8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.4%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation (CVE-2019-15239)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
On RHEL 7.7 kernel SCSI VPD information for NVMe drives is missing (breaks InfoScale) (BZ#1752423)
RHEL7 fnic spamming logs: Current vnic speed set to : 40000 (BZ#1754836)
kernel build: parallelize redhat/mod-sign.sh (BZ#1755330)
kernel build: speed up module compression step (BZ#1755339)
Nested VirtualBox VMs on Windows guest has the potential of impacting memory region allocated to other KVM guests (BZ#1755781)
NULL pointer dereference at check_preempt_wakeup+0x109 (BZ#1756265)
Regression: panic in pick_next_task_rt (BZ#1756267)
ixgbe reports “Detected Tx Unit Hang” with adapter reset on RHEL 7 (BZ#1757350)
[Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM. (BZ#1757757)
nvme: dead loop in blk_mq_tagset_wait_completed_request() when it is called from timeout handler (BZ#1758051)
[mlx5] VF Representer naming is not consistent/persistent through reboots with OSPD deployment (BZ#1759003)
OS getting restarted because of driver issue with QLogic Corp. ISP2532-based 8Gb Fibre Channel to PCI Express HBA [1077:2532] (rev 02). (BZ#1759447)
mlx5: Load balancing not working over VF LAG configuration (BZ#1759449)
RHEL7.8 - ISST-LTE: vimlp1: Running LTP af_alg04.c (crypto) crash the LPAR (BZ#1763620)
RHEL7.5 - Fix security issues on crypto vmx (BZ#1763621)
RHEL 7.7 RC1 - Host crashes about 4.5 hours into switch port bounce test (BZ#1763624)
RHEL7.6 - cacheinfo code unsafe vs LPM (BZ#1763625)
xfs hangs on acquiring xfs_buf semaphore (BZ#1764245)
single CPU VM hangs during open_posix_testsuite (BZ#1766087)
rcu_sched self-detected stall on CPU while booting with nohz_full (BZ#1766098)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | python-perf-debuginfo | < 3.10.0-1062.7.1.el7 | python-perf-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm |
RedHat | 7 | noarch | kernel-doc | < 3.10.0-1062.7.1.el7 | kernel-doc-3.10.0-1062.7.1.el7.noarch.rpm |
RedHat | 7 | ppc64 | kernel-debug-debuginfo | < 3.10.0-1062.7.1.el7 | kernel-debug-debuginfo-3.10.0-1062.7.1.el7.ppc64.rpm |
RedHat | 7 | s390x | kernel-devel | < 3.10.0-1062.7.1.el7 | kernel-devel-3.10.0-1062.7.1.el7.s390x.rpm |
RedHat | 7 | ppc64 | python-perf | < 3.10.0-1062.7.1.el7 | python-perf-3.10.0-1062.7.1.el7.ppc64.rpm |
RedHat | 7 | x86_64 | perf-debuginfo | < 3.10.0-1062.7.1.el7 | perf-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm |
RedHat | 7 | s390x | perf | < 3.10.0-1062.7.1.el7 | perf-3.10.0-1062.7.1.el7.s390x.rpm |
RedHat | 7 | ppc64le | python-perf-debuginfo | < 3.10.0-1062.7.1.el7 | python-perf-debuginfo-3.10.0-1062.7.1.el7.ppc64le.rpm |
RedHat | 7 | x86_64 | bpftool-debuginfo | < 3.10.0-1062.7.1.el7 | bpftool-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm |
RedHat | 7 | ppc64le | kernel-debuginfo | < 3.10.0-1062.7.1.el7 | kernel-debuginfo-3.10.0-1062.7.1.el7.ppc64le.rpm |
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.4%