Lucene search

K
redhatRedHatRHSA-2019:3220
HistoryOct 29, 2019 - 11:38 a.m.

(RHSA-2019:3220) Important: kernel security and bug fix update

2019-10-2911:38:51
access.redhat.com
45

8.1 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

60.7%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)

  • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)

  • kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734325)

  • Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737378)

  • [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740177)

  • high update_cfs_rq_blocked_load contention (BZ#1740179)

  • kvm: backport cpuidle-haltpoll driver (BZ#1740191)

  • Growing unreclaimable slab memory (BZ#1741919)

  • [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743323)

  • NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744945)

  • powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745441)

  • ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745448)

  • [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1748237)

  • [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748238)

  • Allows macvlan to operate correctly over the active-backup mode to support bonding events (BZ#1749291)

  • debug kernel reports scheduling while atomic bug in EFI code (BZ#1755324)

8.1 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

60.7%