- Issued:
- 2020-04-16
- Updated:
- 2020-04-16
RHSA-2020:1493 - Security Advisory
Synopsis
Important: kernel-alt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)
- kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
- kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS (CVE-2019-5108)
- kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)
- kernel: out-of-bounds array access in __xfrm_policy_unlink (CVE-2019-15666)
- kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099)
- kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922)
- kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054)
- kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c (CVE-2019-20095)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- rhel-alt-76z bsd process accounting(acct(2)) does not work (BZ#1763618)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1743560 - CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash
- BZ - 1747334 - CVE-2019-15666 kernel: out-of-bounds array access in __xfrm_policy_unlink
- BZ - 1760063 - CVE-2019-15031 kernel: powerpc: local user can read vector registers of other users' processes via an interrupt
- BZ - 1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
- BZ - 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
- BZ - 1789927 - CVE-2019-5108 kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS
- BZ - 1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
- BZ - 1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c
- BZ - 1792512 - CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.19.1.el7a.src.rpm | SHA-256: 3501375e70fb9c90b735f9f6bafb3f96512a1ca3c99f45db6e4a363172122188 |
| aarch64 | |
| kernel-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 2db377c9c1a3b490edc3ff7eda6e33b8ee21cebfb9733d64a3c8b7ba5914bc34 |
| kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: df97cb05f22d66e7ddc98c96405ed944b5c47cfd81522fdc4b73dc9e14a6045c |
| kernel-debug-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: fa09a4a7066630be3c937040d357b7813b763b1cc8ceac21dcb5725d6cd5c7f8 |
| kernel-debug-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 062f8492f98658c49ebb6ded39a9ac5cfe2b6221c1b392cc34947c82643c7ce8 |
| kernel-debug-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 062f8492f98658c49ebb6ded39a9ac5cfe2b6221c1b392cc34947c82643c7ce8 |
| kernel-debug-devel-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 6bd6613822b5724a6efa4bf9d4d3f6b70a321bac6e3a99916c2bb3fd620c6f89 |
| kernel-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: ad5464e0b2eff8731a40f25403c3000c63be6c8b01aa4055fde87af3b7995943 |
| kernel-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: ad5464e0b2eff8731a40f25403c3000c63be6c8b01aa4055fde87af3b7995943 |
| kernel-debuginfo-common-aarch64-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 64970e5402e9526afbb54dc3aa49f4facbe9defd8f45f9dfdd9a15f89115769e |
| kernel-debuginfo-common-aarch64-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 64970e5402e9526afbb54dc3aa49f4facbe9defd8f45f9dfdd9a15f89115769e |
| kernel-devel-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: c4aa5a3dfe5ec8ee1010ef6adb96fa2aab7ec82ac63ef4e1711e661e08ab6ff6 |
| kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc |
| kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc |
| kernel-headers-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 339dba377cdfa1ecd97d2a653a4b81f156dd92d08d59618dcfff096a813b316a |
| kernel-tools-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: f62b7b8466eef802e20a691ba52dffc2ca4ad30b750b21ec85fb5a1773d1fc70 |
| kernel-tools-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: eb13286177f7690176d135fa0e09405cf1655b6fd7a248b8f9149459e5e9d8d2 |
| kernel-tools-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: eb13286177f7690176d135fa0e09405cf1655b6fd7a248b8f9149459e5e9d8d2 |
| kernel-tools-libs-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 289319dbc62284287ba260694c014167da7c02c118adeecd3abc1e0d1d0a48bb |
| kernel-tools-libs-devel-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 2569d9804d87d3d27a0c185a4ff711c5d4af83175eb9f3b63f26aedfa58bb163 |
| perf-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: 3bc0d657ef3d3788d6386f5f96c9aac7ee88b3db632027ab73f7caa8383a4865 |
| perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: d3e9d3824fd58b60abed7a1d8d6b1dab7d0441b8e715885e8baa0764532cfbd6 |
| perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: d3e9d3824fd58b60abed7a1d8d6b1dab7d0441b8e715885e8baa0764532cfbd6 |
| python-perf-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: e4bdeb962f5874beaff2c4174c6c28e5301d95457a099244eaf200175d5bf35a |
| python-perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: f65d8255e9db72ea884f55ecd6977ba682ddb6fe14f8f18b6e6e03dca50ed37d |
| python-perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm | SHA-256: f65d8255e9db72ea884f55ecd6977ba682ddb6fe14f8f18b6e6e03dca50ed37d |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.19.1.el7a.src.rpm | SHA-256: 3501375e70fb9c90b735f9f6bafb3f96512a1ca3c99f45db6e4a363172122188 |
| ppc64le | |
| kernel-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 7febe4d412c36b0ee47df1a2489a67213dc41b6752543ef6c3aab5c98fab39ae |
| kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: df97cb05f22d66e7ddc98c96405ed944b5c47cfd81522fdc4b73dc9e14a6045c |
| kernel-bootwrapper-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 2207da3bc028f5b54700a4ec7756f6ad67bddcab78f831a2c0bac0ad34685afb |
| kernel-debug-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: b030a70ac06dc0d12bf4d03466070acf04d2d5163463cf17255f53435a0c786c |
| kernel-debug-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: cc1084af76dd03d4717397ffd627b9cbd6ac8be92c9c307091d2cfff011eea31 |
| kernel-debug-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: cc1084af76dd03d4717397ffd627b9cbd6ac8be92c9c307091d2cfff011eea31 |
| kernel-debug-devel-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 50c7a83338472d6724c37685d85beee453a26383d3c8e66c55e37e049629d0bd |
| kernel-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 1e3deadaec6042cbe7b92d0f898e161b933ada89a472beee1a4afa8c015e4c86 |
| kernel-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 1e3deadaec6042cbe7b92d0f898e161b933ada89a472beee1a4afa8c015e4c86 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 6421c98fc23cfae458d8b5365ddff220f18924196bb956ffdf629b8018ecd4e6 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 6421c98fc23cfae458d8b5365ddff220f18924196bb956ffdf629b8018ecd4e6 |
| kernel-devel-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: b4ae0d00d8087bac21ecf5ef1db6cfa12d9010b903c98f4ad2b710d0d213da00 |
| kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc |
| kernel-headers-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: ec1a6436f6530eeefcc71864e370981847f0d2fb1e7036035edf2d7557fdc6fa |
| kernel-tools-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 4af89bb58b3055ad48c2d1ce1b4a61524f517d68cba91bd77a1038516b454f01 |
| kernel-tools-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: a6353487b794baa5fbc65bf07899ebb527bba1defbac0f224c9fc95720459456 |
| kernel-tools-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: a6353487b794baa5fbc65bf07899ebb527bba1defbac0f224c9fc95720459456 |
| kernel-tools-libs-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 0f1ba2e50bde85995914ffa59c3fd8fab5b71039f6bbdc8f6420524170953f83 |
| kernel-tools-libs-devel-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: 560234665914d491dd50c9fc89917fd5d6c585e02b7b3778f9ceffd39f18fcec |
| perf-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: a993ea94d6389319ed75b895c056fb4a814620ce5f5b7e8f1fe51384b2ca5499 |
| perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: c4cbf93474a6d4831d2d8f8bc41b559dc5d044beef4b50b912fd10ae70cee7fe |
| perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: c4cbf93474a6d4831d2d8f8bc41b559dc5d044beef4b50b912fd10ae70cee7fe |
| python-perf-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: e7ee74806c2885638eb24402b3db73aa88c4046a8697d516b147016ed1bc9f55 |
| python-perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: e33f7dbb7975d1ea6c7ae089c856beb03f96eede8bd9bfa857f156dc37e4d0b8 |
| python-perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm | SHA-256: e33f7dbb7975d1ea6c7ae089c856beb03f96eede8bd9bfa857f156dc37e4d0b8 |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.19.1.el7a.src.rpm | SHA-256: 3501375e70fb9c90b735f9f6bafb3f96512a1ca3c99f45db6e4a363172122188 |
| s390x | |
| kernel-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: fdb3d2638213670cd967f3b7fe91ea0690f6c3f0ce420559cf424de4772ed812 |
| kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: df97cb05f22d66e7ddc98c96405ed944b5c47cfd81522fdc4b73dc9e14a6045c |
| kernel-debug-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 93077140536c635cd8d2b8a05bf2b470f0d1fa6461669eb4d93435fb798515e3 |
| kernel-debug-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: f194246ad9bd2a989da6735923e52813e1ecd5b5f23ca0c68be505b666fa0147 |
| kernel-debug-devel-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: c9cd3c2964d46070fef90c70dfb526bd21fe6d471aca1f6759f8e379dbd8a2e9 |
| kernel-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: ca0b23e4b2f20b72f7def26274d8093d706acc63dea400422044eec582ebc0f6 |
| kernel-debuginfo-common-s390x-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 4946ce0377777b12ab98b3a3b600a4ee42913f6f43a7b9664e307ebb37b33438 |
| kernel-devel-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 75b585c23a245e5b06dd24b5050847fec09110b457555f35c88701a9c7dd5e54 |
| kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm | SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc |
| kernel-headers-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: fb5e1184135b2ef9c762b8ec1493530c0f87c9bebe8148a19079fef2be52fd6c |
| kernel-kdump-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: dd17c1d55baac514cac73e7b41fcd50679ce5d6d1b49338db3fb0efeead4816f |
| kernel-kdump-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 98cdc1601ff078a5ff3c23ccf9ab2c46ee020c1fbe3f239c47f6bd2199d062ec |
| kernel-kdump-devel-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 1b3ecb8616c32f2e2cb90e69d9f3432a43a19ac0142bfce2af3e73c2e54d45fb |
| perf-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 2df692a2355cc277e5df9dc634d84e8077487be8d9aaf49d47e1f13d35f9a774 |
| perf-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: 99ace775cc185e73879c74d8bb0a3f48bed6b29bd210037039398a4cc08b401b |
| python-perf-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: e673c5da40dff3ae528b5165d7338dde7e8dba0eb83de35943725fcfb51b1098 |
| python-perf-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm | SHA-256: f07bb099fee385c73a5007297cbe11b96eec72d4adabd6011f19ec27e3bd1698 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.