4002ae2ae0290aad9dfe |
| kernel-abi-whitelists-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: dc16c46bd48e0b70c25d3bd08f1457867fdf7eec6577c2910ae474fe053ae339 |
| kernel-bootwrapper-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: e6fc468577bbd4f17e543e929cbd63122f48b60e28c5ff5e3f902de70dd65415 |
| kernel-debug-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 0f7833b1fa9f94064b19b74c148ac237afdb0cc64449f049d63113bf1a921450 |
| kernel-debug-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: cb84d9e805e668436b5f946cdf5707d9e5a134578f916966f6adfe1c5960cf5b |
| kernel-debug-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: cb84d9e805e668436b5f946cdf5707d9e5a134578f916966f6adfe1c5960cf5b |
| kernel-debug-devel-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 24c543c85ba7acbe12af150b4d4e44374aba7c98775afb599b63ffe2b445535a |
| kernel-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 1ebeda181848112ca2f645274420ac72c5736ec7011112c152dc9a719fef00d7 |
| kernel-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 1ebeda181848112ca2f645274420ac72c5736ec7011112c152dc9a719fef00d7 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: c3b0c5b3b5a1124f86c0acf4f12b91ccc3ac82f991ca913329dba957c69d57a9 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: c3b0c5b3b5a1124f86c0acf4f12b91ccc3ac82f991ca913329dba957c69d57a9 |
| kernel-devel-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 56f0337080a81e49c42850548f0c07edf57c251616eb5b5c05de1e0660a6ffef |
| kernel-doc-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: b1236264bf0d2afa4dd07dd4caab4c4442a9c414a8be0484391c484b2018ff2a |
| kernel-headers-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 98963e05d6045b6dd59404c821f3e80adf85722a311f3243867156286a51fba0 |
| kernel-tools-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 622ea9cbdef83123dfd61aa6abc19d1484bdd413fe136d89f31807515ece529b |
| kernel-tools-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 069caf1c669dd2e4565b99b1866fdf4c02e6c92832fcabae9c19bc99c3b60e3d |
| kernel-tools-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 069caf1c669dd2e4565b99b1866fdf4c02e6c92832fcabae9c19bc99c3b60e3d |
| kernel-tools-libs-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 0a0e48cf650a6f2f4e21e948009581bb742153b84e7e7fadd1e3646f061ada00 |
| kernel-tools-libs-devel-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 3b1a44a65734c0d19aead2f803438940c7e521f0c7db280f0479c6ff11d7e03e |
| perf-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 9616f66e9fdba38ebb6e8a3cd8397b23d6eacbee78a7e02bd6333eb7b5fa9bc9 |
| perf-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 3ae6c0043eb6b79e176fc6e41592d5c7d4603d7dfce22328be21fb26c93668f4 |
| perf-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 3ae6c0043eb6b79e176fc6e41592d5c7d4603d7dfce22328be21fb26c93668f4 |
| python-perf-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 45d5dd203ad8d8b5196a5f2b9a58779e144e687952fafa215053e716f4045374 |
| python-perf-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 0c7d757026619a7071b6caf6b0553eaae9e02d87dd2dafde98bf540f8536e823 |
| python-perf-debuginfo-4.14.0-115.13.1.el7a.ppc64le.rpm | SHA-256: 0c7d757026619a7071b6caf6b0553eaae9e02d87dd2dafde98bf540f8536e823 |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.13.1.el7a.src.rpm | SHA-256: f2565f317de2d9729af2e8d6d26a94a890135a06d8c3b3ae2b4788830a7056d4 |
| s390x | |
| kernel-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 0cc0957cdba5903897ec1309dc6af77a995d994f08fb0f922b78eece12c33a62 |
| kernel-abi-whitelists-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: dc16c46bd48e0b70c25d3bd08f1457867fdf7eec6577c2910ae474fe053ae339 |
| kernel-debug-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: a9f9aebafc6c3378dd3c154d498b8a422566b86e7db2423b60ae09b39645f7f2 |
| kernel-debug-debuginfo-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 8c9a6d243286538291f53a2f6a42d6ca6f9ab88288ec53beeca78bda9f2b576f |
| kernel-debug-devel-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: e38053e01e548ac8bdbeb3f0e19a96cb47d1eb081ca0b30e125c669c0d0b96fe |
| kernel-debuginfo-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 8ef407184866101cd331111e4b17e0e322d99ae655d204233be411e56d0f8ecc |
| kernel-debuginfo-common-s390x-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 7c2a394cf1e6dce261c0559295295875174f0dc7f52c4ae7e1e9eebb79a48977 |
| kernel-devel-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 67cfa1f2809beb3b83f56d0cf1ce241c607068285bc7bd667812d520ac1dd1d6 |
| kernel-doc-4.14.0-115.13.1.el7a.noarch.rpm | SHA-256: b1236264bf0d2afa4dd07dd4caab4c4442a9c414a8be0484391c484b2018ff2a |
| kernel-headers-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 987b2444ddd644e2921082b709b9a221c3ab731c96be81a8c9ec122413ca45cf |
| kernel-kdump-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: bbfea86cf40c88fb119761742e4000ca617b0277d54c12983ec1b0407bca7f56 |
| kernel-kdump-debuginfo-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 2e949cc516a2573aa27390310cde0004d1423b226f1298e6c903d6161405d9ff |
| kernel-kdump-devel-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: ac0700ed8e3e61aa9a21921a83bd0a18ee0cabcae5218d989c81a8b2da93f14f |
| perf-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 61d3bd8f5c85364411934bd0b9d3c2c51428acbcb163903e70535bbed1d8e859 |
| perf-debuginfo-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: df78da54e9e4a43130c6905060075764dbceeff99bddf55fc4664d8cbe70ffca |
| python-perf-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: 65b551e2706dc56748b6a7054e616554e70cab22c847a088eb011928d5136f73 |
| python-perf-debuginfo-4.14.0-115.13.1.el7a.s390x.rpm | SHA-256: b4b56786a38525565bc81d126fd893d9d873ce81639f9ec9dba4336ead90b704 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.