Issued:
2020-11-04
Updated:
2020-11-04

RHSA-2020:4686 - Security Advisory

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events (CVE-2020-24490)
  • kernel: Red Hat only CVE-2020-12351 regression (CVE-2020-25661)
  • kernel: Red Hat only CVE-2020-12352 regression (CVE-2020-25662)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 1888449 - CVE-2020-24490 kernel: net: bluetooth: heap buffer overflow when processing extended advertising report events
  • BZ - 1891483 - CVE-2020-25661 kernel: Red Hat only CVE-2020-12351 regression
  • BZ - 1891484 - CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-240.1.1.rt7.55.el8_3.src.rpm SHA-256: 9cb303e77e1772291ad922a1ca8dad30936839a333a7ff02e73d5d5c8bc1c1f3
x86_64
kernel-rt-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 1f417c8065f8b3e220852a5d4f9520a5d9b27b4f53436a1e57846ccb1b50b7c8
kernel-rt-core-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 49a814c22516462d2f9566e8b376d874f436daf979565a9397076223e2a7b93e
kernel-rt-debug-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 5bcd42063002c80826c9c4d9487ee7a14bce3e4ef5327aa125e0855227f43e4d
kernel-rt-debug-core-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 88f2e556075bb40205803f4f61a69dc55dd84e16a369fcce369c8fa811f35b42
kernel-rt-debug-debuginfo-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 05c1c892bf63b9695e0ffdca57aafc652001bd20c8910c8df8d2f99d79d38a86
kernel-rt-debug-devel-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 7cbe850c707378d8ae6c3b9f45ddb9350c4738c94d3e7e79173efa1d82f57090
kernel-rt-debug-modules-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: c160cf83a6f10d3c463882ffeee678c0cf1c9b944ccf963d9b67ed053c63270e
kernel-rt-debug-modules-extra-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 2b96fe6f8b63404d87ae26f4aa1fad79599eab946a2d9c8fb815e2ab5849a323
kernel-rt-debuginfo-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: ebe83b067c9b73d4634c8c6005717aa604e9ce0b351287eaee8a753f37897f6e
kernel-rt-debuginfo-common-x86_64-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: c05f4c4e30849f6851f4a6c93eb086667292a3d82941eedf59f5ab2a492726ea
kernel-rt-devel-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 31773a8192c63ff33c6c2809c0fa33e215716be68c2ba7389164e350ded20e13
kernel-rt-modules-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 5a895243fb672f771df3f79bd6b63fc8d0f4d25448d52f0c2ae7d3023019371d
kernel-rt-modules-extra-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 194851559e6b76a1560c52bed15d119135a4902b4c2606bde94b1b9ba609d3d8

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-240.1.1.rt7.55.el8_3.src.rpm SHA-256: 9cb303e77e1772291ad922a1ca8dad30936839a333a7ff02e73d5d5c8bc1c1f3
x86_64
kernel-rt-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 1f417c8065f8b3e220852a5d4f9520a5d9b27b4f53436a1e57846ccb1b50b7c8
kernel-rt-core-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 49a814c22516462d2f9566e8b376d874f436daf979565a9397076223e2a7b93e
kernel-rt-debug-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 5bcd42063002c80826c9c4d9487ee7a14bce3e4ef5327aa125e0855227f43e4d
kernel-rt-debug-core-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 88f2e556075bb40205803f4f61a69dc55dd84e16a369fcce369c8fa811f35b42
kernel-rt-debug-debuginfo-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 05c1c892bf63b9695e0ffdca57aafc652001bd20c8910c8df8d2f99d79d38a86
kernel-rt-debug-devel-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 7cbe850c707378d8ae6c3b9f45ddb9350c4738c94d3e7e79173efa1d82f57090
kernel-rt-debug-kvm-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 2215102c60026d1df112c251f4df9a3d684ce425f11f91145cd8495251aba68d
kernel-rt-debug-modules-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: c160cf83a6f10d3c463882ffeee678c0cf1c9b944ccf963d9b67ed053c63270e
kernel-rt-debug-modules-extra-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 2b96fe6f8b63404d87ae26f4aa1fad79599eab946a2d9c8fb815e2ab5849a323
kernel-rt-debuginfo-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: ebe83b067c9b73d4634c8c6005717aa604e9ce0b351287eaee8a753f37897f6e
kernel-rt-debuginfo-common-x86_64-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: c05f4c4e30849f6851f4a6c93eb086667292a3d82941eedf59f5ab2a492726ea
kernel-rt-devel-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 31773a8192c63ff33c6c2809c0fa33e215716be68c2ba7389164e350ded20e13
kernel-rt-kvm-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 0e20380dacc88b30e250265b5ebe4070e910a17eac102a461417cd8ab37ba8ea
kernel-rt-modules-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 5a895243fb672f771df3f79bd6b63fc8d0f4d25448d52f0c2ae7d3023019371d
kernel-rt-modules-extra-4.18.0-240.1.1.rt7.55.el8_3.x86_64.rpm SHA-256: 194851559e6b76a1560c52bed15d119135a4902b4c2606bde94b1b9ba609d3d8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.