Red Hat Product Errata RHSA-2020:3230 - Security Advisory

Issued:: 2020-07-29
Updated:: 2020-07-29

RHSA-2020:3230 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837426)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Red Hat Enterprise Linux Server - TUS 7.4 x86_64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64

Fixes

BZ - 1703063 - CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues.
BZ - 1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

CVEs

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
kernel-3.10.0-693.71.2.el7.src.rpm	SHA-256: 2380efb53e532c1a9e873fabd9c8ae2d40c4749e8b48297900f010e48dce568b
x86_64
kernel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: c1261d6fa77288c9d7c2bc50bb4ba3cd1dfd1952bfef4dfce7bfa257443da422
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: 7e3dac8819e47a83f69b46d4d93e823793ebf53226e43d811baf403e50631d6c
kernel-debug-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5b3700fecf5b5aabca38a587d91e5f208188a881784cd0ec11dd9e7758004086
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 86356b144fe04270d284557d64922b31ac3a7be6fe95e76d7f7f9a0f43381656
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 86356b144fe04270d284557d64922b31ac3a7be6fe95e76d7f7f9a0f43381656
kernel-debug-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: bbb1c785af3d1958d5ba3df59bfc00e8a7e11d9c5d2865e5b039a371f9b9827e
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 4d558db8b4320e10c71644d361a94daddcbc960bc120fa1b26176bd6537e2030
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 4d558db8b4320e10c71644d361a94daddcbc960bc120fa1b26176bd6537e2030
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 2298cceeb54aa7e6330c462711ade677f43d9044d5e450b135ea7fab80e35880
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 2298cceeb54aa7e6330c462711ade677f43d9044d5e450b135ea7fab80e35880
kernel-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: b0e052a9a31a3cf94cfb0206880a3597210faecafcfb26f9c57a53cbca405a50
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: a8a6de614374ca551e88bf7083ea87a818669231b8b90bf365b77f5997ad9608
kernel-headers-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: fffcd617fa7fd1747ab2423fc98413d8deed0079d1f827258373fd0217fd1e68
kernel-tools-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 1c05599cd8540bb487f9ffc70319a7e777830a1960f73cb23ce9c2682f790018
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6223cf450019b58f975891a0b3132e2265af59d5195246e4c70759c8e13847e9
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6223cf450019b58f975891a0b3132e2265af59d5195246e4c70759c8e13847e9
kernel-tools-libs-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6e9e605a475106f208c184dc2d93a56c5341da1bc6330a6bada44c86597063d6
kernel-tools-libs-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: b57cb40180164dffc00deca0d82671844a49d2acfd98d4fcd0cc930216a4d2df
perf-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 7b12024c28a0cf83ed5b6eba0514c552fc051c83bdddb86053ebd77cb633ac79
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5258e885dec765970e55e38fe4f4aa01bc7b3bea619df1b9309b0b3fa5708d32
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5258e885dec765970e55e38fe4f4aa01bc7b3bea619df1b9309b0b3fa5708d32
python-perf-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 52bd34b6f6ada904b6a7530c53a80b561f3265ea5e9cb9415be84f5df5c8f79f
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 43f10e4eac46d1d9d14a6cce5103ad268697bfa3d0b5d01c271eb49fbded076d
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 43f10e4eac46d1d9d14a6cce5103ad268697bfa3d0b5d01c271eb49fbded076d

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
kernel-3.10.0-693.71.2.el7.src.rpm	SHA-256: 2380efb53e532c1a9e873fabd9c8ae2d40c4749e8b48297900f010e48dce568b
x86_64
kernel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: c1261d6fa77288c9d7c2bc50bb4ba3cd1dfd1952bfef4dfce7bfa257443da422
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: 7e3dac8819e47a83f69b46d4d93e823793ebf53226e43d811baf403e50631d6c
kernel-debug-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5b3700fecf5b5aabca38a587d91e5f208188a881784cd0ec11dd9e7758004086
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 86356b144fe04270d284557d64922b31ac3a7be6fe95e76d7f7f9a0f43381656
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 86356b144fe04270d284557d64922b31ac3a7be6fe95e76d7f7f9a0f43381656
kernel-debug-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: bbb1c785af3d1958d5ba3df59bfc00e8a7e11d9c5d2865e5b039a371f9b9827e
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 4d558db8b4320e10c71644d361a94daddcbc960bc120fa1b26176bd6537e2030
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 4d558db8b4320e10c71644d361a94daddcbc960bc120fa1b26176bd6537e2030
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 2298cceeb54aa7e6330c462711ade677f43d9044d5e450b135ea7fab80e35880
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 2298cceeb54aa7e6330c462711ade677f43d9044d5e450b135ea7fab80e35880
kernel-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: b0e052a9a31a3cf94cfb0206880a3597210faecafcfb26f9c57a53cbca405a50
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: a8a6de614374ca551e88bf7083ea87a818669231b8b90bf365b77f5997ad9608
kernel-headers-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: fffcd617fa7fd1747ab2423fc98413d8deed0079d1f827258373fd0217fd1e68
kernel-tools-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 1c05599cd8540bb487f9ffc70319a7e777830a1960f73cb23ce9c2682f790018
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6223cf450019b58f975891a0b3132e2265af59d5195246e4c70759c8e13847e9
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6223cf450019b58f975891a0b3132e2265af59d5195246e4c70759c8e13847e9
kernel-tools-libs-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6e9e605a475106f208c184dc2d93a56c5341da1bc6330a6bada44c86597063d6
kernel-tools-libs-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: b57cb40180164dffc00deca0d82671844a49d2acfd98d4fcd0cc930216a4d2df
perf-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 7b12024c28a0cf83ed5b6eba0514c552fc051c83bdddb86053ebd77cb633ac79
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5258e885dec765970e55e38fe4f4aa01bc7b3bea619df1b9309b0b3fa5708d32
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5258e885dec765970e55e38fe4f4aa01bc7b3bea619df1b9309b0b3fa5708d32
python-perf-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 52bd34b6f6ada904b6a7530c53a80b561f3265ea5e9cb9415be84f5df5c8f79f
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 43f10e4eac46d1d9d14a6cce5103ad268697bfa3d0b5d01c271eb49fbded076d
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 43f10e4eac46d1d9d14a6cce5103ad268697bfa3d0b5d01c271eb49fbded076d

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4

SRPM
kernel-3.10.0-693.71.2.el7.src.rpm	SHA-256: 2380efb53e532c1a9e873fabd9c8ae2d40c4749e8b48297900f010e48dce568b
ppc64le
kernel-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: f2552aa0f5a0e7dac376a57d10e58acb9354ec3bae9b9495b7b9c54cd1112765
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: 7e3dac8819e47a83f69b46d4d93e823793ebf53226e43d811baf403e50631d6c
kernel-bootwrapper-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 1dda3eb6974a8a9b1ef27c575e1c4211768b24e0bc380062eba853fa404fcdd6
kernel-debug-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: a00d79c32985c5f1486ca8cd7cd562c5a28997a9d226143cd4f0e8c92615c2fc
kernel-debug-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 04d87a74b99180886ed94abdc8d5a431031c2397b6f2e5d6fd749ae671831cc6
kernel-debug-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 04d87a74b99180886ed94abdc8d5a431031c2397b6f2e5d6fd749ae671831cc6
kernel-debug-devel-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 05bf16ad8b64771c981cea2ce2633155770086699d33362d81d6372d5d8a0082
kernel-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: d2653706dd4e75a40f1d88516e7e534c7e8b011b26f749fa24ed50a097d2a5a4
kernel-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: d2653706dd4e75a40f1d88516e7e534c7e8b011b26f749fa24ed50a097d2a5a4
kernel-debuginfo-common-ppc64le-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: c7c502d19f69e2515e5719d82f47dc328327c26fd2a409e5da406426032d1f81
kernel-debuginfo-common-ppc64le-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: c7c502d19f69e2515e5719d82f47dc328327c26fd2a409e5da406426032d1f81
kernel-devel-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 77a6a7477287696c5242f6ba1f7131a5d3752e8d2092c948fa757c5c40701e67
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: a8a6de614374ca551e88bf7083ea87a818669231b8b90bf365b77f5997ad9608
kernel-headers-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 851958eda0172ad6a358184fda0406ff9917522045392ea1dc0910f989b43608
kernel-tools-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 324f6946b32c95d9e7fc33acd536296800b00697cbef1349395e78a8854a002b
kernel-tools-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 523bca2ad13773624690e6eb087d47514fc6601d408698083d0ce500441b058e
kernel-tools-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 523bca2ad13773624690e6eb087d47514fc6601d408698083d0ce500441b058e
kernel-tools-libs-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 2cefcc313bdd4086de4b66bd8c1db457829e3e47332eac6963c8563e05e3c8b3
kernel-tools-libs-devel-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 42181281b3635b930b572f8733479450dcdbec075999fbdfba865652f89e7fb0
perf-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: e9155682b5ffa39cf4e70af5dfa4aa23b87b1e45e7c3462057b8539ca00249cc
perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: d259d00c20061abb6fae971abab45bece04b935cc17b83d2fbe1fc07896b3c04
perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: d259d00c20061abb6fae971abab45bece04b935cc17b83d2fbe1fc07896b3c04
python-perf-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 8d5a147538200605bb518cfe78e49e1ef66079903babcaa6996a84c468814477
python-perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 7d975423c504a73400e220edc6e190ac61f28396114702073cded4615000d2a3
python-perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm	SHA-256: 7d975423c504a73400e220edc6e190ac61f28396114702073cded4615000d2a3

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4

SRPM
kernel-3.10.0-693.71.2.el7.src.rpm	SHA-256: 2380efb53e532c1a9e873fabd9c8ae2d40c4749e8b48297900f010e48dce568b
x86_64
kernel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: c1261d6fa77288c9d7c2bc50bb4ba3cd1dfd1952bfef4dfce7bfa257443da422
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: 7e3dac8819e47a83f69b46d4d93e823793ebf53226e43d811baf403e50631d6c
kernel-debug-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5b3700fecf5b5aabca38a587d91e5f208188a881784cd0ec11dd9e7758004086
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 86356b144fe04270d284557d64922b31ac3a7be6fe95e76d7f7f9a0f43381656
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 86356b144fe04270d284557d64922b31ac3a7be6fe95e76d7f7f9a0f43381656
kernel-debug-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: bbb1c785af3d1958d5ba3df59bfc00e8a7e11d9c5d2865e5b039a371f9b9827e
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 4d558db8b4320e10c71644d361a94daddcbc960bc120fa1b26176bd6537e2030
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 4d558db8b4320e10c71644d361a94daddcbc960bc120fa1b26176bd6537e2030
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 2298cceeb54aa7e6330c462711ade677f43d9044d5e450b135ea7fab80e35880
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 2298cceeb54aa7e6330c462711ade677f43d9044d5e450b135ea7fab80e35880
kernel-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: b0e052a9a31a3cf94cfb0206880a3597210faecafcfb26f9c57a53cbca405a50
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm	SHA-256: a8a6de614374ca551e88bf7083ea87a818669231b8b90bf365b77f5997ad9608
kernel-headers-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: fffcd617fa7fd1747ab2423fc98413d8deed0079d1f827258373fd0217fd1e68
kernel-tools-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 1c05599cd8540bb487f9ffc70319a7e777830a1960f73cb23ce9c2682f790018
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6223cf450019b58f975891a0b3132e2265af59d5195246e4c70759c8e13847e9
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6223cf450019b58f975891a0b3132e2265af59d5195246e4c70759c8e13847e9
kernel-tools-libs-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 6e9e605a475106f208c184dc2d93a56c5341da1bc6330a6bada44c86597063d6
kernel-tools-libs-devel-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: b57cb40180164dffc00deca0d82671844a49d2acfd98d4fcd0cc930216a4d2df
perf-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 7b12024c28a0cf83ed5b6eba0514c552fc051c83bdddb86053ebd77cb633ac79
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5258e885dec765970e55e38fe4f4aa01bc7b3bea619df1b9309b0b3fa5708d32
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 5258e885dec765970e55e38fe4f4aa01bc7b3bea619df1b9309b0b3fa5708d32
python-perf-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 52bd34b6f6ada904b6a7530c53a80b561f3265ea5e9cb9415be84f5df5c8f79f
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 43f10e4eac46d1d9d14a6cce5103ad268697bfa3d0b5d01c271eb49fbded076d
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm	SHA-256: 43f10e4eac46d1d9d14a6cce5103ad268697bfa3d0b5d01c271eb49fbded076d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories