9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.024 Low
EPSS
Percentile
89.8%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)
kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)
kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)
kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 (CVE-2019-14898)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
[Azure][7.8] Include patch “PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it” (BZ#1766089)
[Hyper-V][RHEL7.8] When accelerated networking is enabled on RedHat, network interface(eth0) moved to new network namespace does not obtain IP address. (BZ#1766093)
[Azure][RHEL 7.6] hv_vmbus probe pass-through GPU card failed (BZ#1766097)
SMB3: Do not error out on large file transfers if server responds with STATUS_INSUFFICIENT_RESOURCES (BZ#1767621)
Since RHEL commit 5330f5d09820 high load can cause dm-multipath path failures (BZ#1770113)
Hard lockup in free_one_page()->_raw_spin_lock() because sosreport command is reading from /proc/pagetypeinfo (BZ#1770732)
patchset for x86/atomic: Fix smp_mb__{before,after}_atomic() (BZ#1772812)
fix compat statfs64() returning EOVERFLOW for when _FILE_OFFSET_BITS=64 (BZ#1775678)
Guest crash after load cpuidle-haltpoll driver (BZ#1776289)
RHEL 7.7 long I/O stalls with bnx2fc from not masking off scope bits of retry delay value (BZ#1776290)
Multiple “mv” processes hung on a gfs2 filesystem (BZ#1777297)
Moving Egress IP will result in conntrack sessions being DESTROYED (BZ#1779564)
core: backports from upstream (BZ#1780033)
kernel BUG at arch/powerpc/platforms/pseries/lpar.c:482! (BZ#1780148)
Race between tty_open() and flush_to_ldisc() using the tty_struct->driver_data field. (BZ#1780163)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | s390x | kernel-debug-debuginfo | < 3.10.0-1062.12.1.el7 | kernel-debug-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm |
RedHat | 7 | ppc64 | bpftool-debuginfo | < 3.10.0-1062.12.1.el7 | bpftool-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm |
RedHat | 7 | x86_64 | bpftool-debuginfo | < 3.10.0-1062.12.1.el7 | bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm |
RedHat | 7 | x86_64 | kernel-tools | < 3.10.0-1062.12.1.el7 | kernel-tools-3.10.0-1062.12.1.el7.x86_64.rpm |
RedHat | 7 | ppc64le | perf-debuginfo | < 3.10.0-1062.12.1.el7 | perf-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm |
RedHat | 7 | s390x | kernel-devel | < 3.10.0-1062.12.1.el7 | kernel-devel-3.10.0-1062.12.1.el7.s390x.rpm |
RedHat | 7 | s390x | kernel-headers | < 3.10.0-1062.12.1.el7 | kernel-headers-3.10.0-1062.12.1.el7.s390x.rpm |
RedHat | 7 | ppc64 | python-perf | < 3.10.0-1062.12.1.el7 | python-perf-3.10.0-1062.12.1.el7.ppc64.rpm |
RedHat | 7 | s390x | kernel-debug-devel | < 3.10.0-1062.12.1.el7 | kernel-debug-devel-3.10.0-1062.12.1.el7.s390x.rpm |
RedHat | 7 | ppc64le | bpftool | < 3.10.0-1062.12.1.el7 | bpftool-3.10.0-1062.12.1.el7.ppc64le.rpm |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.024 Low
EPSS
Percentile
89.8%