Issued:
2020-05-26
Updated:
2020-05-26

RHSA-2020:2285 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (CVE-2017-18595)
  • kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)
  • Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.2 x86_64

Fixes

  • BZ - 1758671 - CVE-2017-18595 kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
  • BZ - 1786164 - CVE-2019-19768 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c
  • BZ - 1825116 - CVE-2020-10711 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
kernel-3.10.0-327.88.1.el7.src.rpm SHA-256: a8f7c4a5e5094f1c80b821ffbfc1437de3fffa4def4774cf3eb26ab2bad49631
x86_64
kernel-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: a8a6fd01581141016fcf202347cfc139546d1c977fca36fe1f655231fd6794d5
kernel-abi-whitelists-3.10.0-327.88.1.el7.noarch.rpm SHA-256: edbe1e0b41e33741f0ee251e94825d29ba3bcf847b9047e34cce48ac3bced408
kernel-debug-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: a46911ccf326eb23d4ef4f94bf304f8258963bd0155c874dd15a63965c546a62
kernel-debug-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 081ae169b116362e21cd231df8c873e022d438abe1e5b4553d43c594fc2ad5b4
kernel-debug-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 081ae169b116362e21cd231df8c873e022d438abe1e5b4553d43c594fc2ad5b4
kernel-debug-devel-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 6acc238732ba01aab196a9392732cd7cfcd50a52be953e00c495bc3389699be8
kernel-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 04082b3625fbae8b44481356d2ba6c2903f790ecba7b6d40f473e84d1a405e5e
kernel-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 04082b3625fbae8b44481356d2ba6c2903f790ecba7b6d40f473e84d1a405e5e
kernel-debuginfo-common-x86_64-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 4d588dca7d22334169c8e3e2b6f1d89ae9e54f555166c809d69b2c0a9ecca4ce
kernel-debuginfo-common-x86_64-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 4d588dca7d22334169c8e3e2b6f1d89ae9e54f555166c809d69b2c0a9ecca4ce
kernel-devel-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: b5ef0a231897b2aefeba10b5f341fc5e57a48dfb4cf9c46bfdb8623d864bfd3c
kernel-doc-3.10.0-327.88.1.el7.noarch.rpm SHA-256: 1651038cd37ef50b5b8e696e085e1784e1ef59b0e1b6c3c826bbb1e16cb7f854
kernel-headers-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: ee9bb9e56c3f456534deb967a7f59323f07aa6306b551e30a5e28ab4724cf4fd
kernel-tools-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 178d210ac74956ec48bb8f46cc0ee65d3416a0634c1718dea21f34cf29905b25
kernel-tools-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 32bd58eb4a0b0ca81ab8abf2f223f7a25f0c2441162eb2f236b123cdfa720bb2
kernel-tools-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 32bd58eb4a0b0ca81ab8abf2f223f7a25f0c2441162eb2f236b123cdfa720bb2
kernel-tools-libs-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: ad9ff6a783cb78c43fdd6122ce742bb481607821f43c1cb3e2fe46af1547d74a
kernel-tools-libs-devel-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 5268d33d32fbe9c38b9bb33644af0ed48fd5119d73e27efc59f46ccdff86f41d
perf-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 93c281878852e45844b6b2dc61117f6f063c00d1e65bcf1c884577d5974778d7
perf-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: c71055d97045393421ccb68f5c32b77b45e7b501fb272446144d284ca50c3dcb
perf-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: c71055d97045393421ccb68f5c32b77b45e7b501fb272446144d284ca50c3dcb
python-perf-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: 0990d063b462be433110a23f8d769d013353eb62d59dc2980341b581281569d3
python-perf-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: ad9928735d351bc2a328417314c29ea73717114eecc2b07eae82267a9c4c5995
python-perf-debuginfo-3.10.0-327.88.1.el7.x86_64.rpm SHA-256: ad9928735d351bc2a328417314c29ea73717114eecc2b07eae82267a9c4c5995

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.