Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2020:1493 - Security Advisory
Issued:
2020-04-16
Updated:
2020-04-16

RHSA-2020:1493 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-alt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)
  • kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
  • kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS (CVE-2019-5108)
  • kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)
  • kernel: out-of-bounds array access in __xfrm_policy_unlink (CVE-2019-15666)
  • kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099)
  • kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922)
  • kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054)
  • kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c (CVE-2019-20095)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • rhel-alt-76z bsd process accounting(acct(2)) does not work (BZ#1763618)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1743560 - CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash
  • BZ - 1747334 - CVE-2019-15666 kernel: out-of-bounds array access in __xfrm_policy_unlink
  • BZ - 1760063 - CVE-2019-15031 kernel: powerpc: local user can read vector registers of other users' processes via an interrupt
  • BZ - 1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
  • BZ - 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
  • BZ - 1789927 - CVE-2019-5108 kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS
  • BZ - 1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
  • BZ - 1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c
  • BZ - 1792512 - CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications

CVEs

  • CVE-2019-5108
  • CVE-2019-14895
  • CVE-2019-14901
  • CVE-2019-15031
  • CVE-2019-15099
  • CVE-2019-15666
  • CVE-2019-19922
  • CVE-2019-20054
  • CVE-2019-20095

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 7

SRPM
kernel-alt-4.14.0-115.19.1.el7a.src.rpm SHA-256: 3501375e70fb9c90b735f9f6bafb3f96512a1ca3c99f45db6e4a363172122188
aarch64
kernel-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 2db377c9c1a3b490edc3ff7eda6e33b8ee21cebfb9733d64a3c8b7ba5914bc34
kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: df97cb05f22d66e7ddc98c96405ed944b5c47cfd81522fdc4b73dc9e14a6045c
kernel-debug-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: fa09a4a7066630be3c937040d357b7813b763b1cc8ceac21dcb5725d6cd5c7f8
kernel-debug-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 062f8492f98658c49ebb6ded39a9ac5cfe2b6221c1b392cc34947c82643c7ce8
kernel-debug-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 062f8492f98658c49ebb6ded39a9ac5cfe2b6221c1b392cc34947c82643c7ce8
kernel-debug-devel-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 6bd6613822b5724a6efa4bf9d4d3f6b70a321bac6e3a99916c2bb3fd620c6f89
kernel-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: ad5464e0b2eff8731a40f25403c3000c63be6c8b01aa4055fde87af3b7995943
kernel-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: ad5464e0b2eff8731a40f25403c3000c63be6c8b01aa4055fde87af3b7995943
kernel-debuginfo-common-aarch64-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 64970e5402e9526afbb54dc3aa49f4facbe9defd8f45f9dfdd9a15f89115769e
kernel-debuginfo-common-aarch64-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 64970e5402e9526afbb54dc3aa49f4facbe9defd8f45f9dfdd9a15f89115769e
kernel-devel-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: c4aa5a3dfe5ec8ee1010ef6adb96fa2aab7ec82ac63ef4e1711e661e08ab6ff6
kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc
kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc
kernel-headers-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 339dba377cdfa1ecd97d2a653a4b81f156dd92d08d59618dcfff096a813b316a
kernel-tools-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: f62b7b8466eef802e20a691ba52dffc2ca4ad30b750b21ec85fb5a1773d1fc70
kernel-tools-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: eb13286177f7690176d135fa0e09405cf1655b6fd7a248b8f9149459e5e9d8d2
kernel-tools-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: eb13286177f7690176d135fa0e09405cf1655b6fd7a248b8f9149459e5e9d8d2
kernel-tools-libs-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 289319dbc62284287ba260694c014167da7c02c118adeecd3abc1e0d1d0a48bb
kernel-tools-libs-devel-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 2569d9804d87d3d27a0c185a4ff711c5d4af83175eb9f3b63f26aedfa58bb163
perf-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: 3bc0d657ef3d3788d6386f5f96c9aac7ee88b3db632027ab73f7caa8383a4865
perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: d3e9d3824fd58b60abed7a1d8d6b1dab7d0441b8e715885e8baa0764532cfbd6
perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: d3e9d3824fd58b60abed7a1d8d6b1dab7d0441b8e715885e8baa0764532cfbd6
python-perf-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: e4bdeb962f5874beaff2c4174c6c28e5301d95457a099244eaf200175d5bf35a
python-perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: f65d8255e9db72ea884f55ecd6977ba682ddb6fe14f8f18b6e6e03dca50ed37d
python-perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm SHA-256: f65d8255e9db72ea884f55ecd6977ba682ddb6fe14f8f18b6e6e03dca50ed37d

Red Hat Enterprise Linux for Power 9 7

SRPM
kernel-alt-4.14.0-115.19.1.el7a.src.rpm SHA-256: 3501375e70fb9c90b735f9f6bafb3f96512a1ca3c99f45db6e4a363172122188
ppc64le
kernel-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 7febe4d412c36b0ee47df1a2489a67213dc41b6752543ef6c3aab5c98fab39ae
kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: df97cb05f22d66e7ddc98c96405ed944b5c47cfd81522fdc4b73dc9e14a6045c
kernel-bootwrapper-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 2207da3bc028f5b54700a4ec7756f6ad67bddcab78f831a2c0bac0ad34685afb
kernel-debug-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: b030a70ac06dc0d12bf4d03466070acf04d2d5163463cf17255f53435a0c786c
kernel-debug-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: cc1084af76dd03d4717397ffd627b9cbd6ac8be92c9c307091d2cfff011eea31
kernel-debug-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: cc1084af76dd03d4717397ffd627b9cbd6ac8be92c9c307091d2cfff011eea31
kernel-debug-devel-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 50c7a83338472d6724c37685d85beee453a26383d3c8e66c55e37e049629d0bd
kernel-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 1e3deadaec6042cbe7b92d0f898e161b933ada89a472beee1a4afa8c015e4c86
kernel-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 1e3deadaec6042cbe7b92d0f898e161b933ada89a472beee1a4afa8c015e4c86
kernel-debuginfo-common-ppc64le-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 6421c98fc23cfae458d8b5365ddff220f18924196bb956ffdf629b8018ecd4e6
kernel-debuginfo-common-ppc64le-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 6421c98fc23cfae458d8b5365ddff220f18924196bb956ffdf629b8018ecd4e6
kernel-devel-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: b4ae0d00d8087bac21ecf5ef1db6cfa12d9010b903c98f4ad2b710d0d213da00
kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc
kernel-headers-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: ec1a6436f6530eeefcc71864e370981847f0d2fb1e7036035edf2d7557fdc6fa
kernel-tools-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 4af89bb58b3055ad48c2d1ce1b4a61524f517d68cba91bd77a1038516b454f01
kernel-tools-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: a6353487b794baa5fbc65bf07899ebb527bba1defbac0f224c9fc95720459456
kernel-tools-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: a6353487b794baa5fbc65bf07899ebb527bba1defbac0f224c9fc95720459456
kernel-tools-libs-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 0f1ba2e50bde85995914ffa59c3fd8fab5b71039f6bbdc8f6420524170953f83
kernel-tools-libs-devel-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: 560234665914d491dd50c9fc89917fd5d6c585e02b7b3778f9ceffd39f18fcec
perf-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: a993ea94d6389319ed75b895c056fb4a814620ce5f5b7e8f1fe51384b2ca5499
perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: c4cbf93474a6d4831d2d8f8bc41b559dc5d044beef4b50b912fd10ae70cee7fe
perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: c4cbf93474a6d4831d2d8f8bc41b559dc5d044beef4b50b912fd10ae70cee7fe
python-perf-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: e7ee74806c2885638eb24402b3db73aa88c4046a8697d516b147016ed1bc9f55
python-perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: e33f7dbb7975d1ea6c7ae089c856beb03f96eede8bd9bfa857f156dc37e4d0b8
python-perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm SHA-256: e33f7dbb7975d1ea6c7ae089c856beb03f96eede8bd9bfa857f156dc37e4d0b8

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
kernel-alt-4.14.0-115.19.1.el7a.src.rpm SHA-256: 3501375e70fb9c90b735f9f6bafb3f96512a1ca3c99f45db6e4a363172122188
s390x
kernel-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: fdb3d2638213670cd967f3b7fe91ea0690f6c3f0ce420559cf424de4772ed812
kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: df97cb05f22d66e7ddc98c96405ed944b5c47cfd81522fdc4b73dc9e14a6045c
kernel-debug-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 93077140536c635cd8d2b8a05bf2b470f0d1fa6461669eb4d93435fb798515e3
kernel-debug-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: f194246ad9bd2a989da6735923e52813e1ecd5b5f23ca0c68be505b666fa0147
kernel-debug-devel-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: c9cd3c2964d46070fef90c70dfb526bd21fe6d471aca1f6759f8e379dbd8a2e9
kernel-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: ca0b23e4b2f20b72f7def26274d8093d706acc63dea400422044eec582ebc0f6
kernel-debuginfo-common-s390x-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 4946ce0377777b12ab98b3a3b600a4ee42913f6f43a7b9664e307ebb37b33438
kernel-devel-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 75b585c23a245e5b06dd24b5050847fec09110b457555f35c88701a9c7dd5e54
kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm SHA-256: fb4c9b3944bf692a06a52c6c0cbd794b0b17b0a8ec1377223a37e1e42181dddc
kernel-headers-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: fb5e1184135b2ef9c762b8ec1493530c0f87c9bebe8148a19079fef2be52fd6c
kernel-kdump-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: dd17c1d55baac514cac73e7b41fcd50679ce5d6d1b49338db3fb0efeead4816f
kernel-kdump-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 98cdc1601ff078a5ff3c23ccf9ab2c46ee020c1fbe3f239c47f6bd2199d062ec
kernel-kdump-devel-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 1b3ecb8616c32f2e2cb90e69d9f3432a43a19ac0142bfce2af3e73c2e54d45fb
perf-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 2df692a2355cc277e5df9dc634d84e8077487be8d9aaf49d47e1f13d35f9a774
perf-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: 99ace775cc185e73879c74d8bb0a3f48bed6b29bd210037039398a4cc08b401b
python-perf-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: e673c5da40dff3ae528b5165d7338dde7e8dba0eb83de35943725fcfb51b1098
python-perf-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm SHA-256: f07bb099fee385c73a5007297cbe11b96eec72d4adabd6011f19ec27e3bd1698

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter