Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:0174 - Security Advisory
Issued:
2020-01-21
Updated:
2020-01-21

RHSA-2020:0174 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-alt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • Kernel: speculative bounds check bypass store (CVE-2018-3693)
  • kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)
  • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
  • kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr (CVE-2019-8912)
  • kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
  • kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)
  • kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)
  • kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)
  • kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814)
  • kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815)
  • kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Kernel panic on job cleanup, related to SyS_getdents64 (BZ#1702057)
  • Kernel modules generated incorrectly when system is localized to non-English language (BZ#1705285)
  • RHEL-Alt-7.6 - Fixup tlbie vs store ordering issue on POWER9 (BZ#1756270)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1581650 - CVE-2018-3693 Kernel: speculative bounds check bypass store
  • BZ - 1641878 - CVE-2018-18559 kernel: Use-after-free due to race condition in AF_PACKET implementation
  • BZ - 1678685 - CVE-2019-8912 kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr
  • BZ - 1703063 - CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues.
  • BZ - 1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c
  • BZ - 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
  • BZ - 1744130 - CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS
  • BZ - 1744137 - CVE-2019-14815 kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS
  • BZ - 1744149 - CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
  • BZ - 1771909 - CVE-2019-17133 kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c
  • BZ - 1777825 - CVE-2019-18660 kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure

CVEs

  • CVE-2018-3693
  • CVE-2018-18559
  • CVE-2019-3846
  • CVE-2019-8912
  • CVE-2019-10126
  • CVE-2019-11487
  • CVE-2019-14814
  • CVE-2019-14815
  • CVE-2019-14816
  • CVE-2019-17133
  • CVE-2019-18660

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/solutions/3523601
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 7

SRPM
kernel-alt-4.14.0-115.17.1.el7a.src.rpm SHA-256: 55411420bb73de112a02b68c53425f4bae5e94c10c1e1a7ae90d8417746f8b77
aarch64
kernel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: fa6882e5159f99c8356d102090ecae30954a3047c723baec82279464ac626437
kernel-abi-whitelists-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: b4a7cefd7a3c57facdc11f9afb909b7b0f90f96c62670ef972de840a190c9c13
kernel-debug-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 2b88e3a49134b6396bc3f14d5a68a7812c9099f3532c6b062ca005c63a5d30e6
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 144452f89e3f426c5716efb1544c3928b47f6b0f42f73a626bb623b40fa2cbe6
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 144452f89e3f426c5716efb1544c3928b47f6b0f42f73a626bb623b40fa2cbe6
kernel-debug-devel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 8eb412c4e600ab69abb06d59959d2142c65a6107acd6d4cbedd97b0c35574cb2
kernel-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: c805ad2dac12d73a7f974b5981635b551706c0c9f591a16e86ae72b372b87b57
kernel-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: c805ad2dac12d73a7f974b5981635b551706c0c9f591a16e86ae72b372b87b57
kernel-debuginfo-common-aarch64-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 0159d0b115b936ab39a588ea45d239116d0bd7ab8a5c27aaae2ec6770ecb3585
kernel-debuginfo-common-aarch64-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 0159d0b115b936ab39a588ea45d239116d0bd7ab8a5c27aaae2ec6770ecb3585
kernel-devel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: f0f4e1feb41a7d294e2bd9c124fcf467794abcb97ab0c0ce20fd9678ac31d2e5
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-headers-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: d10b0aa3187911c73b5299d8f7b74e23fdd6ab5185acc9e7ab160b3ffbe989dd
kernel-tools-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: bc6c7d88fbba4347b96b6d4826fa88582c4ea07dbcb0d33242abd96f0a4ea950
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: cecb30647770a2a440ea8bfe87a8ddf634c1fc79c2c0a866bf7a820b9e14fd21
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: cecb30647770a2a440ea8bfe87a8ddf634c1fc79c2c0a866bf7a820b9e14fd21
kernel-tools-libs-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: e9e89fced76ea4568c2686ef332f777092f8a140582f48c52247baba01d81b8c
kernel-tools-libs-devel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: a785048547ea08ab59f9aefe595c0c9b97426e6575fddbdb9bf6ccf463658468
perf-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 69ac8a3ca49b9d60af79b30b00791d4d156aeed298a1b6a15bda19cae48124e7
perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 719c9805f432a1995a750406c9e215ec555f21cd7c9c8f60e39a2ef90f789428
perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 719c9805f432a1995a750406c9e215ec555f21cd7c9c8f60e39a2ef90f789428
python-perf-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 41265840e0bc159e85abb66007906c9db341409896d225681d35decf8914ac99
python-perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: d44dcf5fabbb4d91a968152df54deeb00629671b0020c74e874aec849bf63548
python-perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: d44dcf5fabbb4d91a968152df54deeb00629671b0020c74e874aec849bf63548

Red Hat Enterprise Linux for Power 9 7

SRPM
kernel-alt-4.14.0-115.17.1.el7a.src.rpm SHA-256: 55411420bb73de112a02b68c53425f4bae5e94c10c1e1a7ae90d8417746f8b77
ppc64le
kernel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: bedb6e00fba1f6112eb9d1791c04a7bcda31777b968a454ad37f106a80cf0b49
kernel-abi-whitelists-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: b4a7cefd7a3c57facdc11f9afb909b7b0f90f96c62670ef972de840a190c9c13
kernel-bootwrapper-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c6f41f8fef396e8e7932d88ee84bb0caebacae7966a1cc4b59fae7965010ee41
kernel-debug-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 8e20847b7cf9f4042c07817bdae3aedce6138b3280cf55ff598a20c06dc9cb3e
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: f4b13f4771dfa0dc8ec8b72702d24cbe3c86456a19e77517ecc593a87de2b343
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: f4b13f4771dfa0dc8ec8b72702d24cbe3c86456a19e77517ecc593a87de2b343
kernel-debug-devel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: b6c54ea72a83c1aa2ee5d87c93c16dca0aa0ccbcc259a5aa55a50e7a7aa582c1
kernel-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c004b2fb7bca84778f86c67dc336fba18dd83027addebd7bb2ec5c0d7c4fb830
kernel-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c004b2fb7bca84778f86c67dc336fba18dd83027addebd7bb2ec5c0d7c4fb830
kernel-debuginfo-common-ppc64le-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 1f3d694747278abedb49fc5313b9b62a9c2602fd7248af00f03a47d83bc16044
kernel-debuginfo-common-ppc64le-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 1f3d694747278abedb49fc5313b9b62a9c2602fd7248af00f03a47d83bc16044
kernel-devel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: cb71c0d7766cf285ad2e879233eb2546e98d232e948cb8211275b137b77335ad
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-headers-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 4acfe7ef22363c73cf5054d80c0b9f06d007ef6b477fe7e40bbc9e49ac8ae696
kernel-tools-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c6b4daf3d67fc39a8f3239143723f24a89d02408584f5a1f7f70b42a1f773b39
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a9915b0cef9ade73af2a2b945258feb7b810f73feb9f017422e0f8c71a4646c4
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a9915b0cef9ade73af2a2b945258feb7b810f73feb9f017422e0f8c71a4646c4
kernel-tools-libs-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: fe23f06ba23fa37473fc2fa7aa0e9e8e7db177fe163f4dd357076ff121c4cbb4
kernel-tools-libs-devel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 7d56fc33bf4e9f7a04462dd08e90f65125e3c7bb90ff486524b744f19267bb24
perf-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 176eb0a5be115e744cb37b12847e8453d3c4dbe0e12f27220f85a10be2a073e3
perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: bc8e5f99dc0fdd6991f72aa832c07c585f419c678fafb723ac1803d0a330e18a
perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: bc8e5f99dc0fdd6991f72aa832c07c585f419c678fafb723ac1803d0a330e18a
python-perf-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 5a5cfb5fad718714c21579a194d5691f3e3f0fbdd3aae55e4e0df63ca61b1c69
python-perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a2c582c668f0290624f5c4ffe1834f63735d42f37d2b6b2c118c7f6877fa6927
python-perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a2c582c668f0290624f5c4ffe1834f63735d42f37d2b6b2c118c7f6877fa6927

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
kernel-alt-4.14.0-115.17.1.el7a.src.rpm SHA-256: 55411420bb73de112a02b68c53425f4bae5e94c10c1e1a7ae90d8417746f8b77
s390x
kernel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: ea6297b231deddff2658c93425cd0f22e6a6ad352e89948bbd4e8c24ff1dc7b9
kernel-abi-whitelists-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: b4a7cefd7a3c57facdc11f9afb909b7b0f90f96c62670ef972de840a190c9c13
kernel-debug-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: efba753a262fb5bbc4856c3c4638feb02d85048bce87fbd6a885b563224a1963
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 5f1bcde48176955931c987b75e66ad70d4fad518544c93b545646393f192679c
kernel-debug-devel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: b71e9c4a0f97af8d87eb0b235d4551457925b9b0aa797f87f004518e2f09ad4c
kernel-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 9edc56998ad6b1feed9e2e10ccb16c1508b1b8e78cc6a96ef3edd2d4cf56cd5d
kernel-debuginfo-common-s390x-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 7c5ee1a4b2d0b3e9a58c352c94e0110d2f67b1234842031c69f29341233ec9fe
kernel-devel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 1e05bfd5ae6d69ca730646a4cb6b608f8f5ca6fbb43cdb8ab7f662457c1893dd
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-headers-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: dba0cf921977c4d2c5810e1d0ceb611742afedf26fb339878246a1d17b328731
kernel-kdump-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: f8eafd47bb6da480319d7cba863544f205ee2e969880aece608572aa22cae562
kernel-kdump-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 68f4f1c007f8a0e820ba6517d4dec2efd2b13a8a5057ac54f681dbefbaabd7b8
kernel-kdump-devel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: c40ef8d54a1153c88a33a29a81d5f79c88b4cad412ff49767b1a6e0708026e8b
perf-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 26ccdd0389035ea27e0c98c3b0b4e1c0fcfaaaf6710048fda3d1e362258c0fbf
perf-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: bfa6de0eb98bb2d931ff48d621daef936548175769e45563441d4f4f122d3067
python-perf-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 421f7ecd75d7421bc6ccabf26f3a9b5f4058c8db1563ef9ce82a7354c574a2c8
python-perf-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 32f6d49be16332a4f69fc87402cc1240abdebe7f71896b8e83d4dbf440e7d466

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility