- Issued:
- 2020-05-12
- Updated:
- 2020-05-12
RHSA-2020:2104 - Security Advisory
Synopsis
Important: kernel-alt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (CVE-2017-18595)
- kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)
- Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)
- kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)
- kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454)
- kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c (CVE-2019-15538)
- kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c (CVE-2019-19447)
- kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524)
- kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c (CVE-2020-9383)
- kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service (CVE-2019-12614)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- [7.5-alt][ext4/xfstests generic/468] fix fdatasync(2) after fallocate(2) operation (upstream fixed) [rhel-alt-7.6.z] (BZ#1554273)
- [RHEL-ALT-7.6.z][arm64] CN99xx: DIMM errors not populated in EDAC sysfs (BZ#1778697)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1718176 - CVE-2019-12614 kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
- BZ - 1746777 - CVE-2019-15538 kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c
- BZ - 1757368 - CVE-2017-18551 kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c
- BZ - 1758671 - CVE-2017-18595 kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
- BZ - 1781679 - CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c
- BZ - 1783459 - CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free
- BZ - 1786164 - CVE-2019-19768 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c
- BZ - 1810685 - CVE-2020-9383 kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c
- BZ - 1818818 - CVE-2019-9454 kernel: out of bounds write in i2c driver leads to local escalation of privilege
- BZ - 1825116 - CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for ARM 64 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.21.2.el7a.src.rpm | SHA-256: 9a4ec39d684c7fdaa6d2963b31de6c094f1af37a17c9254653fd459237db47f2 |
| aarch64 | |
| kernel-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: d6fa828ecac5a66b96d0210f8b02eaeef270be73ca89d826cf515ef7135844d3 |
| kernel-abi-whitelists-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: fc0fe6f05106946f381644f7024bed01f46d03e92344458fcfe97bbbcb5e4b43 |
| kernel-debug-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 3175352555136580d3b0b0c30a82a876adf88755f9f00c6729422eaa90c91eb7 |
| kernel-debug-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 7ef4e925145b3823576d97c4bfa5e7effbd45079d5cf183ed1126b648487169a |
| kernel-debug-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 7ef4e925145b3823576d97c4bfa5e7effbd45079d5cf183ed1126b648487169a |
| kernel-debug-devel-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: db6e6dc0d935752722a4831e1e75939d54e45e0e52a6b1d1f533b9f941629bc1 |
| kernel-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: db8d5315b7f7c20d49d908749dcf83db1e9b9256ca98936e9a8e7b5b9eb0a975 |
| kernel-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: db8d5315b7f7c20d49d908749dcf83db1e9b9256ca98936e9a8e7b5b9eb0a975 |
| kernel-debuginfo-common-aarch64-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 07ac5dfe1922d713d8bdfeb4d338812783310b86ce878d95a419c246344f31b1 |
| kernel-debuginfo-common-aarch64-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 07ac5dfe1922d713d8bdfeb4d338812783310b86ce878d95a419c246344f31b1 |
| kernel-devel-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 46656e4d60aa30951be2aa5ce6efc0109eb682f0e0d5b39bbf0cea4597215e3f |
| kernel-doc-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: 1ab0e12cc59e8ad5aa719d68e6f1e8e3404387548482e2fe1d02752444d56b2a |
| kernel-doc-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: 1ab0e12cc59e8ad5aa719d68e6f1e8e3404387548482e2fe1d02752444d56b2a |
| kernel-headers-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 836475de77080645846362c018cce3e3c38d2e8120a9b24741bb15489d8d953f |
| kernel-tools-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 9da961101c9abd36765bbdf0c1c360a9a04a292bc0562e8f0b48eccf5e656fb4 |
| kernel-tools-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 13202f1d5abdd68901d5672feab67c0f748b211b5198766388704266bd0d0b8d |
| kernel-tools-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 13202f1d5abdd68901d5672feab67c0f748b211b5198766388704266bd0d0b8d |
| kernel-tools-libs-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 8053a6dc98a1e899dffc3a2e507aef8090683d76100b1a91356941fbc34fcf52 |
| kernel-tools-libs-devel-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: eeb812a736adbfbab1d7a9a3dcd3ea195d934f9599ce91e732b75c932bbcef7f |
| perf-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 154e5e1711b11783ed706c56757713211301b7946590c4b9b223e6567be736c0 |
| perf-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 48628a36569df236febc7ab26c36d7b71b4ebe9a29fcd8243638002e054fa7dd |
| perf-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 48628a36569df236febc7ab26c36d7b71b4ebe9a29fcd8243638002e054fa7dd |
| python-perf-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: aed394a8af630711790f3c80368214f22d3aa728936e9bcd38f2d8128c290383 |
| python-perf-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 67dbb96cedb9f8116170549d269940db305989dfccef2ae323bf67de57739e79 |
| python-perf-debuginfo-4.14.0-115.21.2.el7a.aarch64.rpm | SHA-256: 67dbb96cedb9f8116170549d269940db305989dfccef2ae323bf67de57739e79 |
Red Hat Enterprise Linux for Power 9 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.21.2.el7a.src.rpm | SHA-256: 9a4ec39d684c7fdaa6d2963b31de6c094f1af37a17c9254653fd459237db47f2 |
| ppc64le | |
| kernel-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 50c4ee49b3e1458a25a3b339bf03ac75e0e38b9289760426208bbfe6931831a7 |
| kernel-abi-whitelists-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: fc0fe6f05106946f381644f7024bed01f46d03e92344458fcfe97bbbcb5e4b43 |
| kernel-bootwrapper-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: e8881a3fc1923c4989b84dc02237782227820a8a99b4d2d014595a4efc009802 |
| kernel-debug-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 7e87b557177ace481b37bd8a0bd193505f66cdb33de118fd59f1c8cd237d0a44 |
| kernel-debug-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 5df8924d150a261a33de2219c38f3cc9c69dfe2ae6fd28692c83228c05676956 |
| kernel-debug-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 5df8924d150a261a33de2219c38f3cc9c69dfe2ae6fd28692c83228c05676956 |
| kernel-debug-devel-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 0017bd7c30f477012f0327ccab27935c853cf806050be057cec07fbb003927c5 |
| kernel-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 35b05a6390ddc6df51804c3e7d7bb55a51a7beb1db2cd26a5ac40f7072c2b0c5 |
| kernel-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 35b05a6390ddc6df51804c3e7d7bb55a51a7beb1db2cd26a5ac40f7072c2b0c5 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 245ca5c079f268152fa4b4c644bbb8a57cf8498843ba092e864e91c833fe97b2 |
| kernel-debuginfo-common-ppc64le-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 245ca5c079f268152fa4b4c644bbb8a57cf8498843ba092e864e91c833fe97b2 |
| kernel-devel-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 30b983712549605c6edc950ac3ae1a85ee005c2db03a8abcd428bfc70f07ce37 |
| kernel-doc-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: 1ab0e12cc59e8ad5aa719d68e6f1e8e3404387548482e2fe1d02752444d56b2a |
| kernel-headers-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 07f75d043c3794f099f2c569fffbe08997632d415e9ff4f9fa13290c98468bca |
| kernel-tools-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: be0a5c259664e3c24709bd43d11e0442a635a766daf50da6acc4347b8bdf62e9 |
| kernel-tools-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: b402b4fa1394e83be37c9e97d5e964681049ddbaee96e76dcfe4719897c9000b |
| kernel-tools-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: b402b4fa1394e83be37c9e97d5e964681049ddbaee96e76dcfe4719897c9000b |
| kernel-tools-libs-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 1a39270532534a3a196ea9b87b6f420b740325d0d6b717aa31f2218d8da356bc |
| kernel-tools-libs-devel-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: f64ce1a6fcaec4467a827688044a9aaaab3092835e597104c96ada1a8d74001a |
| perf-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 4d9af1e9099856de5b08e3577e71b9c75b0c5e5ce8d360dbe475af1fb7e74e1a |
| perf-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 8bf956dd8d06ad82b857c31730dce3d696940fa3ae46ef4ca3f6421610602cd4 |
| perf-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 8bf956dd8d06ad82b857c31730dce3d696940fa3ae46ef4ca3f6421610602cd4 |
| python-perf-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 426eba04e3f9debccc0371cb5faaba9cf75822134adaeb29dfe49181f9089480 |
| python-perf-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 09b1dbead076ba9a8d996a22d5ff62f5cbc8c8211cbdecb2bb9b7427adcc068d |
| python-perf-debuginfo-4.14.0-115.21.2.el7a.ppc64le.rpm | SHA-256: 09b1dbead076ba9a8d996a22d5ff62f5cbc8c8211cbdecb2bb9b7427adcc068d |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM | |
|---|---|
| kernel-alt-4.14.0-115.21.2.el7a.src.rpm | SHA-256: 9a4ec39d684c7fdaa6d2963b31de6c094f1af37a17c9254653fd459237db47f2 |
| s390x | |
| kernel-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 4ae992718af636a2e2dab8c5b39ecf976332dac841e77be03f87677cabe29b49 |
| kernel-abi-whitelists-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: fc0fe6f05106946f381644f7024bed01f46d03e92344458fcfe97bbbcb5e4b43 |
| kernel-debug-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 3320ea1135e464921f5ac4da7286796eaa3ce192df3ffd712903ce7409104e43 |
| kernel-debug-debuginfo-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 1d061cd4f62dc6037d615f11321867fceef3107a7cdecc4ccbbc54b2071b928e |
| kernel-debug-devel-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 8acd5873becb340c4f9baa8a5f118f5ac68432ef146218ed2eaeb79911c6a51f |
| kernel-debuginfo-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: ab3d3168f85b6e8ca85045c5cf1acf8e5be2ea22a223b7467b82ec9a12ee4225 |
| kernel-debuginfo-common-s390x-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 86ba90efca9b101d4a57086c7914a9dd636c8fe238bdca7eab17d8ab81b6f315 |
| kernel-devel-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 3b67729b3f34138751d34c57c154a325183aea52107e50b48df4e12a6f8ceb5b |
| kernel-doc-4.14.0-115.21.2.el7a.noarch.rpm | SHA-256: 1ab0e12cc59e8ad5aa719d68e6f1e8e3404387548482e2fe1d02752444d56b2a |
| kernel-headers-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 945372b1a92c77e2cb1f0cdd204f30cd4ee52c17fec85ed9416fba670dfb59d6 |
| kernel-kdump-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 4f9d00e6d588d57b052c9e87cdd5f8249335e650af66212ca8d8cf2c0803fc2a |
| kernel-kdump-debuginfo-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: e4b158f08e1bae9a4431371dc66d068e42b1042f53da7492597a627b33816bf0 |
| kernel-kdump-devel-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 8c0075b2bdf8be533ed00200d965eb72583acf9dd5db4efc8fc89a40273b9a1a |
| perf-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 174b26e6675d5c5a776664cfba10fb80793a12e1387c67e179d131ef8a4a7217 |
| perf-debuginfo-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: be62a54959f9413ae22fab9267bf2593ac9a57979ac6d00f9eddb762fe89b1a0 |
| python-perf-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: 1b19650b8df90cda456ef8984f8f5b6f48f01a4c62d5b10f6e3460dcc8e024bd |
| python-perf-debuginfo-4.14.0-115.21.2.el7a.s390x.rpm | SHA-256: cacffdee810e407912e92229d618fd971b1287bf2f9f28690cb7336e3e8be67e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
