8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
56.1%
CentOS Errata and Security Advisory CESA-2020:3220
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757)
kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)
kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)
kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
RHEL7.7 - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (BZ#1830889)
[DELL EMC 7.8 BUG bnxt_en] Error messages related to hwrm observed for BCM 57504 under dmesg in RHEL 7.8 (BZ#1834190)
kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837429)
RHEL7.7 - Request: retrofit kernel commit f82b4b6 to RHEL 7.7/7.8 3.10 kernels. (BZ#1838602)
kipmi thread high CPU consumption when performing BMC firmware upgrade (BZ#1841825)
RHEL7.7 - virtio-blk: fix hw_queue stopped on arbitrary error (kvm) (BZ#1842994)
rhel 7 infinite blocked waiting on inode_dio_wait in nfs (BZ#1845520)
http request is taking more time for endpoint running on different host via nodeport service (BZ#1847333)
ext4: change LRU to round-robin in extent status tree shrinker (BZ#1847343)
libaio is returning duplicate events (BZ#1850055)
After upgrade to 3.9.89 pod containers with CPU limits fail to start due to cgroup error (BZ#1850500)
Fix dpdk regression introduced by bz1837297 (BZ#1852245)
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2020-July/085904.html
Affected packages:
bpftool
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-tools
kernel-tools-libs
kernel-tools-libs-devel
perf
python-perf
Upstream details at:
https://access.redhat.com/errata/RHSA-2020:3220
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | x86_64 | bpftool | < 3.10.0-1127.18.2.el7 | bpftool-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel | < 3.10.0-1127.18.2.el7 | kernel-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | noarch | kernel-abi-whitelists | < 3.10.0-1127.18.2.el7 | kernel-abi-whitelists-3.10.0-1127.18.2.el7.noarch.rpm |
CentOS | 7 | x86_64 | kernel-debug | < 3.10.0-1127.18.2.el7 | kernel-debug-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-debug-devel | < 3.10.0-1127.18.2.el7 | kernel-debug-devel-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-devel | < 3.10.0-1127.18.2.el7 | kernel-devel-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | noarch | kernel-doc | < 3.10.0-1127.18.2.el7 | kernel-doc-3.10.0-1127.18.2.el7.noarch.rpm |
CentOS | 7 | x86_64 | kernel-headers | < 3.10.0-1127.18.2.el7 | kernel-headers-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools | < 3.10.0-1127.18.2.el7 | kernel-tools-3.10.0-1127.18.2.el7.x86_64.rpm |
CentOS | 7 | x86_64 | kernel-tools-libs | < 3.10.0-1127.18.2.el7 | kernel-tools-libs-3.10.0-1127.18.2.el7.x86_64.rpm |
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
56.1%