Red Hat Product Errata RHSA-2019:4058 - Security Advisory

Issued:: 2019-12-03
Updated:: 2019-12-03

RHSA-2019:4058 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)
Kernel: page cache side channel attacks (CVE-2019-5489)
Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)
kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661)
kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service (CVE-2017-18208)
kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

[LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1748234)
kmem, memcg: system crash due to cache destruction race (BZ#1754829)
kernel build: parallelize redhat/mod-sign.sh (BZ#1755327)
kernel build: speed up module compression step (BZ#1755336)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Red Hat Enterprise Linux Server - TUS 7.4 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64

Fixes

BZ - 1481136 - CVE-2017-10661 kernel: Handling of might_cancel queueing is not properly pretected against race
BZ - 1551565 - CVE-2017-18208 kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service
BZ - 1664110 - CVE-2019-5489 Kernel: page cache side channel attacks
BZ - 1671904 - CVE-2019-7221 Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
BZ - 1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS
BZ - 1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
kernel-3.10.0-693.61.1.el7.src.rpm	SHA-256: 1a9f8c1cb6fab79c7e9351875cf81ed93c6a5d815f64669389d558cc86680e5b
x86_64
kernel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: af984b72f13f953eda9e24588dd89d5afc86ed0db288663f1a3e23ee4ab0d94f
kernel-abi-whitelists-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: ac906ddf41531201adeea4a77dd01ce78b96a8677688ce7ae1b40d033ec6c762
kernel-debug-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d29634202ea3b17b8199a982ce36997d136b746ed86115aa303f0497d9c580dc
kernel-debug-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: b90114e93abadce636c8201db2632fee4be756ec67ad7f9eb890f35c8cd2b2e8
kernel-debug-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: b90114e93abadce636c8201db2632fee4be756ec67ad7f9eb890f35c8cd2b2e8
kernel-debug-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 8d539d59136e939839b0081cddda600b02983d7f8ea418e404a2f9bbbd99b788
kernel-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 9be1ef6bc52b4919de3bddf3d110a3393ffd0299f7605e7f087a7c88688cdac1
kernel-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 9be1ef6bc52b4919de3bddf3d110a3393ffd0299f7605e7f087a7c88688cdac1
kernel-debuginfo-common-x86_64-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: a6b2536bc0450103a9be6606c1667da9b2e7ca818e73ab9cb76a68176c8380d2
kernel-debuginfo-common-x86_64-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: a6b2536bc0450103a9be6606c1667da9b2e7ca818e73ab9cb76a68176c8380d2
kernel-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 5ec8d4123319e1b267386533a2c585271d18d9d141c25f9dce5f4b6bed222b1a
kernel-doc-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: 04720cc8aa464061be1609490245638d2e7a5c7a0da60c232a2eed6fd21d828c
kernel-headers-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: ae0c3d354e44a96ef9189d8a10a7247f0ab772bd9a02bb9a80fe7194f48130fb
kernel-tools-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 63914d8e77cd715a6fabdfd960e0213604073dedee8e12a685ae1e4dab17716f
kernel-tools-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: e7035a6869872f4ddb815c058047d38e3a162788d6cddac9dedcc5faf29cf7c1
kernel-tools-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: e7035a6869872f4ddb815c058047d38e3a162788d6cddac9dedcc5faf29cf7c1
kernel-tools-libs-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: c86c677de43df0e02f18f5230fd1dc3082576a6b248b851167598d8aab969893
kernel-tools-libs-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 91ebe22393504e5e5aaceb1d8d3d49bc628b242234c84a62f766f51310291f62
perf-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 6eb188bd285466c0c3a22d91cebb255999bbd80b536925f86909995b1c19856c
perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d70614190795cadd87bae4f6db79b19d000c14ff790b08ab41ae2d69990007cb
perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d70614190795cadd87bae4f6db79b19d000c14ff790b08ab41ae2d69990007cb
python-perf-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 2261ed6667d5d8bf9cf4e93504fd0be772e6406aa027bf3390ad0a9c433556f0
python-perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 02cfad4667df9932332cb9acbcbf72ee170a89ecdca40bf31aea6ac91c63ccc2
python-perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 02cfad4667df9932332cb9acbcbf72ee170a89ecdca40bf31aea6ac91c63ccc2

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
kernel-3.10.0-693.61.1.el7.src.rpm	SHA-256: 1a9f8c1cb6fab79c7e9351875cf81ed93c6a5d815f64669389d558cc86680e5b
x86_64
kernel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: af984b72f13f953eda9e24588dd89d5afc86ed0db288663f1a3e23ee4ab0d94f
kernel-abi-whitelists-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: ac906ddf41531201adeea4a77dd01ce78b96a8677688ce7ae1b40d033ec6c762
kernel-debug-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d29634202ea3b17b8199a982ce36997d136b746ed86115aa303f0497d9c580dc
kernel-debug-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: b90114e93abadce636c8201db2632fee4be756ec67ad7f9eb890f35c8cd2b2e8
kernel-debug-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: b90114e93abadce636c8201db2632fee4be756ec67ad7f9eb890f35c8cd2b2e8
kernel-debug-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 8d539d59136e939839b0081cddda600b02983d7f8ea418e404a2f9bbbd99b788
kernel-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 9be1ef6bc52b4919de3bddf3d110a3393ffd0299f7605e7f087a7c88688cdac1
kernel-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 9be1ef6bc52b4919de3bddf3d110a3393ffd0299f7605e7f087a7c88688cdac1
kernel-debuginfo-common-x86_64-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: a6b2536bc0450103a9be6606c1667da9b2e7ca818e73ab9cb76a68176c8380d2
kernel-debuginfo-common-x86_64-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: a6b2536bc0450103a9be6606c1667da9b2e7ca818e73ab9cb76a68176c8380d2
kernel-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 5ec8d4123319e1b267386533a2c585271d18d9d141c25f9dce5f4b6bed222b1a
kernel-doc-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: 04720cc8aa464061be1609490245638d2e7a5c7a0da60c232a2eed6fd21d828c
kernel-headers-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: ae0c3d354e44a96ef9189d8a10a7247f0ab772bd9a02bb9a80fe7194f48130fb
kernel-tools-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 63914d8e77cd715a6fabdfd960e0213604073dedee8e12a685ae1e4dab17716f
kernel-tools-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: e7035a6869872f4ddb815c058047d38e3a162788d6cddac9dedcc5faf29cf7c1
kernel-tools-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: e7035a6869872f4ddb815c058047d38e3a162788d6cddac9dedcc5faf29cf7c1
kernel-tools-libs-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: c86c677de43df0e02f18f5230fd1dc3082576a6b248b851167598d8aab969893
kernel-tools-libs-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 91ebe22393504e5e5aaceb1d8d3d49bc628b242234c84a62f766f51310291f62
perf-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 6eb188bd285466c0c3a22d91cebb255999bbd80b536925f86909995b1c19856c
perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d70614190795cadd87bae4f6db79b19d000c14ff790b08ab41ae2d69990007cb
perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d70614190795cadd87bae4f6db79b19d000c14ff790b08ab41ae2d69990007cb
python-perf-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 2261ed6667d5d8bf9cf4e93504fd0be772e6406aa027bf3390ad0a9c433556f0
python-perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 02cfad4667df9932332cb9acbcbf72ee170a89ecdca40bf31aea6ac91c63ccc2
python-perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 02cfad4667df9932332cb9acbcbf72ee170a89ecdca40bf31aea6ac91c63ccc2

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4

SRPM
kernel-3.10.0-693.61.1.el7.src.rpm	SHA-256: 1a9f8c1cb6fab79c7e9351875cf81ed93c6a5d815f64669389d558cc86680e5b
ppc64le
kernel-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 5cde3fe57f9de5ef805399d4a7418b97c68068a59e9bf1e1ca84e16463d25d26
kernel-abi-whitelists-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: ac906ddf41531201adeea4a77dd01ce78b96a8677688ce7ae1b40d033ec6c762
kernel-bootwrapper-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: ed0a6bdd7a030eca99b7d1417d215550d45fd66a55af2fec14c57b86bcc4012c
kernel-debug-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 74357b3a34ce26c0ed2b1bac69020ae5e5462de2cd9f7d9126a7511df898bcd4
kernel-debug-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: c78b1c72614eca3c3e9f3026ca0d9d3adc202218142212459102795132063372
kernel-debug-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: c78b1c72614eca3c3e9f3026ca0d9d3adc202218142212459102795132063372
kernel-debug-devel-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: d72b37bffdc79e9243accc386e68511ef9a5e3de0e442ccb5f9747aed2a1ad22
kernel-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: a90d7b77372a03dddb579ce209815734f4a6c8a65621421bb2acab10f0b1e9b6
kernel-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: a90d7b77372a03dddb579ce209815734f4a6c8a65621421bb2acab10f0b1e9b6
kernel-debuginfo-common-ppc64le-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 37d1033f21a7ddd321b84ebd41c0dd8b8706bf5ffb83debd8046cf58adf03062
kernel-debuginfo-common-ppc64le-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 37d1033f21a7ddd321b84ebd41c0dd8b8706bf5ffb83debd8046cf58adf03062
kernel-devel-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: d0429fc533c6d134ee12c186c0dbc5a9b27468d114e039280c8ca2c5a3234db1
kernel-doc-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: 04720cc8aa464061be1609490245638d2e7a5c7a0da60c232a2eed6fd21d828c
kernel-headers-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 93be53e3f2ca3d6853b0a0083b7192acc02a083e96900678b639de2ee542e770
kernel-tools-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 48f988c6f557b0c8b361c52e71a21cd40884cb6cb8a635c319c07d42ccd26f7b
kernel-tools-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: b0889bcf7518295863fa6bf2117323ead61020a08185fd631f201c9277ff4e8a
kernel-tools-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: b0889bcf7518295863fa6bf2117323ead61020a08185fd631f201c9277ff4e8a
kernel-tools-libs-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: a61e6929a8815474c2a390151ae61e97d84ab8673bbbaa16bf11544fbc6ca658
kernel-tools-libs-devel-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: e3a4e7204157dbcf9483690050542336366832a5c5bfa0d020734c5a6837cdaf
perf-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 200e86713103bcf6775f34b9ddbab200f4306e43f69c1db5fe1a96dd3276b4d7
perf-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 0a2822ee2311169a427b82f20944248c6ef2db7eaa1b786e9088361fdfea36d8
perf-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 0a2822ee2311169a427b82f20944248c6ef2db7eaa1b786e9088361fdfea36d8
python-perf-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 531f695346aa779e7c1d9c02ebb9c7538b85accd24a84ecdb8e4c259825827a2
python-perf-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 48a0068e369344d25b6e6734dccaf0e10964004836434904f83dd6361cd560ff
python-perf-debuginfo-3.10.0-693.61.1.el7.ppc64le.rpm	SHA-256: 48a0068e369344d25b6e6734dccaf0e10964004836434904f83dd6361cd560ff

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4

SRPM
kernel-3.10.0-693.61.1.el7.src.rpm	SHA-256: 1a9f8c1cb6fab79c7e9351875cf81ed93c6a5d815f64669389d558cc86680e5b
x86_64
kernel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: af984b72f13f953eda9e24588dd89d5afc86ed0db288663f1a3e23ee4ab0d94f
kernel-abi-whitelists-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: ac906ddf41531201adeea4a77dd01ce78b96a8677688ce7ae1b40d033ec6c762
kernel-debug-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d29634202ea3b17b8199a982ce36997d136b746ed86115aa303f0497d9c580dc
kernel-debug-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: b90114e93abadce636c8201db2632fee4be756ec67ad7f9eb890f35c8cd2b2e8
kernel-debug-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: b90114e93abadce636c8201db2632fee4be756ec67ad7f9eb890f35c8cd2b2e8
kernel-debug-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 8d539d59136e939839b0081cddda600b02983d7f8ea418e404a2f9bbbd99b788
kernel-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 9be1ef6bc52b4919de3bddf3d110a3393ffd0299f7605e7f087a7c88688cdac1
kernel-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 9be1ef6bc52b4919de3bddf3d110a3393ffd0299f7605e7f087a7c88688cdac1
kernel-debuginfo-common-x86_64-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: a6b2536bc0450103a9be6606c1667da9b2e7ca818e73ab9cb76a68176c8380d2
kernel-debuginfo-common-x86_64-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: a6b2536bc0450103a9be6606c1667da9b2e7ca818e73ab9cb76a68176c8380d2
kernel-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 5ec8d4123319e1b267386533a2c585271d18d9d141c25f9dce5f4b6bed222b1a
kernel-doc-3.10.0-693.61.1.el7.noarch.rpm	SHA-256: 04720cc8aa464061be1609490245638d2e7a5c7a0da60c232a2eed6fd21d828c
kernel-headers-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: ae0c3d354e44a96ef9189d8a10a7247f0ab772bd9a02bb9a80fe7194f48130fb
kernel-tools-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 63914d8e77cd715a6fabdfd960e0213604073dedee8e12a685ae1e4dab17716f
kernel-tools-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: e7035a6869872f4ddb815c058047d38e3a162788d6cddac9dedcc5faf29cf7c1
kernel-tools-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: e7035a6869872f4ddb815c058047d38e3a162788d6cddac9dedcc5faf29cf7c1
kernel-tools-libs-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: c86c677de43df0e02f18f5230fd1dc3082576a6b248b851167598d8aab969893
kernel-tools-libs-devel-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 91ebe22393504e5e5aaceb1d8d3d49bc628b242234c84a62f766f51310291f62
perf-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 6eb188bd285466c0c3a22d91cebb255999bbd80b536925f86909995b1c19856c
perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d70614190795cadd87bae4f6db79b19d000c14ff790b08ab41ae2d69990007cb
perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: d70614190795cadd87bae4f6db79b19d000c14ff790b08ab41ae2d69990007cb
python-perf-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 2261ed6667d5d8bf9cf4e93504fd0be772e6406aa027bf3390ad0a9c433556f0
python-perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 02cfad4667df9932332cb9acbcbf72ee170a89ecdca40bf31aea6ac91c63ccc2
python-perf-debuginfo-3.10.0-693.61.1.el7.x86_64.rpm	SHA-256: 02cfad4667df9932332cb9acbcbf72ee170a89ecdca40bf31aea6ac91c63ccc2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories