Red Hat Product Errata RHSA-2019:2869 - Security Advisory

Issued:: 2019-09-23
Updated:: 2019-09-23

RHSA-2019:2869 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)

Bug Fix(es):

fragmented packets timing out (BZ#1741131)
Backport TCP follow-up for small buffers (BZ#1741143)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 6.6 x86_64

Fixes

BZ - 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration

CVEs

CVE-2019-14835

References

https://access.redhat.com/security/updates/classification/#important

https://access.redhat.com/security/vulnerabilities/kernel-vhost

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 6.6

SRPM
kernel-2.6.32-504.81.2.el6.src.rpm	SHA-256: 0caddfb88800d0e979d04cc92ada2bd2cdfafb60377ad29f2075d36087749caf
x86_64
kernel-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 5cad2938ef421e55ae72cd2d5d2b2756646bab3797b57e68402a5fa295000712
kernel-abi-whitelists-2.6.32-504.81.2.el6.noarch.rpm	SHA-256: 46fcc7582e7e332147d985b85d5d2bea58b89e3a69ad0c09e16d10cbad0c92cd
kernel-debug-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 55b6aad4959553c4a801e4651cd4813d36d8e00ae066502ee53fbc0a2e720c8d
kernel-debug-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 88dc97e603b6afe8b9275dcb4dd9965dda3dba7434f91d2a950e9183ea53e973
kernel-debug-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 88dc97e603b6afe8b9275dcb4dd9965dda3dba7434f91d2a950e9183ea53e973
kernel-debug-devel-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 81cb4129b55dd7c73c81bdae09605967e1897e29058e98bafd1b1421eed2c3ef
kernel-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 91a435622306c8c63c2b9a76c10988f915d6b4868a0bba8a103a92b3831d52a1
kernel-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 91a435622306c8c63c2b9a76c10988f915d6b4868a0bba8a103a92b3831d52a1
kernel-debuginfo-common-x86_64-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 208f2e6feb6298917ef0c540e25a77be47f5047b3aff584a3d6ba72c02a58e08
kernel-debuginfo-common-x86_64-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 208f2e6feb6298917ef0c540e25a77be47f5047b3aff584a3d6ba72c02a58e08
kernel-devel-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 9ab26be45c51dafd09a53f3ebe2d2fed38e20758759c700e70e19e3b3fcbd589
kernel-doc-2.6.32-504.81.2.el6.noarch.rpm	SHA-256: 7526f0fe65846c715fc990a2cd5da22c0acf80071698d40fc76694fc4cb06930
kernel-firmware-2.6.32-504.81.2.el6.noarch.rpm	SHA-256: eaa7922432f8981d798d3287678a4f4801f1ec696817cb66d7d0f9787525064e
kernel-headers-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 9e91057151f909bc83a7c763b6ca29e960ccfe0ff0723aaa14abbe353645c54f
perf-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 0994dfdb8bf7c0c1ae9a3efb74a5fdc4269531b2068813109e52d9644624d4ea
perf-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 8e1c75bd810cde6654929c66dedd116bb0f43dc35e2833253d0404e4f67226ab
perf-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 8e1c75bd810cde6654929c66dedd116bb0f43dc35e2833253d0404e4f67226ab
python-perf-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 7c4fdb5ea4669edbdbad92a99f3b6b1cc5820b5d678b1aae5a26e72a132e57a9
python-perf-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 5b58dbefa744ac25e67dda15cba69653eb1437c66c21c5b71f70a880bfa000bf
python-perf-debuginfo-2.6.32-504.81.2.el6.x86_64.rpm	SHA-256: 5b58dbefa744ac25e67dda15cba69653eb1437c66c21c5b71f70a880bfa000bf

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories