Red Hat Product Errata RHSA-2019:4164 - Security Advisory

Issued:: 2019-12-10
Updated:: 2019-12-10

RHSA-2019:4164 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)
kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)
Kernel: page cache side channel attacks (CVE-2019-5489)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

kernel build: parallelize redhat/mod-sign.sh (BZ#1755325)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 7.2 x86_64
Red Hat Enterprise Linux Server - TUS 7.2 x86_64
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.2 x86_64

Fixes

BZ - 1599161 - CVE-2018-13405 kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members
BZ - 1655904 - CVE-2018-9568 kernel: Memory corruption due to incorrect socket cloning
BZ - 1664110 - CVE-2019-5489 Kernel: page cache side channel attacks

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
kernel-3.10.0-327.83.1.el7.src.rpm	SHA-256: 8ddb7b4fa99a1f2da65b08bf24b10e9a9555fc8356a2d85139bdcde3bf2d27a9
x86_64
kernel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 2cc20733dce606d76754b0ec7cb6d293e84ba0eda70900e62c5e5972a1a8310a
kernel-abi-whitelists-3.10.0-327.83.1.el7.noarch.rpm	SHA-256: 2757a2a34f43f13814a86fd1f74415a7779f0897bd12948fe6ebe613c6f84cd8
kernel-debug-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: d9f9e1b8afa24a973375ee816d7e3b2b1bdea6e54a1ae0bb828e12b396187df9
kernel-debug-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 295d241a3778b3b0314cc8b02c1e31775bbc671abeab6a7d01d69a2943505b48
kernel-debug-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 295d241a3778b3b0314cc8b02c1e31775bbc671abeab6a7d01d69a2943505b48
kernel-debug-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 7ef606d32a9c5b9125d0ac31b939a52c1539d76a97796ef3227dd450a68fe37e
kernel-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 53cbf30d9e3b212f39f7855b22279b2428c5b7c30fe03ebab174518af013f095
kernel-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 53cbf30d9e3b212f39f7855b22279b2428c5b7c30fe03ebab174518af013f095
kernel-debuginfo-common-x86_64-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 3876e3d1ac70578afa3ab417c82183ce3f38c95e114ef2b3d77c7a9a9c649ba1
kernel-debuginfo-common-x86_64-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 3876e3d1ac70578afa3ab417c82183ce3f38c95e114ef2b3d77c7a9a9c649ba1
kernel-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 105300cd8169c531319cc8c43bf126c5be2ffc6ac72d67eb9bf35705008f7d7c
kernel-doc-3.10.0-327.83.1.el7.noarch.rpm	SHA-256: 9237974662a9b9cf396f785b969e1398b8d345622a6eec1c1ddeb143d59e1808
kernel-headers-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: c604826546ae7b1601e55602cf8ff6e3e99bb961212fbee0f9fc46630dce363c
kernel-tools-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 494e70765d1889473be3594ff99b4f30a9fb344d31caf9184bd2944a070b815b
kernel-tools-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: e18a90a5aa332c0f5b3cddcb52b1dfc707ea405ac6550b942c37aa33bd4ba444
kernel-tools-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: e18a90a5aa332c0f5b3cddcb52b1dfc707ea405ac6550b942c37aa33bd4ba444
kernel-tools-libs-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 737e98affe9520d076f6c9b2907686980e01c01478906b1d370715530507b4f3
kernel-tools-libs-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 2de701397ff52145a1f8ec76886ca8f51cd0e71372d046c92404e378b35c6124
perf-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 427b0b59abbe09978ce40129da4342012b05151213a7271d1bb142c72b962252
perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: fa664b3450dd6638a4b608a92c4f5a1a1a7fc0b47436f0e1023921cba894dab3
perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: fa664b3450dd6638a4b608a92c4f5a1a1a7fc0b47436f0e1023921cba894dab3
python-perf-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 9f3be6f72d141a7fada1b5a6a0a23b3040ce12831dc0c1b9a209dcf7f955f901
python-perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 8848e1193f898bc87dc37ef4842f5f960f69935a746428149b18366052c2431e
python-perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 8848e1193f898bc87dc37ef4842f5f960f69935a746428149b18366052c2431e

Red Hat Enterprise Linux Server - TUS 7.2

SRPM
kernel-3.10.0-327.83.1.el7.src.rpm	SHA-256: 8ddb7b4fa99a1f2da65b08bf24b10e9a9555fc8356a2d85139bdcde3bf2d27a9
x86_64
kernel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 2cc20733dce606d76754b0ec7cb6d293e84ba0eda70900e62c5e5972a1a8310a
kernel-abi-whitelists-3.10.0-327.83.1.el7.noarch.rpm	SHA-256: 2757a2a34f43f13814a86fd1f74415a7779f0897bd12948fe6ebe613c6f84cd8
kernel-debug-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: d9f9e1b8afa24a973375ee816d7e3b2b1bdea6e54a1ae0bb828e12b396187df9
kernel-debug-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 295d241a3778b3b0314cc8b02c1e31775bbc671abeab6a7d01d69a2943505b48
kernel-debug-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 295d241a3778b3b0314cc8b02c1e31775bbc671abeab6a7d01d69a2943505b48
kernel-debug-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 7ef606d32a9c5b9125d0ac31b939a52c1539d76a97796ef3227dd450a68fe37e
kernel-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 53cbf30d9e3b212f39f7855b22279b2428c5b7c30fe03ebab174518af013f095
kernel-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 53cbf30d9e3b212f39f7855b22279b2428c5b7c30fe03ebab174518af013f095
kernel-debuginfo-common-x86_64-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 3876e3d1ac70578afa3ab417c82183ce3f38c95e114ef2b3d77c7a9a9c649ba1
kernel-debuginfo-common-x86_64-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 3876e3d1ac70578afa3ab417c82183ce3f38c95e114ef2b3d77c7a9a9c649ba1
kernel-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 105300cd8169c531319cc8c43bf126c5be2ffc6ac72d67eb9bf35705008f7d7c
kernel-doc-3.10.0-327.83.1.el7.noarch.rpm	SHA-256: 9237974662a9b9cf396f785b969e1398b8d345622a6eec1c1ddeb143d59e1808
kernel-headers-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: c604826546ae7b1601e55602cf8ff6e3e99bb961212fbee0f9fc46630dce363c
kernel-tools-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 494e70765d1889473be3594ff99b4f30a9fb344d31caf9184bd2944a070b815b
kernel-tools-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: e18a90a5aa332c0f5b3cddcb52b1dfc707ea405ac6550b942c37aa33bd4ba444
kernel-tools-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: e18a90a5aa332c0f5b3cddcb52b1dfc707ea405ac6550b942c37aa33bd4ba444
kernel-tools-libs-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 737e98affe9520d076f6c9b2907686980e01c01478906b1d370715530507b4f3
kernel-tools-libs-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 2de701397ff52145a1f8ec76886ca8f51cd0e71372d046c92404e378b35c6124
perf-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 427b0b59abbe09978ce40129da4342012b05151213a7271d1bb142c72b962252
perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: fa664b3450dd6638a4b608a92c4f5a1a1a7fc0b47436f0e1023921cba894dab3
perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: fa664b3450dd6638a4b608a92c4f5a1a1a7fc0b47436f0e1023921cba894dab3
python-perf-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 9f3be6f72d141a7fada1b5a6a0a23b3040ce12831dc0c1b9a209dcf7f955f901
python-perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 8848e1193f898bc87dc37ef4842f5f960f69935a746428149b18366052c2431e
python-perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 8848e1193f898bc87dc37ef4842f5f960f69935a746428149b18366052c2431e

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.2

SRPM
kernel-3.10.0-327.83.1.el7.src.rpm	SHA-256: 8ddb7b4fa99a1f2da65b08bf24b10e9a9555fc8356a2d85139bdcde3bf2d27a9
x86_64
kernel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 2cc20733dce606d76754b0ec7cb6d293e84ba0eda70900e62c5e5972a1a8310a
kernel-abi-whitelists-3.10.0-327.83.1.el7.noarch.rpm	SHA-256: 2757a2a34f43f13814a86fd1f74415a7779f0897bd12948fe6ebe613c6f84cd8
kernel-debug-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: d9f9e1b8afa24a973375ee816d7e3b2b1bdea6e54a1ae0bb828e12b396187df9
kernel-debug-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 295d241a3778b3b0314cc8b02c1e31775bbc671abeab6a7d01d69a2943505b48
kernel-debug-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 295d241a3778b3b0314cc8b02c1e31775bbc671abeab6a7d01d69a2943505b48
kernel-debug-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 7ef606d32a9c5b9125d0ac31b939a52c1539d76a97796ef3227dd450a68fe37e
kernel-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 53cbf30d9e3b212f39f7855b22279b2428c5b7c30fe03ebab174518af013f095
kernel-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 53cbf30d9e3b212f39f7855b22279b2428c5b7c30fe03ebab174518af013f095
kernel-debuginfo-common-x86_64-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 3876e3d1ac70578afa3ab417c82183ce3f38c95e114ef2b3d77c7a9a9c649ba1
kernel-debuginfo-common-x86_64-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 3876e3d1ac70578afa3ab417c82183ce3f38c95e114ef2b3d77c7a9a9c649ba1
kernel-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 105300cd8169c531319cc8c43bf126c5be2ffc6ac72d67eb9bf35705008f7d7c
kernel-doc-3.10.0-327.83.1.el7.noarch.rpm	SHA-256: 9237974662a9b9cf396f785b969e1398b8d345622a6eec1c1ddeb143d59e1808
kernel-headers-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: c604826546ae7b1601e55602cf8ff6e3e99bb961212fbee0f9fc46630dce363c
kernel-tools-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 494e70765d1889473be3594ff99b4f30a9fb344d31caf9184bd2944a070b815b
kernel-tools-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: e18a90a5aa332c0f5b3cddcb52b1dfc707ea405ac6550b942c37aa33bd4ba444
kernel-tools-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: e18a90a5aa332c0f5b3cddcb52b1dfc707ea405ac6550b942c37aa33bd4ba444
kernel-tools-libs-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 737e98affe9520d076f6c9b2907686980e01c01478906b1d370715530507b4f3
kernel-tools-libs-devel-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 2de701397ff52145a1f8ec76886ca8f51cd0e71372d046c92404e378b35c6124
perf-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 427b0b59abbe09978ce40129da4342012b05151213a7271d1bb142c72b962252
perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: fa664b3450dd6638a4b608a92c4f5a1a1a7fc0b47436f0e1023921cba894dab3
perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: fa664b3450dd6638a4b608a92c4f5a1a1a7fc0b47436f0e1023921cba894dab3
python-perf-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 9f3be6f72d141a7fada1b5a6a0a23b3040ce12831dc0c1b9a209dcf7f955f901
python-perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 8848e1193f898bc87dc37ef4842f5f960f69935a746428149b18366052c2431e
python-perf-debuginfo-3.10.0-327.83.1.el7.x86_64.rpm	SHA-256: 8848e1193f898bc87dc37ef4842f5f960f69935a746428149b18366052c2431e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories