Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:2854 - Security Advisory
Issued:
2020-07-07
Updated:
2020-07-07

RHSA-2020:2854 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-alt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
  • Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption (CVE-2020-8834)
  • Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)
  • kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)
  • kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
  • kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)
  • kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c (CVE-2019-18808)
  • kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c (CVE-2019-19767)
  • kernel: an out-of-bounds write via crafted keycode table (CVE-2019-20636)
  • kernel: use-after-free read in napi_gro_frags() in the Linux kernel (CVE-2020-10720)
  • kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)
  • kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS (CVE-2019-19062)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • XFS: Metadata corruption detected at xfs_attr3_leaf_read_verify [rhel-alt-7.6.z] (BZ#1830836)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
  • BZ - 1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c
  • BZ - 1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
  • BZ - 1775021 - CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS
  • BZ - 1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
  • BZ - 1781204 - CVE-2020-10720 kernel: use-after-free read in napi_gro_frags() in the Linux kernel
  • BZ - 1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
  • BZ - 1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation
  • BZ - 1819615 - CVE-2020-8834 Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption
  • BZ - 1824059 - CVE-2019-20636 kernel: an out-of-bounds write via crafted keycode table
  • BZ - 1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
  • BZ - 1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

CVEs

  • CVE-2018-16884
  • CVE-2019-9458
  • CVE-2019-11811
  • CVE-2019-15917
  • CVE-2019-18808
  • CVE-2019-19062
  • CVE-2019-19767
  • CVE-2019-20636
  • CVE-2020-8834
  • CVE-2020-10720
  • CVE-2020-11565
  • CVE-2020-12888

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 7

SRPM
kernel-alt-4.14.0-115.26.1.el7a.src.rpm SHA-256: 03a0a1fc52bc921fe6260792df048ab1898cd6e6a394b2d5c0048498bf08504c
aarch64
kernel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 3f04eaffd18a750bf56109ac2ba16439e8544dde9924eafd32173a3ba5329097
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 462612cd4a8e04a0e42cfc9f1acd00f4a8786e18ebf7d15b26ac4e46a17666e6
kernel-debug-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: a8cdeb4cfe0aeabcba9cd6a1a900deb7c9c5d2139dd81282838c8878109c3ffa
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 548026b1d67c8ab7f2d6571aa8641a587bb285da36ecfb7859098f2bc3279d90
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 548026b1d67c8ab7f2d6571aa8641a587bb285da36ecfb7859098f2bc3279d90
kernel-debug-devel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: eadf98302aa1d6cb5c42d3bfc64fcac4cc95913e553c5e73494f49049c082c9f
kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 8c6a21083e2b7d6323b990ddb26e5ac99b19321a4c894aef83004dfb356f0b59
kernel-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 8c6a21083e2b7d6323b990ddb26e5ac99b19321a4c894aef83004dfb356f0b59
kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 96db1e6d780817ae9590a314e20da71bae4243e5f9e9b242b8aa5bdeefd95b90
kernel-debuginfo-common-aarch64-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 96db1e6d780817ae9590a314e20da71bae4243e5f9e9b242b8aa5bdeefd95b90
kernel-devel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: d1f5107e716bc0f2e7fec84585e949a4c32fdd0975283a254d0a8b7d3ff27ffb
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-headers-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 270f300d3fa4142ffd9b59eb9112a1e3ba957674e48f6756068b24b7c370db1b
kernel-tools-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 0ee91a42438f24559e701fd6915f846cdcf77dd52c9bbaa7ed09ed07e10a0318
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 35a3ca473a5febde663f57f69924ff01970d4da74553a131e26f0d01ddba5317
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 35a3ca473a5febde663f57f69924ff01970d4da74553a131e26f0d01ddba5317
kernel-tools-libs-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 90378ecadf46f4d3a5f89a03a71ae17df8b2491e0ecd948759330fc47c56d105
kernel-tools-libs-devel-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 92968698cc5978c726f349d45f57d36ba0700316e69fe6bc97f10c2a2c8eea57
perf-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: d141f1e9cd52e3ef614a9133e2c779a9567e844afb2550791f27647141249a35
perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 41c46376e628a66a2686041f7ec4f0f12a04a9cfe827ee742ae8b873af15fa6d
perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 41c46376e628a66a2686041f7ec4f0f12a04a9cfe827ee742ae8b873af15fa6d
python-perf-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 550ee19f8da86e48bb99c425cd19f79a3dbc64884db29fb54e5d737042eaf335
python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 352462c45efaea465cbe96c8ea56fbbe2d884611d4d4a54562beca56c5d5bc53
python-perf-debuginfo-4.14.0-115.26.1.el7a.aarch64.rpm SHA-256: 352462c45efaea465cbe96c8ea56fbbe2d884611d4d4a54562beca56c5d5bc53

Red Hat Enterprise Linux for Power 9 7

SRPM
kernel-alt-4.14.0-115.26.1.el7a.src.rpm SHA-256: 03a0a1fc52bc921fe6260792df048ab1898cd6e6a394b2d5c0048498bf08504c
ppc64le
kernel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 77a5d1faf2f7d1baed0d1fa6d1fe119791b2f13874825edd07d6897295e79f21
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 462612cd4a8e04a0e42cfc9f1acd00f4a8786e18ebf7d15b26ac4e46a17666e6
kernel-bootwrapper-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 980eaacb44a3d6723714140d235225377cd9df9e9b003c1177cff7cd4303b657
kernel-debug-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 96c68a0849bbd87acd8efa1dcf7e9115842183b20081b51e5a9b45414844a9b5
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 04d8d67aea7ec7ade30a84638a8199d58a841cb32660e6a76fc798cb9bdc58a9
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 04d8d67aea7ec7ade30a84638a8199d58a841cb32660e6a76fc798cb9bdc58a9
kernel-debug-devel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 9fe95580cf90b1030aeb90ff67604515b765123cddfca191cecff066b16e9b7d
kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 53756744e04b0e00f668ae8f59a208bae3ddadd827ba5f7ae7f0800b9ac38806
kernel-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 53756744e04b0e00f668ae8f59a208bae3ddadd827ba5f7ae7f0800b9ac38806
kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: d69747c7eab1b01aaf75d5d6a2b59b1e1e8d4b50c3fe897fc537582a628d22f7
kernel-debuginfo-common-ppc64le-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: d69747c7eab1b01aaf75d5d6a2b59b1e1e8d4b50c3fe897fc537582a628d22f7
kernel-devel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: f429d0f518530331f9a17120b765a2953929c942cf5044a6e25cbb4be16e7a41
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-headers-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 587b9499a4dcb40a4fdc51584dc51b5f2921e9c5e9a4e8c5177ba3ab1e4eb5cb
kernel-tools-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: a61c88d47b15c42bb8cd31209c1985ada26d708b3b5a45fe75e83bd964062ace
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: b46e57344fd84436a16c5aba534e129477c9b865737e4d33de6513a37247bac9
kernel-tools-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: b46e57344fd84436a16c5aba534e129477c9b865737e4d33de6513a37247bac9
kernel-tools-libs-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 896da04f0da018bb1717c648c39ae538ade68d970e3d9c8d9843f8bca5c8c17a
kernel-tools-libs-devel-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: ac39452f50b475c1d85a9d0fd5e471cc27bccdc161d6360f1bb0ae9e2461ad96
perf-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 0c6756834aa1b185d228836e24f349885a671e373a50c0efe2dad259b878f1ec
perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 2d1b66de20dd878c73055745f8f361ee7d968ce8b963cd9343d48e2ba6089661
perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 2d1b66de20dd878c73055745f8f361ee7d968ce8b963cd9343d48e2ba6089661
python-perf-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: 234407627b6d2894836715cb7b53f1a342e7118e4c8f6d96897a722cf8ced69a
python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: cbe813bf9c29093e4f93d7945a012ea9bab4afc7a68f37be03f1b177f0bb67df
python-perf-debuginfo-4.14.0-115.26.1.el7a.ppc64le.rpm SHA-256: cbe813bf9c29093e4f93d7945a012ea9bab4afc7a68f37be03f1b177f0bb67df

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
kernel-alt-4.14.0-115.26.1.el7a.src.rpm SHA-256: 03a0a1fc52bc921fe6260792df048ab1898cd6e6a394b2d5c0048498bf08504c
s390x
kernel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 4e61344a28754bd56e8734c0cb3ad0bb324cfdd95924ac48db66e1330c6711e6
kernel-abi-whitelists-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 462612cd4a8e04a0e42cfc9f1acd00f4a8786e18ebf7d15b26ac4e46a17666e6
kernel-debug-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: cb0e2197c380627c135a63af187312e4bbc18603be4ac7330b02284f0645e9a1
kernel-debug-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 6d2604cf545f086e66ca48f88291018a71051b469b6e24f5094e8c57ea3cdd74
kernel-debug-devel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: ccc7c3073f4749b190a9391eabeea546bd4b09105d7fbd49eebf4aae33089145
kernel-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 62826d812315ab6b00c7bea3392f90eefc0cdfb5fc89e8a043f6bde45ab9d0f1
kernel-debuginfo-common-s390x-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 37923adf65a7efd160c6d7be026502477d2e100141446add102f0b10ddf54f2a
kernel-devel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e85a19ca0da0e902ede7cdd09bc6d44beb87d0bbc08027cf29680d4efa5b5d6c
kernel-doc-4.14.0-115.26.1.el7a.noarch.rpm SHA-256: 85cf6595d4c42fffeed55ebccf097cc553b637a1386c3806c5409ffd7df7d820
kernel-headers-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e2736a8211fc0225f15a5d893d694f22282104f4bb1b67a75d98e33d58bf5b9c
kernel-kdump-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e0d287b733037eb369ff72cbff0a3564ef995ce3343249115a8dd97f3df8d0e8
kernel-kdump-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: b9d041d5b069b9fb543ed6ca98c2888a1ee6b98fc021400a543c80bced9d98f4
kernel-kdump-devel-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: e21aa6f151fb86f62013928fd49786a0c8c6156d4589a2cce4947732a0f98698
perf-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: c734082cec7b0ba1d174e004283365d4dcdf90a0c0daea4b34e3b98eb88b9537
perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: c4269aa6619e3baebbd545171ea41759247273ffc942397e06b3945718268ed8
python-perf-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: bacfda03c6b0547ca2f6bec23f1af069d02da632f81a9db89ce6f654ef1d2dca
python-perf-debuginfo-4.14.0-115.26.1.el7a.s390x.rpm SHA-256: 3cc02e1ffe9c07524481e874363ee4d71a8b2c800ae962b4437d311c85caa6f5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility