kernel, perf, python security update

2019-09-17T22:02:45
ID CESA-2019:2736
Type centos
Reporter CentOS Project
Modified 2019-09-17T22:02:45

Description

CentOS Errata and Security Advisory CESA-2019:2736

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)

  • kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • fragmented packets timing out (BZ#1728931)

  • Backport TCP follow-up for small buffers (BZ#1732107)

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2019-September/035447.html

Affected packages: kernel kernel-abi-whitelists kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers perf python-perf

Upstream details at: