Issued:
2019-10-16
Updated:
2019-10-16

RHSA-2019:3089 - Security Advisory

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)
  • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
  • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
  • kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c
  • BZ - 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
  • BZ - 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
  • BZ - 1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c
  • BZ - 1748570 - kernel-rt: update to the RHEL7.7.z batch#2 source tree

CVEs

References

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.src.rpm SHA-256: d74c634fcd4f5cf9caa1df64239f3b475d21e0e59c0db7933456b5288b9883b4
x86_64
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: aedefef5c99f471ddf26155cce0157bc6e1609ec624f825ba3bba06c4c4dca12
kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 6427df14ac81d3ac3ca4137e0ef11bb6c81dc3acc49acd991a7a67cb440027b8
kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 1baf48b158709ae9a23a5d4047bb6449986548375a01c8caa7a1ac51041c6ca2
kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 04106f42736490757dbd0881382004a4bc13a2f5119b8c032c18ebb3630ff8c5
kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 9167f9a0439113d2d5b9812f7b96b92329a90d6c4a2c5a0c80317002fff32079
kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 3a861b90604c5b37d6d361312731a1739faad8136e9a6d8287d369bb7d2e49f2
kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 9e8dd65a439c79b4af3affd24bbf2503ad2daeb74ed052cb60e415d2d9a8e0c8
kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7.noarch.rpm SHA-256: abccf96add1b00f1939c459f7f517049d320887675b0e8c974e0088181b93019
kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 7f1dbca9405da2f55dedc21287044a59138c8e671429544018192f9228290bd7
kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 89565a8d46e082745420df98e6b65a78f569e53116e4562fa2084123f7f3d843
kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: c7b1365f4fca63ad73020ce8f4b445fb140c67cca240a7dbefb11c2339011041

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.src.rpm SHA-256: d74c634fcd4f5cf9caa1df64239f3b475d21e0e59c0db7933456b5288b9883b4
x86_64
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: aedefef5c99f471ddf26155cce0157bc6e1609ec624f825ba3bba06c4c4dca12
kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 6427df14ac81d3ac3ca4137e0ef11bb6c81dc3acc49acd991a7a67cb440027b8
kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 1baf48b158709ae9a23a5d4047bb6449986548375a01c8caa7a1ac51041c6ca2
kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 04106f42736490757dbd0881382004a4bc13a2f5119b8c032c18ebb3630ff8c5
kernel-rt-debug-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 6887b656e2442ac5708833881325b79adaa51516385cc27cad05d523bf7396ca
kernel-rt-debug-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 4744b4b41b4a2f39879e069346002fb6b9c093a09acbd358214839eadd7760c1
kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 9167f9a0439113d2d5b9812f7b96b92329a90d6c4a2c5a0c80317002fff32079
kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 3a861b90604c5b37d6d361312731a1739faad8136e9a6d8287d369bb7d2e49f2
kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 9e8dd65a439c79b4af3affd24bbf2503ad2daeb74ed052cb60e415d2d9a8e0c8
kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7.noarch.rpm SHA-256: abccf96add1b00f1939c459f7f517049d320887675b0e8c974e0088181b93019
kernel-rt-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: fd9ef5b1152ef2c191ae305accba41108ed3766dc6d43a6079984f59c86d6154
kernel-rt-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: ace2e2777e99b833e41779f2bf5897fdb2ca5987451c0b161385aadcb036f814
kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 7f1dbca9405da2f55dedc21287044a59138c8e671429544018192f9228290bd7
kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 89565a8d46e082745420df98e6b65a78f569e53116e4562fa2084123f7f3d843
kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: c7b1365f4fca63ad73020ce8f4b445fb140c67cca240a7dbefb11c2339011041
kernel-rt-trace-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 36299dc0ccff10aca37a74d1a4709925b7cf2a71e9dca019b3ba6a38f7c50885
kernel-rt-trace-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm SHA-256: 4b36cb8ec4ca7414d0ba53915e3c43b781a44d24330f05262bb007caa2c75899

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.