Lucene search

K
redhatRedHatRHSA-2020:3224
HistoryJul 29, 2020 - 7:16 p.m.

(RHSA-2020:3224) Important: kernel security and bug fix update

2020-07-2919:16:09
access.redhat.com
79

0.002 Low

EPSS

Percentile

55.4%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)

  • kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837428)

  • RHEL7.7 - Request: retrofit kernel commit f82b4b6 to RHEL 7.7/7.8 3.10 kernels. (BZ#1838601)

  • Possible race condition updating the cfg structure in __assign_irq_vector. (BZ#1854553)