Red Hat Product Errata RHSA-2020:2665 - Security Advisory

Issued:: 2020-06-23
Updated:: 2020-06-23

RHSA-2020:2665 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1827198)
kernel-rt: update to the latest RHEL7.8.z source tree (BZ#1844620)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux for Real Time 7 x86_64
Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

BZ - 1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

CVEs

CVE-2020-12888

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1127.13.1.rt56.1110.el7.src.rpm	SHA-256: ad9868a70c65ca76a7ba500e6c0bfc34c42167ba0d5f5c05f85c9bc8aa0f1e1e
x86_64
kernel-rt-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 4a77f29f49269950c7811381b92bdde9f26513ec3fc1c5b1a5cb0a1a3e6da742
kernel-rt-debug-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5e62c2073b92fb4d1ba78de5b9028c061094631e3f8610caa70bcd67ed4a9581
kernel-rt-debug-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 35612a2821d97eccd1ee44073f59432ebb8fe8cdb5aa9fc56454da6c435344c0
kernel-rt-debug-devel-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: d0a8e4f36112e268addc89c77c4f0fc1ee8f82b7699afdd3baf6da5e3aa159a2
kernel-rt-debug-kvm-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5aa6565b2cad1c9f9f30bedcf661ce51154498b56e9394b5a02d58153da51747
kernel-rt-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 8a79f3b5c7056d02246009f484b0d6437937e41f638c2584cef952efd6a8a680
kernel-rt-debuginfo-common-x86_64-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 96d28125a4ecf0d14ad1ef53640e72cef56338e33475a66afb62d63e2e4fcd80
kernel-rt-devel-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 79c34a6705ba3d16201de758109fef49561d29d3b0dbc735b044e19cfee8a327
kernel-rt-doc-3.10.0-1127.13.1.rt56.1110.el7.noarch.rpm	SHA-256: 56ff6da54190efb5fea7a9512825fb9fa31f8aefc1dc7c6fd41fc4a629502b40
kernel-rt-kvm-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 9e0508036595b8c6f9d217f6160465009db7a1a084c066db2d2d1b2700d407f6
kernel-rt-trace-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: e5ef54c0013e1f99f4241f7329b8b5e18d0991aef634e4ee9c754befbbc140ef
kernel-rt-trace-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5438a37f77dd940dc3a3ab88be488ed141ac2a79555697ec2e7afa94fb0bc529
kernel-rt-trace-devel-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 461f2bb0b30dc11b5a252e6644c71cc19def15d1cbf0516535b49dbba4a5f8f2
kernel-rt-trace-kvm-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 8490969635907367cc045a891eeb97b80e613e903a61fa9bfbb513a6eb4fc628

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1127.13.1.rt56.1110.el7.src.rpm	SHA-256: ad9868a70c65ca76a7ba500e6c0bfc34c42167ba0d5f5c05f85c9bc8aa0f1e1e
x86_64
kernel-rt-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 4a77f29f49269950c7811381b92bdde9f26513ec3fc1c5b1a5cb0a1a3e6da742
kernel-rt-debug-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5e62c2073b92fb4d1ba78de5b9028c061094631e3f8610caa70bcd67ed4a9581
kernel-rt-debug-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 35612a2821d97eccd1ee44073f59432ebb8fe8cdb5aa9fc56454da6c435344c0
kernel-rt-debug-devel-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: d0a8e4f36112e268addc89c77c4f0fc1ee8f82b7699afdd3baf6da5e3aa159a2
kernel-rt-debug-kvm-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: d046d9584ff3f4b3ef899ab3be00d1477907a4fb17088120140742ccd1de01c0
kernel-rt-debug-kvm-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5aa6565b2cad1c9f9f30bedcf661ce51154498b56e9394b5a02d58153da51747
kernel-rt-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 8a79f3b5c7056d02246009f484b0d6437937e41f638c2584cef952efd6a8a680
kernel-rt-debuginfo-common-x86_64-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 96d28125a4ecf0d14ad1ef53640e72cef56338e33475a66afb62d63e2e4fcd80
kernel-rt-devel-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 79c34a6705ba3d16201de758109fef49561d29d3b0dbc735b044e19cfee8a327
kernel-rt-doc-3.10.0-1127.13.1.rt56.1110.el7.noarch.rpm	SHA-256: 56ff6da54190efb5fea7a9512825fb9fa31f8aefc1dc7c6fd41fc4a629502b40
kernel-rt-kvm-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: f4534020c04ae3b3d2943b296d792ef1031453bd305476186d987b517e40aba7
kernel-rt-kvm-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 9e0508036595b8c6f9d217f6160465009db7a1a084c066db2d2d1b2700d407f6
kernel-rt-trace-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: e5ef54c0013e1f99f4241f7329b8b5e18d0991aef634e4ee9c754befbbc140ef
kernel-rt-trace-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5438a37f77dd940dc3a3ab88be488ed141ac2a79555697ec2e7afa94fb0bc529
kernel-rt-trace-devel-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 461f2bb0b30dc11b5a252e6644c71cc19def15d1cbf0516535b49dbba4a5f8f2
kernel-rt-trace-kvm-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 5e0c4dd1d76b523042d94a6fe90665957466f9bbfa2a9d76399df103cc36ef8a
kernel-rt-trace-kvm-debuginfo-3.10.0-1127.13.1.rt56.1110.el7.x86_64.rpm	SHA-256: 8490969635907367cc045a891eeb97b80e613e903a61fa9bfbb513a6eb4fc628

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories