Lucene search

K
redhatRedHatRHSA-2019:3089
HistoryOct 16, 2019 - 7:42 a.m.

(RHSA-2019:3089) Important: kernel-rt security and bug fix update

2019-10-1607:42:15
access.redhat.com
96

0.014 Low

EPSS

Percentile

86.5%

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)

  • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)

  • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)

  • kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)