Red Hat Product Errata RHSA-2020:5050 - Security Advisory

Issued:: 2020-11-10
Updated:: 2020-11-10

RHSA-2020:5050 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 1874800 - CVE-2020-14385 kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt

CVEs

CVE-2020-14385

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
kpatch-patch-3_10_0-1160-1-1.el7.src.rpm	SHA-256: f9ad8d2127ffc83de21acad07d8d1f9f5a8a37fc9d74fb3226e6b99674106991
kpatch-patch-3_10_0-1160_2_1-1-1.el7.src.rpm	SHA-256: 73ce207f11ceb53ea2195609b0a0ebd31eb3923902ca123d47e7182d851b88ff
kpatch-patch-3_10_0-1160_2_2-1-1.el7.src.rpm	SHA-256: 1d4c4a927ffdda7b98b399082ae8464e5f3f184d0ef72838edf9df492060a751
kpatch-patch-3_10_0-1160_6_1-1-1.el7.src.rpm	SHA-256: 9c37dfa91b471e6294111c522876dfd97a0c94f2d10e1122c2861f9d46a7c907
x86_64
kpatch-patch-3_10_0-1160-1-1.el7.x86_64.rpm	SHA-256: ff24a5217571861046d2e15b409a36f802ec6e4eff34c756c67963a0b19cba3c
kpatch-patch-3_10_0-1160-debuginfo-1-1.el7.x86_64.rpm	SHA-256: 6b20e259a06501548f68f5448c89cfc8b47ae9d1bd58eca16de4a47f2bb85ca7
kpatch-patch-3_10_0-1160_2_1-1-1.el7.x86_64.rpm	SHA-256: ecd149f0bbde82407b80683a2fdc533fd809d2d75263ed0c0286bb6f48199cea
kpatch-patch-3_10_0-1160_2_1-debuginfo-1-1.el7.x86_64.rpm	SHA-256: 7b04954d5ac055a86769ebdd54d26d4ceedb1f70f97d0b669795d9bd3d741742
kpatch-patch-3_10_0-1160_2_2-1-1.el7.x86_64.rpm	SHA-256: 87b73ad27ae1f51aca977ea649510e7d7bb237a11f8bbcc76e56ad19b803fd3e
kpatch-patch-3_10_0-1160_2_2-debuginfo-1-1.el7.x86_64.rpm	SHA-256: 06760fe77e3fc590beb18758920a028981534265ec4ecdef7f6f22a7c7be7ae4
kpatch-patch-3_10_0-1160_6_1-1-1.el7.x86_64.rpm	SHA-256: 01cf6ddff90b3784492ea12b5e009e7666259c7e298634d25d5e4f5d83c4e900
kpatch-patch-3_10_0-1160_6_1-debuginfo-1-1.el7.x86_64.rpm	SHA-256: a0198aef1299ae7210d44abb912f0175d66157e348acd8996707ddbcc4396785

Red Hat Enterprise Linux for Power, little endian 7

SRPM
kpatch-patch-3_10_0-1160-1-1.el7.src.rpm	SHA-256: f9ad8d2127ffc83de21acad07d8d1f9f5a8a37fc9d74fb3226e6b99674106991
kpatch-patch-3_10_0-1160_2_1-1-1.el7.src.rpm	SHA-256: 73ce207f11ceb53ea2195609b0a0ebd31eb3923902ca123d47e7182d851b88ff
kpatch-patch-3_10_0-1160_2_2-1-1.el7.src.rpm	SHA-256: 1d4c4a927ffdda7b98b399082ae8464e5f3f184d0ef72838edf9df492060a751
kpatch-patch-3_10_0-1160_6_1-1-1.el7.src.rpm	SHA-256: 9c37dfa91b471e6294111c522876dfd97a0c94f2d10e1122c2861f9d46a7c907
ppc64le
kpatch-patch-3_10_0-1160-1-1.el7.ppc64le.rpm	SHA-256: b2ae0b2a86e9661a4ef14d8b64dca4771d4e43c0a30f1bbee5af30443c1971d0
kpatch-patch-3_10_0-1160-debuginfo-1-1.el7.ppc64le.rpm	SHA-256: 104884c0b6af548b52edde8090d3f7b37eec91bf710f8afa99dc68c195a9b6b3
kpatch-patch-3_10_0-1160_2_1-1-1.el7.ppc64le.rpm	SHA-256: cf864901e4c5282dfd7bcc0b399f1f8c537c1ce56440207fd268a74cb4838075
kpatch-patch-3_10_0-1160_2_1-debuginfo-1-1.el7.ppc64le.rpm	SHA-256: a3e94545f37067d0ff85264f42c83e62ce7c8a628f2397ea816ce17f9a014711
kpatch-patch-3_10_0-1160_2_2-1-1.el7.ppc64le.rpm	SHA-256: 65b32f950b7bb3017bd834cc14d620a6d34569726f3ff9290bed5a7108fe9654
kpatch-patch-3_10_0-1160_2_2-debuginfo-1-1.el7.ppc64le.rpm	SHA-256: fa5b73d6fd2be1d722bed6223c7fb0c65eeb319601fc12d87b6e189492165a69
kpatch-patch-3_10_0-1160_6_1-1-1.el7.ppc64le.rpm	SHA-256: 6d4d007286f53194161aebd5f19cd0d50884595be3c76094f48f8c89b9c4f0fd
kpatch-patch-3_10_0-1160_6_1-debuginfo-1-1.el7.ppc64le.rpm	SHA-256: 414ece1855fba9eaa01f42821e34457a761b799ee74a8b632c895d1fcfed8a26

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories