Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2020:2854 - Security Advisory
Issued:
2020-07-07
Updated:
2020-07-07

RHSA-2020:2854 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-alt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
  • Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption (CVE-2020-8834)
  • Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)
  • kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)
  • kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
  • kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)
  • kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c (CVE-2019-18808)
  • kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c (CVE-2019-19767)
  • kernel: an out-of-bounds write via crafted keycode table (CVE-2019-20636)
  • kernel: use-after-free read in napi_gro_frags() in the Linux kernel (CVE-2020-10720)
  • kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)
  • kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS (CVE-2019-19062)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • XFS: Metadata corruption detected at xfs_attr3_leaf_read_verify [rhel-alt-7.6.z] (BZ#1830836)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
  • BZ - 1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c
  • BZ - 1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
  • BZ - 1775021 - CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS
  • BZ - 1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
  • BZ - 1781204 - CVE-2020-10720 kernel: use-after-free read in napi_gro_frags() in the Linux kernel
  • BZ - 1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
  • BZ - 1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation
  • BZ - 1819615 - CVE-2020-8834 Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption
  • BZ - 1824059 - CVE-2019-20636 kernel: an out-of-bounds write via crafted keycode table
  • BZ - 1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
  • BZ - 1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

CVEs

  • CVE-2018-16884
  • CVE-2019-9458
  • CVE-2019-11811
  • CVE-2019-15917
  • CVE-2019-18808
  • CVE-2019-19062
  • CVE-2019-19767
  • CVE-2019-20636
  • CVE-2020-8834
  • CVE-2020-10720
  • CVE-2020-11565
  • CVE-2020-12888

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 7

SRPM
kernel-alt-4.14.0-115.26.1.el7a.src.rpm SHA-256: 03a0a1fc52bc921fe6260792df048ab1898cd6e6a394b2d5c0048498bf08504c
aarch64
kernel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 3f04eaffd18a750bf56109ac2ba16439e8544dde9924eafd32173a3ba5329097
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 462612cd4a8e04a0e42cfc9f1acd00f4a8786e18ebf7d15b26ac4e46a17666e6
kernel-debug-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: a8cdeb4cfe0aeabcba9cd6a1a900deb7c9c5d2139dd81282838c8878109c3ffa
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 548026b1d67c8ab7f2d6571aa8641a587bb285da36ecfb7859098f2bc3279d90
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 548026b1d67c8ab7f2d6571aa8641a587bb285da36ecfb7859098f2bc3279d90
kernel-debug-devel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: eadf98302aa1d6cb5c42d3bfc64fcac4cc95913e553c5e73494f49049c082c9f
kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 8c6a21083e2b7d6323b990ddb26e5ac99b19321a4c894aef83004dfb356f0b59
kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 8c6a21083e2b7d6323b990ddb26e5ac99b19321a4c894aef83004dfb356f0b59
kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 96db1e6d780817ae9590a314e20da71bae4243e5f9e9b242b8aa5bdeefd95b90
kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 96db1e6d780817ae9590a314e20da71bae4243e5f9e9b242b8aa5bdeefd95b90
kernel-devel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: d1f5107e716bc0f2e7fec84585e949a4c32fdd0975283a254d0a8b7d3ff27ffb
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-headers-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 270f300d3fa4142ffd9b59eb9112a1e3ba957674e48f6756068b24b7c370db1b
kernel-tools-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 0ee91a42438f24559e701fd6915f846cdcf77dd52c9bbaa7ed09ed07e10a0318
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 35a3ca473a5febde663f57f69924ff01970d4da74553a131e26f0d01ddba5317
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 35a3ca473a5febde663f57f69924ff01970d4da74553a131e26f0d01ddba5317
kernel-tools-libs-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 90378ecadf46f4d3a5f89a03a71ae17df8b2491e0ecd948759330fc47c56d105
kernel-tools-libs-devel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 92968698cc5978c726f349d45f57d36ba0700316e69fe6bc97f10c2a2c8eea57
perf-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: d141f1e9cd52e3ef614a9133e2c779a9567e844afb2550791f27647141249a35
perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 41c46376e628a66a2686041f7ec4f0f12a04a9cfe827ee742ae8b873af15fa6d
perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 41c46376e628a66a2686041f7ec4f0f12a04a9cfe827ee742ae8b873af15fa6d
python-perf-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 550ee19f8da86e48bb99c425cd19f79a3dbc64884db29fb54e5d737042eaf335
python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 352462c45efaea465cbe96c8ea56fbbe2d884611d4d4a54562beca56c5d5bc53
python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 352462c45efaea465cbe96c8ea56fbbe2d884611d4d4a54562beca56c5d5bc53

Red Hat Enterprise Linux for Power 9 7

SRPM
kernel-alt-4.14.0-115.26.1.el7a.src.rpm SHA-256: 03a0a1fc52bc921fe6260792df048ab1898cd6e6a394b2d5c0048498bf08504c
ppc64le
kernel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 77a5d1faf2f7d1baed0d1fa6d1fe119791b2f13874825edd07d6897295e79f21
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 462612cd4a8e04a0e42cfc9f1acd00f4a8786e18ebf7d15b26ac4e46a17666e6
kernel-bootwrapper-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 980eaacb44a3d6723714140d235225377cd9df9e9b003c1177cff7cd4303b657
kernel-debug-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 96c68a0849bbd87acd8efa1dcf7e9115842183b20081b51e5a9b45414844a9b5
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 04d8d67aea7ec7ade30a84638a8199d58a841cb32660e6a76fc798cb9bdc58a9
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 04d8d67aea7ec7ade30a84638a8199d58a841cb32660e6a76fc798cb9bdc58a9
kernel-debug-devel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 9fe95580cf90b1030aeb90ff67604515b765123cddfca191cecff066b16e9b7d
kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 53756744e04b0e00f668ae8f59a208bae3ddadd827ba5f7ae7f0800b9ac38806
kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 53756744e04b0e00f668ae8f59a208bae3ddadd827ba5f7ae7f0800b9ac38806
kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: d69747c7eab1b01aaf75d5d6a2b59b1e1e8d4b50c3fe897fc537582a628d22f7
kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: d69747c7eab1b01aaf75d5d6a2b59b1e1e8d4b50c3fe897fc537582a628d22f7
kernel-devel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: f429d0f518530331f9a17120b765a2953929c942cf5044a6e25cbb4be16e7a41
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-headers-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 587b9499a4dcb40a4fdc51584dc51b5f2921e9c5e9a4e8c5177ba3ab1e4eb5cb
kernel-tools-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: a61c88d47b15c42bb8cd31209c1985ada26d708b3b5a45fe75e83bd964062ace
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: b46e57344fd84436a16c5aba534e129477c9b865737e4d33de6513a37247bac9
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: b46e57344fd84436a16c5aba534e129477c9b865737e4d33de6513a37247bac9
kernel-tools-libs-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 896da04f0da018bb1717c648c39ae538ade68d970e3d9c8d9843f8bca5c8c17a
kernel-tools-libs-devel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: ac39452f50b475c1d85a9d0fd5e471cc27bccdc161d6360f1bb0ae9e2461ad96
perf-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 0c6756834aa1b185d228836e24f349885a671e373a50c0efe2dad259b878f1ec
perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 2d1b66de20dd878c73055745f8f361ee7d968ce8b963cd9343d48e2ba6089661
perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 2d1b66de20dd878c73055745f8f361ee7d968ce8b963cd9343d48e2ba6089661
python-perf-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 234407627b6d2894836715cb7b53f1a342e7118e4c8f6d96897a722cf8ced69a
python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: cbe813bf9c29093e4f93d7945a012ea9bab4afc7a68f37be03f1b177f0bb67df
python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: cbe813bf9c29093e4f93d7945a012ea9bab4afc7a68f37be03f1b177f0bb67df

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
kernel-alt-4.14.0-115.26.1.el7a.src.rpm SHA-256: 03a0a1fc52bc921fe6260792df048ab1898cd6e6a394b2d5c0048498bf08504c
s390x
kernel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 4e61344a28754bd56e8734c0cb3ad0bb324cfdd95924ac48db66e1330c6711e6
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 462612cd4a8e04a0e42cfc9f1acd00f4a8786e18ebf7d15b26ac4e46a17666e6
kernel-debug-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: cb0e2197c380627c135a63af187312e4bbc18603be4ac7330b02284f0645e9a1
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 6d2604cf545f086e66ca48f88291018a71051b469b6e24f5094e8c57ea3cdd74
kernel-debug-devel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: ccc7c3073f4749b190a9391eabeea546bd4b09105d7fbd49eebf4aae33089145
kernel-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 62826d812315ab6b00c7bea3392f90eefc0cdfb5fc89e8a043f6bde45ab9d0f1
kernel-debuginfo-common-s390x-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 37923adf65a7efd160c6d7be026502477d2e100141446add102f0b10ddf54f2a
kernel-devel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e85a19ca0da0e902ede7cdd09bc6d44beb87d0bbc08027cf29680d4efa5b5d6c
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-headers-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e2736a8211fc0225f15a5d893d694f22282104f4bb1b67a75d98e33d58bf5b9c
kernel-kdump-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e0d287b733037eb369ff72cbff0a3564ef995ce3343249115a8dd97f3df8d0e8
kernel-kdump-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: b9d041d5b069b9fb543ed6ca98c2888a1ee6b98fc021400a543c80bced9d98f4
kernel-kdump-devel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e21aa6f151fb86f62013928fd49786a0c8c6156d4589a2cce4947732a0f98698
perf-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: c734082cec7b0ba1d174e004283365d4dcdf90a0c0daea4b34e3b98eb88b9537
perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: c4269aa6619e3baebbd545171ea41759247273ffc942397e06b3945718268ed8
python-perf-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: bacfda03c6b0547ca2f6bec23f1af069d02da632f81a9db89ce6f654ef1d2dca
python-perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 3cc02e1ffe9c07524481e874363ee4d71a8b2c800ae962b4437d311c85caa6f5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter