RedHatRHSA-2019:2703(RHSA-2019:2703) Important: kernel security and bug fix update
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
79.8%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
-
Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS (CVE-2019-3887)
-
kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)
-
kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)
-
kernel: ppc: unrelated processes being able to read/write to each other’s virtual memory (CVE-2019-12817)
-
kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() (CVE-2018-19824)
-
kernel: brcmfmac frame validation bypass (CVE-2019-9503)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
[DELL EMC 8.0 BUG]: pciehp deadlock resulting in NVMe device not being recognized when hot plugged (BZ#1712261)
-
Host crashed while try to boot a compatible guest attached huge page by"-object memory-backend-file *"[1G-P9] (BZ#1714758)
-
Setting malformed authenc key will crash the system (BZ#1715335)
-
BUG: memory allocation failure in inode_doinit_with_dentry()/context_to_sid() (BZ#1717780)
-
[HPEMC 8.1 BUG] Protect against concurrent calls into UV BIOS (BZ#1724534)
-
PHC jumping on I350 (igb) (BZ#1726352)
-
aarch64 kernel missing vulnerabilities status files (BZ#1726353)
-
BUG: KASAN: use-after-free in skb_release_data() (BZ#1726354)
-
[RHEL8][PANIC][aarch64] kernel panic when loading the dme1737 module (BZ#1726355)
-
[RHEL8] [aarch64] Changes for BZ1672997 break kaslr (BZ#1726357)
-
Network fails to come up when booting with kernel 3.10.0-862.el7.x86_64, several hung tasks can be seen in logs. (BZ#1726358)
-
[Intel] ‘cpupower frequency-set’ produces unexpected results for some processors (BZ#1726360)
-
HDMI/DP audio: ELD not updated on hotplug event (BZ#1726361)
-
[mlx5_core] CX5 Adapter works not as expected when MTU is 9000, Unable to handle kernel paging request at virtual address 3ae0aafeff4b6b5a (BZ#1726372)
-
[DELL 8.0 Bug] - hid-multitouch 0018:1FD2:8008.0001 ,lost function from S3 resume (BZ#1727098)
-
[RHEL8.1 Pre Beta] [Power8] data corruption while returning from watchpoint exception handler (BZ#1733281)
-
RHEL8.1 pre-Beta - cacheinfo code unsafe vs LPM (BZ#1733282)
-
RHEL8.1 pre-Beta - [ZZ/Zeppelin] [kernel-4.18.0-100.el8.ppc64le] Hash MMU allows child to write parents process address space (BZ#1734689)
Related
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
79.8%