Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.3620.2 Important: kernel security and bug fix update 26 September 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux WS/Desktop 6 Impact/Access: Increased Privileges -- Existing Account Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-14835 CVE-2019-1125 Reference: ESB-2019.3613 ESB-2019.3612 ESB-2019.3572.3 ESB-2019.3536 Original Bulletin: https://access.redhat.com/errata/RHSA-2019:2899 https://access.redhat.com/errata/RHSA-2019:2900 https://access.redhat.com/errata/RHSA-2019:2901 Comment: This bulletin contains three (3) Red Hat security advisories. Revision History: September 26 2019: Vendor released further announcements with updated affected releases/architectures September 26 2019: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:2899-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2899 Issue date: 2019-09-25 CVE Names: CVE-2019-1125 CVE-2019-14835 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.2) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * fs deadlock when a memory allocation waits on page writeback in NOFS context (BZ#1729103) * fragmented packets timing out (BZ#1729409) * kernel build: speed up debuginfo extraction (BZ#1731460) * use "make -jN" for modules_install (BZ#1735079) * shmem: consider shm_mnt as a long-term mount (BZ#1737374) * raid1d can hang in freeze_array if handling a mix of read and write errors (BZ#1737792) * Backport TCP follow-up for small buffers (BZ#1739125) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1724389 - CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.2): Source: kernel-3.10.0-327.82.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.82.1.el7.noarch.rpm kernel-doc-3.10.0-327.82.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7.x86_64.rpm kernel-devel-3.10.0-327.82.1.el7.x86_64.rpm kernel-headers-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.82.1.el7.x86_64.rpm perf-3.10.0-327.82.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm python-perf-3.10.0-327.82.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.2): Source: kernel-3.10.0-327.82.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.82.1.el7.noarch.rpm kernel-doc-3.10.0-327.82.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7.x86_64.rpm kernel-devel-3.10.0-327.82.1.el7.x86_64.rpm kernel-headers-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.82.1.el7.x86_64.rpm perf-3.10.0-327.82.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm python-perf-3.10.0-327.82.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.2): Source: kernel-3.10.0-327.82.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.82.1.el7.noarch.rpm kernel-doc-3.10.0-327.82.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7.x86_64.rpm kernel-devel-3.10.0-327.82.1.el7.x86_64.rpm kernel-headers-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.82.1.el7.x86_64.rpm perf-3.10.0-327.82.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm python-perf-3.10.0-327.82.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.82.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.82.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.82.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.82.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-1125 https://access.redhat.com/security/cve/CVE-2019-14835 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/4329821 https://access.redhat.com/security/vulnerabilities/kernel-vhost 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXYtbANzjgjWX9erEAQiXbhAAj+34UgAIhJLCg/hNkzjZN1VH8DYLbN2p sIC116NtyojbTTSRQXCH1/hwfn8ywnbEFK7IhZCn/V8M283ALxZG88+HS61SNvrN 0ckyt5heoH7uBKddAnNnDIekO+H5aSNnM9RLY/pKUpJJTYYCO59mAggHm+R2UvNW PWc4fHZTIdvzB5xtQhlnauZg9ypoKcxmn+uFhvMDpVBxZVPTh0sdfd20C5jLDOlE 2ecxTE39Zy6zrm0lnqT/epeNz233qq8a62GhXSggqt/35L6mgsol/rbAPlo1g7Qo 3Swd5zM+VOhoalMptpxYus7iOhfhmQK/IgUUq9qZHUF2QFL4rsDoGb4Lga+N+oVh fyfrEHVhw9sHPb8iwbUHGLj9e3gx+ASln/u4ZMMzH8b+15TQcBapl4P+8xNqRE4o XmXSTuyfZ3RU3O/SUVACf7IkHbx/Ej1+btQLqXaQQozOJElUdj2du+Hhz63TG1v6 d1LNnLYaljsW7d40lNylJiuVVuB4Uu3ZBfW0ztVSclvsrE2TEMSNYKia/JXXoad1 ifWeUpDP48pdJ7aNmdbvTZDGtXhFcPBzuKvR0iJuiLPEcGrI0GIltEDhiMoBtX4r UrIh2QB/PAPYPYkLkJbQ1HI/dFzfr3zw4RdPyrG7lhI+jk2fubpfyx5n51hNmXVA AqATMj2NTMM= =jPaw - -----END PGP SIGNATURE----- - -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce ============================================================================= - ----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:2900-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2900 Issue date: 2019-09-25 CVE Names: CVE-2019-1125 CVE-2019-14835 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.3) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.3) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.3) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * fs deadlock when a memory allocation waits on page writeback in NOFS context (BZ#1729105) * fragmented packets timing out (BZ#1729410) * kernel build: speed up debuginfo extraction (BZ#1731461) * use "make -jN" for modules_install (BZ#1735080) * shmem: consider shm_mnt as a long-term mount (BZ#1737375) * Backport TCP follow-up for small buffers (BZ#1739126) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1724389 - CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: kernel-3.10.0-514.69.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.69.1.el7.noarch.rpm kernel-doc-3.10.0-514.69.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.69.1.el7.x86_64.rpm kernel-devel-3.10.0-514.69.1.el7.x86_64.rpm kernel-headers-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.69.1.el7.x86_64.rpm perf-3.10.0-514.69.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm python-perf-3.10.0-514.69.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.3): Source: kernel-3.10.0-514.69.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.69.1.el7.noarch.rpm kernel-doc-3.10.0-514.69.1.el7.noarch.rpm ppc64le: kernel-3.10.0-514.69.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debug-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.69.1.el7.ppc64le.rpm kernel-devel-3.10.0-514.69.1.el7.ppc64le.rpm kernel-headers-3.10.0-514.69.1.el7.ppc64le.rpm kernel-tools-3.10.0-514.69.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.69.1.el7.ppc64le.rpm perf-3.10.0-514.69.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm python-perf-3.10.0-514.69.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm x86_64: kernel-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.69.1.el7.x86_64.rpm kernel-devel-3.10.0-514.69.1.el7.x86_64.rpm kernel-headers-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.69.1.el7.x86_64.rpm perf-3.10.0-514.69.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm python-perf-3.10.0-514.69.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.3): Source: kernel-3.10.0-514.69.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.69.1.el7.noarch.rpm kernel-doc-3.10.0-514.69.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.69.1.el7.x86_64.rpm kernel-devel-3.10.0-514.69.1.el7.x86_64.rpm kernel-headers-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.69.1.el7.x86_64.rpm perf-3.10.0-514.69.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm python-perf-3.10.0-514.69.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.3): x86_64: kernel-debug-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.69.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.3): ppc64le: kernel-debug-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.69.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.69.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.69.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.3): x86_64: kernel-debug-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.69.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.69.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-1125 https://access.redhat.com/security/cve/CVE-2019-14835 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/4329821 https://access.redhat.com/security/vulnerabilities/kernel-vhost 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXYtc3tzjgjWX9erEAQhLbQ/9He4EewP2oLmpSD+YgwrsmicC0tkXAwHQ mewfO+F8Km5VbKeBTvUg3tt0H2xCepbKMD0/zl1TgElv1+HD1Gfy8Wp6be9+2O07 ysbx9TVAS8+dpsvyunkdLUms3qyqH9DPNLwkv0oxicOUgW9wyS0k+icp2vi2D6ru rHGbIciOf3adLlnebmTAS0VRyw9rPbOnsDHnM3Nt092K7HqWrnsbWXSNxo9swPwO fyjKy7ww9hEMbcbrS5TCXPpgCGPayFPYu6usIWHe4vanC2zu9bLKf3NQVmQLgfa5 5Of1vIHkRh2PhFKRNKLzIrdZdgDZ/dVFBJCVqyaWdMNW/lazaLjC7GK3lMXgOp+j bUktXaPe6Wrb1qdJZvGDnaJ8wjMUnoBNt2qvCszQHy/hw3Mu/tZVt0SM29JB669k VXJp+T/vbEBz6XR9lfL/9kGsEkjYY7KfFRg+2AUn/jzf+NiEJPdeXTHo1d22WADK lIgsa1KRqxGHx92LpPGh7Qufv7CtM1X70x7eddYY1yFwKbQe5sZjpD8wKChw+zDx ziz1up8tE9nFNGkT0EurprzoEvUHEva1Ex2ntM8wE5SKQDOHo23yiB/cB59W1W+T 6FIFf+ezOO8Cuz6XTuF6dhr1eG6yN1KrrVoYoHlIvsK6Fep7rn2/lLPslXXPT41n HdBiOekTEfs= =E8Qk - -----END PGP SIGNATURE----- - -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce ============================================================================= - ----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:2901-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2901 Issue date: 2019-09-25 CVE Names: CVE-2019-14835 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.5) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.5): Source: kernel-2.6.32-431.96.2.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-431.96.2.el6.noarch.rpm kernel-doc-2.6.32-431.96.2.el6.noarch.rpm kernel-firmware-2.6.32-431.96.2.el6.noarch.rpm x86_64: kernel-2.6.32-431.96.2.el6.x86_64.rpm kernel-debug-2.6.32-431.96.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-431.96.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.96.2.el6.x86_64.rpm kernel-devel-2.6.32-431.96.2.el6.x86_64.rpm kernel-headers-2.6.32-431.96.2.el6.x86_64.rpm perf-2.6.32-431.96.2.el6.x86_64.rpm perf-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: kernel-2.6.32-431.96.2.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-431.96.2.el6.x86_64.rpm perf-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm python-perf-2.6.32-431.96.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-431.96.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14835 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kernel-vhost 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXYtZ09zjgjWX9erEAQh3YRAAg9Vd3PGkazz+0LgQF2ZnlqFu5GZLQTjV Ga4LcUd3Yrs5psHI+W0x4nL6smsAFcecWhjNiDg+1uvF7Feh6Bcy4XcOq3wU60Th OaRae7e0BvSmlLHIsPKBifSE3Ufm1p2rOmUTzvGsBBf6T2q1LkXNiHn+Raj1xtwO JjlpJi4/+r684wdxlYjM+RPWMc1dBW57gvEmv2N0GEjxmMJzBaoLI4rliqhT7Z6N akYgLWtp+Wr8u+3VLNIqskUcdDrR0MnvQvk/wc/pek8g8WIW0vUJLbwLzfVpRhjG r6nwaTSVcT5MQWkQFXlqYZ2Pqx78soSBTUxMZj52OIGtz9Hl4ZBpwaezOCBxk3Nd rltDRpuluvAnuq4A6QbZkmWXMIZqnaNw+GvXvEJ8UXvMAxgaAe0qG1E9KC6m9EV8 EuQ/8mSFN8xvRtGvM4j6mdT6n3D2YrPGeWeCAcmLho+RVsYEbzNCkRokHnAWfEyT 8jZhhO3gLsFfXnkqkS9AGrAeOvJR3cqPuAjoZQDasYv5r9EIcTqi8SA5vGaVqvHI wJfVv9fNXqMFP0Fg9TxvbAuXmUMcA745YyfoGb6AvnQCq6cbklvAOIvADwg49jtt rzDiUH3mjU1bsBexdl5Ojic9wc8SjWAs4ryMsV1Xv+aN4yJBj3rLTJtzGVuNguPp AQltQAxCXyI= =CnKM - -----END PGP SIGNATURE----- - -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXYwyhmaOgq3Tt24GAQiclBAApsqmFUUGTlJZPhxRbcB/zWzmnkbbFEhA Xf+WYYCfc+X0gS3dyzGG7EICkAWCTPCD7haBm1NLy95aMcwusYEsrzCzCB7WPwsq mxatzN3/9p2aHCQ1t9ZkbGXAL6qi/kxYx8Ls+Ldt9wRgYozzWgu0O1bo9SRG1zfW ScF0lZdEH2cfpvyi9O5287g6DLEALrPAIXHuAkSWep3xYEXFUgsM4noiNudJH7E3 FX6RUu3kSQsdV7VGzJoQWctYk81jjaiCji6cPGqXgHkA9QL3605ZcgCMsaVxHYaK R9SB/ZcIktCU+SQ0xa8V1H2+o/oZTOiOS2xV/I9YnE54VPzeoxqP3rFj9mtxR2qB 80hOX5wNneVb0sC7xuZhwYyifnL3zF5dQ5Ak6lOupGCdPBDYhQHM6PwrXKn9v02k miC0BRQ7dPW9yHn+qAcgNXSU20MYcWNdV0spFLdTFsOmNUUEA4MscFjkF95z0xol d7OBL3wlEjU4a0ZGgq0eurbps8ilZxfSl3cMZD+dz6xpSV2ncacsRgebn2C3fzok M8/PhVuJktjVu1eoBrJY8nRtOHy+UQNVMJPFquWCq/SLnuFfAhovA8OMRcvugRYz 4zjQBxrSe8ulgu1uEvres90AjXe0Zuspi3hwntKc5+rAw2TaA5gui42QNK0/OOJD 4vMlys8vdYA= =R4Dx -----END PGP SIGNATURE-----