- Issued:
- 2019-10-29
- Updated:
- 2019-10-29
RHSA-2019:3217 - Security Advisory
Synopsis
Important: kernel-alt security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902)
- kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)
- kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)
- hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
- kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel modules pkey and paes_s390 are not available (BZ#1719192)
- pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ#1720621)
- System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ#1737563)
- kernel: jump label transformation performance (BZ#1739143)
- Backport i40e MDD detection removal for PFs (BZ#1747618)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1590720 - CVE-2018-10902 kernel: MIDI driver race condition leads to a double-free
- BZ - 1701224 - CVE-2019-9500 kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results
- BZ - 1709164 - CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
- BZ - 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
- BZ - 1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c
CVEs
References
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.14.1.el7a.src.rpm | SHA-256: a4584912568a9c91676657700f69371e8c190beaf1b1425bd54539e3ba0e218b |
| aarch64 | |
| kernel-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 107720d7946ff4ba46ac47230709923962ce6ca14711c0ac44e1b31f059f6108 |
| kernel-abi-whitelists-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 8d520279ec31acb60878f07b0e9531d66199516e7cfb61994f7c856095c3cd8b |
| kernel-debug-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 3523847d49bc6881315279ba82d26d1497abfda84cf7cb14d5200db8d576e383 |
| kernel-debug-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 6713ca50eed8a41a4cfa14a9a9300201be3da1fd8f77428bfabed708fe69234f |
| kernel-debug-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 6713ca50eed8a41a4cfa14a9a9300201be3da1fd8f77428bfabed708fe69234f |
| kernel-debug-devel-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: e81f34d57632f5be9d52f965bed1fbd95e84c027d4157864c90834ecd6f7d391 |
| kernel-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: dceab33b28412719b28962d5f6cec8c6c43cf131abaeacf21011cacb604ea216 |
| kernel-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: dceab33b28412719b28962d5f6cec8c6c43cf131abaeacf21011cacb604ea216 |
| kernel-debuginfo-common-aarch64-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: e3ca1ec1ebf74b3f4df1b82ccd1d756e67406562e914c9b6752b8d702b6378de |
| kernel-debuginfo-common-aarch64-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: e3ca1ec1ebf74b3f4df1b82ccd1d756e67406562e914c9b6752b8d702b6378de |
| kernel-devel-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: a5b7ccbb3a6aeaa712277f97e3bf04bf8244e224f9dc8046c65a1952274b363a |
| kernel-doc-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 9a221f17fe0bad520d242619b0b98beaf4436c294bd5c4cf4766e09c49123875 |
| kernel-doc-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 9a221f17fe0bad520d242619b0b98beaf4436c294bd5c4cf4766e09c49123875 |
| kernel-headers-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 280803dee1e867fcd9e7be1efccdb404f3b0615abbccd3efd60c1f309154248c |
| kernel-tools-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 06fa20f257590fc508a2a476f1d841967d8413b3e567b6c55410671b64b6016b |
| kernel-tools-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: c3b7b7a9f47d75498067ffcda719758866cead17c1ff42dd64430dd80e3b4eb4 |
| kernel-tools-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: c3b7b7a9f47d75498067ffcda719758866cead17c1ff42dd64430dd80e3b4eb4 |
| kernel-tools-libs-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 1032a93f5017a70e2fe07487adf412a61e79ea5b2da7ea2fd12a159179ea57f7 |
| kernel-tools-libs-devel-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 614ceb4d9b94f68c2cc67e6db31060f476a5ef242d7c91a391e494934e568fb2 |
| perf-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 886bbd3d9943bec8efafdcdeff9e026b0dd9caf48daa35bad8b8f125ddebb251 |
| perf-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: e9f8f2168d7bb9b466c2dcb86e91fbb335abadaaec19a7d64adc2b2f2e32d429 |
| perf-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: e9f8f2168d7bb9b466c2dcb86e91fbb335abadaaec19a7d64adc2b2f2e32d429 |
| python-perf-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: 7a5b30b69c229e002cde6e91f95c8e7fd0c050b319122d1b4f37999a13a37686 |
| python-perf-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: ca205a97e61b8114f12a35ee85dc995afc028654fe1b3e1824936547ea31a529 |
| python-perf-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm | SHA-256: ca205a97e61b8114f12a35ee85dc995afc028654fe1b3e1824936547ea31a529 |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.14.1.el7a.src.rpm | SHA-256: a4584912568a9c91676657700f69371e8c190beaf1b1425bd54539e3ba0e218b |
| ppc64le | |
| kernel-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: d87145d3652abcc5315ac6433d3a6ed06f4bf00872df5d2ddb9de386b7f9e35e |
| kernel-abi-whitelists-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 8d520279ec31acb60878f07b0e9531d66199516e7cfb61994f7c856095c3cd8b |
| kernel-bootwrapper-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 45e8bd329d790e732326e041624af5d15e966488a379f0ea694d9021e0d52f76 |
| kernel-debug-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 6b2f397630aefeeb26e13f886ed061e015ff4432993a65e67e3358d8515897d2 |
| kernel-debug-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 528cc59ed73a40c5bc33f5f271c5f6f5aed45986e8a5ca99a3bccf0e85932ade |
| kernel-debug-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 528cc59ed73a40c5bc33f5f271c5f6f5aed45986e8a5ca99a3bccf0e85932ade |
| kernel-debug-devel-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 796697ead69f30f8a8fa0c898ce93b64caf1085941f5edb4b84ec77f74917ab7 |
| kernel-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: ed84b5eb3b2330510ea0982b4cf0fee94ca5c8ea1272378d5f63b3393c3d90d8 |
| kernel-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: ed84b5eb3b2330510ea0982b4cf0fee94ca5c8ea1272378d5f63b3393c3d90d8 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: b92e05cbb187a9c5a5f2829542cd3e91a0d31590057689000f10a4e708510639 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: b92e05cbb187a9c5a5f2829542cd3e91a0d31590057689000f10a4e708510639 |
| kernel-devel-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 623fb6ee0cb403ce2a1512c69efb71fafff0cfb68554a5f697171455459861ac |
| kernel-doc-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 9a221f17fe0bad520d242619b0b98beaf4436c294bd5c4cf4766e09c49123875 |
| kernel-headers-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: e950dd4b4062a039dc33b61dd202f24b0d38d6470bdacb2c86a579f826b13d2d |
| kernel-tools-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: edd5d5b611fc783466b9e4d58ba0f8bf4426f88176247d2af0667d8ecccdb68b |
| kernel-tools-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 8a2f5a8c80f25bdcfe5b1e620c75dba1b6dc91151088fc21e1bb934a8090047f |
| kernel-tools-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 8a2f5a8c80f25bdcfe5b1e620c75dba1b6dc91151088fc21e1bb934a8090047f |
| kernel-tools-libs-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: a2a1f2956d276e6ea24d44cded68747310c2dc8db726b7a2b2e4376fa21e52d2 |
| kernel-tools-libs-devel-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: aae21cdab106c731715a2e3396ac2d85aa9ae6795fab568081643a9b55631a33 |
| perf-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: f76fa2e35d86d244edd28603b6d92905b36c3f73bc2e0e31aaf5c6bab7a7d03f |
| perf-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 158c9a697b596f24ab312c0e5d1f80d1512fdc480d482a002a4c4216b309221d |
| perf-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 158c9a697b596f24ab312c0e5d1f80d1512fdc480d482a002a4c4216b309221d |
| python-perf-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 10584562e67eebf1d0ee38664acbd89169658475f78f2529bd67059cdaa6de13 |
| python-perf-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 649551ff87c72de94ecf96e9114c046f359281302d046a775155c7ff6156b813 |
| python-perf-debuginfo-4.14.0-115.14.1.el7a.ppc64le.rpm | SHA-256: 649551ff87c72de94ecf96e9114c046f359281302d046a775155c7ff6156b813 |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.14.1.el7a.src.rpm | SHA-256: a4584912568a9c91676657700f69371e8c190beaf1b1425bd54539e3ba0e218b |
| s390x | |
| kernel-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: c7bc1058358ec71e05931d166924a80c0b197726dda47f74a231e0e431700f28 |
| kernel-abi-whitelists-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 8d520279ec31acb60878f07b0e9531d66199516e7cfb61994f7c856095c3cd8b |
| kernel-debug-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 36dc3d06f90bb03f47edd0dd2ff4cfd49a62bd2e301e5357bf0b44960ae8254e |
| kernel-debug-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 8f5deecec75a7842852d68f8a721428e5bdc94a1d71208145cf3b06a76432d5b |
| kernel-debug-devel-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 8a04f675d5cfb498a4d8c40e0d760161dd6033f76daae3246b4ee0ff39d566a9 |
| kernel-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: c03becda32c4f6737d13871879c6069a79140e85dc810e0477f906bb5295aaab |
| kernel-debuginfo-common-s390x-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 380c35c4523759e65aa27366574205123cfce225fb37088425ae24caaee41c04 |
| kernel-devel-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: dc55d07aa21992bb0ac6329bdd78d565f1c92253f3d93a6fbc49344967e2b7cd |
| kernel-doc-4.14.0-115.14.1.el7a.noarch.rpm | SHA-256: 9a221f17fe0bad520d242619b0b98beaf4436c294bd5c4cf4766e09c49123875 |
| kernel-headers-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: e0839a5090aa84d1ec1644c65f813d2787f7b3f041201a02259784ba2d27015c |
| kernel-kdump-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 61608ab5dea5865f0927af3fc57dc8e762e311ec626398b403c2e9e016e17d50 |
| kernel-kdump-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 937bdd43dbe2e7218591803e0e2a6ed336f8349914a604e606bfa44fa353e670 |
| kernel-kdump-devel-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: 4a544a8c325d06dd992977096962cd8f6666917bcfdc3ef4519a50fb966e4471 |
| perf-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: d2ad9c600a10a3703b7fd606a6bfdd8feb50487dfeed6feb38d3114903997dee |
| perf-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: e2c71f3899143f9c5dc15aa37ee7cb232f5d51ba8ed3273e2db113cb3d9bbc47 |
| python-perf-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: bd2b1399219868296201ecd757f34688f60010493ee4acb76d25a00a88b29dbb |
| python-perf-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm | SHA-256: d52d1c895524c4e1c5c2faad098bc0fb52061c022594061918e46f9d711b6782 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.