Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:0174 - Security Advisory
Issued:
2020-01-21
Updated:
2020-01-21

RHSA-2020:0174 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-alt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • Kernel: speculative bounds check bypass store (CVE-2018-3693)
  • kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)
  • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
  • kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr (CVE-2019-8912)
  • kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
  • kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)
  • kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)
  • kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)
  • kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814)
  • kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815)
  • kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Kernel panic on job cleanup, related to SyS_getdents64 (BZ#1702057)
  • Kernel modules generated incorrectly when system is localized to non-English language (BZ#1705285)
  • RHEL-Alt-7.6 - Fixup tlbie vs store ordering issue on POWER9 (BZ#1756270)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1581650 - CVE-2018-3693 Kernel: speculative bounds check bypass store
  • BZ - 1641878 - CVE-2018-18559 kernel: Use-after-free due to race condition in AF_PACKET implementation
  • BZ - 1678685 - CVE-2019-8912 kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr
  • BZ - 1703063 - CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues.
  • BZ - 1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c
  • BZ - 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
  • BZ - 1744130 - CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS
  • BZ - 1744137 - CVE-2019-14815 kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS
  • BZ - 1744149 - CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
  • BZ - 1771909 - CVE-2019-17133 kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c
  • BZ - 1777825 - CVE-2019-18660 kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure

CVEs

  • CVE-2018-3693
  • CVE-2018-18559
  • CVE-2019-3846
  • CVE-2019-8912
  • CVE-2019-10126
  • CVE-2019-11487
  • CVE-2019-14814
  • CVE-2019-14815
  • CVE-2019-14816
  • CVE-2019-17133
  • CVE-2019-18660

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/solutions/3523601
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 7

SRPM
kernel-alt-4.14.0-115.17.1.el7a.src.rpm SHA-256: 55411420bb73de112a02b68c53425f4bae5e94c10c1e1a7ae90d8417746f8b77
aarch64
kernel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: fa6882e5159f99c8356d102090ecae30954a3047c723baec82279464ac626437
kernel-abi-whitelists-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: b4a7cefd7a3c57facdc11f9afb909b7b0f90f96c62670ef972de840a190c9c13
kernel-debug-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 2b88e3a49134b6396bc3f14d5a68a7812c9099f3532c6b062ca005c63a5d30e6
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 144452f89e3f426c5716efb1544c3928b47f6b0f42f73a626bb623b40fa2cbe6
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 144452f89e3f426c5716efb1544c3928b47f6b0f42f73a626bb623b40fa2cbe6
kernel-debug-devel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 8eb412c4e600ab69abb06d59959d2142c65a6107acd6d4cbedd97b0c35574cb2
kernel-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: c805ad2dac12d73a7f974b5981635b551706c0c9f591a16e86ae72b372b87b57
kernel-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: c805ad2dac12d73a7f974b5981635b551706c0c9f591a16e86ae72b372b87b57
kernel-debuginfo-common-aarch64-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 0159d0b115b936ab39a588ea45d239116d0bd7ab8a5c27aaae2ec6770ecb3585
kernel-debuginfo-common-aarch64-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 0159d0b115b936ab39a588ea45d239116d0bd7ab8a5c27aaae2ec6770ecb3585
kernel-devel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: f0f4e1feb41a7d294e2bd9c124fcf467794abcb97ab0c0ce20fd9678ac31d2e5
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-headers-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: d10b0aa3187911c73b5299d8f7b74e23fdd6ab5185acc9e7ab160b3ffbe989dd
kernel-tools-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: bc6c7d88fbba4347b96b6d4826fa88582c4ea07dbcb0d33242abd96f0a4ea950
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: cecb30647770a2a440ea8bfe87a8ddf634c1fc79c2c0a866bf7a820b9e14fd21
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: cecb30647770a2a440ea8bfe87a8ddf634c1fc79c2c0a866bf7a820b9e14fd21
kernel-tools-libs-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: e9e89fced76ea4568c2686ef332f777092f8a140582f48c52247baba01d81b8c
kernel-tools-libs-devel-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: a785048547ea08ab59f9aefe595c0c9b97426e6575fddbdb9bf6ccf463658468
perf-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 69ac8a3ca49b9d60af79b30b00791d4d156aeed298a1b6a15bda19cae48124e7
perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 719c9805f432a1995a750406c9e215ec555f21cd7c9c8f60e39a2ef90f789428
perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 719c9805f432a1995a750406c9e215ec555f21cd7c9c8f60e39a2ef90f789428
python-perf-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: 41265840e0bc159e85abb66007906c9db341409896d225681d35decf8914ac99
python-perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: d44dcf5fabbb4d91a968152df54deeb00629671b0020c74e874aec849bf63548
python-perf-debuginfo-4.14.0-115.17.1.el7a.aarch64.rpm SHA-256: d44dcf5fabbb4d91a968152df54deeb00629671b0020c74e874aec849bf63548

Red Hat Enterprise Linux for Power 9 7

SRPM
kernel-alt-4.14.0-115.17.1.el7a.src.rpm SHA-256: 55411420bb73de112a02b68c53425f4bae5e94c10c1e1a7ae90d8417746f8b77
ppc64le
kernel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: bedb6e00fba1f6112eb9d1791c04a7bcda31777b968a454ad37f106a80cf0b49
kernel-abi-whitelists-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: b4a7cefd7a3c57facdc11f9afb909b7b0f90f96c62670ef972de840a190c9c13
kernel-bootwrapper-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c6f41f8fef396e8e7932d88ee84bb0caebacae7966a1cc4b59fae7965010ee41
kernel-debug-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 8e20847b7cf9f4042c07817bdae3aedce6138b3280cf55ff598a20c06dc9cb3e
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: f4b13f4771dfa0dc8ec8b72702d24cbe3c86456a19e77517ecc593a87de2b343
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: f4b13f4771dfa0dc8ec8b72702d24cbe3c86456a19e77517ecc593a87de2b343
kernel-debug-devel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: b6c54ea72a83c1aa2ee5d87c93c16dca0aa0ccbcc259a5aa55a50e7a7aa582c1
kernel-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c004b2fb7bca84778f86c67dc336fba18dd83027addebd7bb2ec5c0d7c4fb830
kernel-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c004b2fb7bca84778f86c67dc336fba18dd83027addebd7bb2ec5c0d7c4fb830
kernel-debuginfo-common-ppc64le-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 1f3d694747278abedb49fc5313b9b62a9c2602fd7248af00f03a47d83bc16044
kernel-debuginfo-common-ppc64le-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 1f3d694747278abedb49fc5313b9b62a9c2602fd7248af00f03a47d83bc16044
kernel-devel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: cb71c0d7766cf285ad2e879233eb2546e98d232e948cb8211275b137b77335ad
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-headers-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 4acfe7ef22363c73cf5054d80c0b9f06d007ef6b477fe7e40bbc9e49ac8ae696
kernel-tools-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: c6b4daf3d67fc39a8f3239143723f24a89d02408584f5a1f7f70b42a1f773b39
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a9915b0cef9ade73af2a2b945258feb7b810f73feb9f017422e0f8c71a4646c4
kernel-tools-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a9915b0cef9ade73af2a2b945258feb7b810f73feb9f017422e0f8c71a4646c4
kernel-tools-libs-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: fe23f06ba23fa37473fc2fa7aa0e9e8e7db177fe163f4dd357076ff121c4cbb4
kernel-tools-libs-devel-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 7d56fc33bf4e9f7a04462dd08e90f65125e3c7bb90ff486524b744f19267bb24
perf-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 176eb0a5be115e744cb37b12847e8453d3c4dbe0e12f27220f85a10be2a073e3
perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: bc8e5f99dc0fdd6991f72aa832c07c585f419c678fafb723ac1803d0a330e18a
perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: bc8e5f99dc0fdd6991f72aa832c07c585f419c678fafb723ac1803d0a330e18a
python-perf-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: 5a5cfb5fad718714c21579a194d5691f3e3f0fbdd3aae55e4e0df63ca61b1c69
python-perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a2c582c668f0290624f5c4ffe1834f63735d42f37d2b6b2c118c7f6877fa6927
python-perf-debuginfo-4.14.0-115.17.1.el7a.ppc64le.rpm SHA-256: a2c582c668f0290624f5c4ffe1834f63735d42f37d2b6b2c118c7f6877fa6927

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
kernel-alt-4.14.0-115.17.1.el7a.src.rpm SHA-256: 55411420bb73de112a02b68c53425f4bae5e94c10c1e1a7ae90d8417746f8b77
s390x
kernel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: ea6297b231deddff2658c93425cd0f22e6a6ad352e89948bbd4e8c24ff1dc7b9
kernel-abi-whitelists-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: b4a7cefd7a3c57facdc11f9afb909b7b0f90f96c62670ef972de840a190c9c13
kernel-debug-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: efba753a262fb5bbc4856c3c4638feb02d85048bce87fbd6a885b563224a1963
kernel-debug-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 5f1bcde48176955931c987b75e66ad70d4fad518544c93b545646393f192679c
kernel-debug-devel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: b71e9c4a0f97af8d87eb0b235d4551457925b9b0aa797f87f004518e2f09ad4c
kernel-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 9edc56998ad6b1feed9e2e10ccb16c1508b1b8e78cc6a96ef3edd2d4cf56cd5d
kernel-debuginfo-common-s390x-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 7c5ee1a4b2d0b3e9a58c352c94e0110d2f67b1234842031c69f29341233ec9fe
kernel-devel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 1e05bfd5ae6d69ca730646a4cb6b608f8f5ca6fbb43cdb8ab7f662457c1893dd
kernel-doc-4.14.0-115.17.1.el7a.noarch.rpm SHA-256: 788cba07e7a3413ac9e76d40a210f99edcab176a5f99226f8f3cf4f30e0cabad
kernel-headers-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: dba0cf921977c4d2c5810e1d0ceb611742afedf26fb339878246a1d17b328731
kernel-kdump-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: f8eafd47bb6da480319d7cba863544f205ee2e969880aece608572aa22cae562
kernel-kdump-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 68f4f1c007f8a0e820ba6517d4dec2efd2b13a8a5057ac54f681dbefbaabd7b8
kernel-kdump-devel-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: c40ef8d54a1153c88a33a29a81d5f79c88b4cad412ff49767b1a6e0708026e8b
perf-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 26ccdd0389035ea27e0c98c3b0b4e1c0fcfaaaf6710048fda3d1e362258c0fbf
perf-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: bfa6de0eb98bb2d931ff48d621daef936548175769e45563441d4f4f122d3067
python-perf-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 421f7ecd75d7421bc6ccabf26f3a9b5f4058c8db1563ef9ce82a7354c574a2c8
python-perf-debuginfo-4.14.0-115.17.1.el7a.s390x.rpm SHA-256: 32f6d49be16332a4f69fc87402cc1240abdebe7f71896b8e83d4dbf440e7d466

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our Privacy Statement effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter