Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.0068 kernel security and bug fix update 8 January 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7.5 Impact/Access: Execute Arbitrary Code/Commands -- Unknown/Unspecified Increased Privileges -- Existing Account Denial of Service -- Existing Account Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade CVE Names: CVE-2019-11811 CVE-2019-11810 CVE-2018-18281 CVE-2018-10853 CVE-2017-10661 CVE-2017-0861 Reference: ESB-2019.4547 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:0036 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security and bug fix update Advisory ID: RHSA-2020:0036-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0036 Issue date: 2020-01-07 CVE Names: CVE-2017-0861 CVE-2017-10661 CVE-2018-10853 CVE-2018-18281 CVE-2019-11810 CVE-2019-11811 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.5) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.5) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.5) - ppc64, ppc64le, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861) * kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661) * kernel: kvm: guest userspace to guest kernel write (CVE-2018-10853) * kernel: TLB flush happens too late on mremap (CVE-2018-18281) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Hard lockup in free_one_page()->_raw_spin_lock() because sosreport command is reading from /proc/pagetypeinfo (BZ#1770730) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1481136 - CVE-2017-10661 kernel: Handling of might_cancel queueing is not properly pretected against race 1563994 - CVE-2017-0861 kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation 1589890 - CVE-2018-10853 kernel: kvm: guest userspace to guest kernel write 1645121 - CVE-2018-18281 kernel: TLB flush happens too late on mremap 1709164 - CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS 1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.5): Source: kernel-3.10.0-862.46.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-862.46.1.el7.noarch.rpm kernel-doc-3.10.0-862.46.1.el7.noarch.rpm x86_64: kernel-3.10.0-862.46.1.el7.x86_64.rpm kernel-debug-3.10.0-862.46.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.46.1.el7.x86_64.rpm kernel-devel-3.10.0-862.46.1.el7.x86_64.rpm kernel-headers-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.46.1.el7.x86_64.rpm perf-3.10.0-862.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm python-perf-3.10.0-862.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.5): x86_64: kernel-debug-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.5): Source: kernel-3.10.0-862.46.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-862.46.1.el7.noarch.rpm kernel-doc-3.10.0-862.46.1.el7.noarch.rpm ppc64: kernel-3.10.0-862.46.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-862.46.1.el7.ppc64.rpm kernel-debug-3.10.0-862.46.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-862.46.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.46.1.el7.ppc64.rpm kernel-devel-3.10.0-862.46.1.el7.ppc64.rpm kernel-headers-3.10.0-862.46.1.el7.ppc64.rpm kernel-tools-3.10.0-862.46.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-862.46.1.el7.ppc64.rpm perf-3.10.0-862.46.1.el7.ppc64.rpm perf-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm python-perf-3.10.0-862.46.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-862.46.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debug-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.46.1.el7.ppc64le.rpm kernel-devel-3.10.0-862.46.1.el7.ppc64le.rpm kernel-headers-3.10.0-862.46.1.el7.ppc64le.rpm kernel-tools-3.10.0-862.46.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.46.1.el7.ppc64le.rpm perf-3.10.0-862.46.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm python-perf-3.10.0-862.46.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm s390x: kernel-3.10.0-862.46.1.el7.s390x.rpm kernel-debug-3.10.0-862.46.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.46.1.el7.s390x.rpm kernel-debug-devel-3.10.0-862.46.1.el7.s390x.rpm kernel-debuginfo-3.10.0-862.46.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.46.1.el7.s390x.rpm kernel-devel-3.10.0-862.46.1.el7.s390x.rpm kernel-headers-3.10.0-862.46.1.el7.s390x.rpm kernel-kdump-3.10.0-862.46.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.46.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.46.1.el7.s390x.rpm perf-3.10.0-862.46.1.el7.s390x.rpm perf-debuginfo-3.10.0-862.46.1.el7.s390x.rpm python-perf-3.10.0-862.46.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.s390x.rpm x86_64: kernel-3.10.0-862.46.1.el7.x86_64.rpm kernel-debug-3.10.0-862.46.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.46.1.el7.x86_64.rpm kernel-devel-3.10.0-862.46.1.el7.x86_64.rpm kernel-headers-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.46.1.el7.x86_64.rpm perf-3.10.0-862.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm python-perf-3.10.0-862.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.5): ppc64: kernel-debug-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.46.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-862.46.1.el7.ppc64.rpm perf-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.46.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.46.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.46.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-0861 https://access.redhat.com/security/cve/CVE-2017-10661 https://access.redhat.com/security/cve/CVE-2018-10853 https://access.redhat.com/security/cve/CVE-2018-18281 https://access.redhat.com/security/cve/CVE-2019-11810 https://access.redhat.com/security/cve/CVE-2019-11811 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXhR5G9zjgjWX9erEAQiv9A/8COGR9UumlJp9I/Z9BEroJqnYXELC/b4q gSFt321bTrMbPeSdDXqMiEFc1fnpfFJogPgS1/9e5H0t9mVQf9Glfd94129MsWfv AQSlPr+pdwyiBYFPr/5zJJ31zf4qjTJKA/tIT++kqtBnYeawSlfE0kUBBiyNb560 5Hk5caWDX84Y2g5QFQ9Beu9XBJoMylKkxvjfWyQY5u7JCIar0oxIkiG74yhwfcrB D8nch58bb9Nq+SjGzFgtqlfjcFJKPyQRmZO8O6FKRFU02z0mRg6SdiJ1NkR1RVEL Skr13aQ0hYpTL/PjXCMW34OgHhRr37Dq2pB0EX5TI2SUFD/daOpFPUkm4zNxKTo6 M4XnSsd0YFr/8s+0NVtMnbP/qlwVRefzS4KPfVqKz0qZJDSLnIHt5IXdASmkSByw EKo3hnLTjvVg0g1qDcRHk/lBKyualrsHRhEYNFSLgdddrLVMxTmse2xov+YlP5SU E0TziI5/VRxKiylTtV4CL7TOaUm6bm6Yxjb7MXEVCNgRCP+AMTHrC6b9U5Png/dP ThaJtn+sRyscsUN1BsrqN6y3BIHPAa7IG1YH1Zd/JGhL+80jneDyV+851/ZkId+V /liSDuZ6lonCNUGvf7gVhykAcD3ue6rUyaefb9oAjNgGqTYZ3LH1rjUsTa4EpgFR X+Rd9aVJ/Cc= =KNZc - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXhVuUmaOgq3Tt24GAQg0Aw//RWXalehPBrtZV1dytSP0IMQpzjPV2LkC C8JktCkILhzmmQf04IxRZWvyxSE0ec1GQ4ED5XwWYgxbUOTbYxmqveEpdiVaxAGp m+JndLHFgWZiY6BLPmwxsx/l/a8rdz12LxJRLItECqT6TQy3vEDf930i0JsDtNx/ F1XCGkSNuDkcsiTtRdgM5cdbnBR6osL7nXxmYeLP28vQLPV4pK0lEqQnSE0IhAL7 qQ5QomJvVOOXryzf5mqFHw0llAkjL/dTI/+GzLFs2otGs3hw96paduVh6iLavNKw gCXFScvhXlHMihqqsxG7ESjDXH2UuJX4pUB8LpJZctrtzrj5W0Etr7qAUiPQ7YrJ D1gNjCgb54oOHG5dOmsM7Dh9xjhgqjHpNSjRFiinn3oakSADv+p+Nc3gk6OG7077 uZPXlDvcL0K2p9aPj0MEMlTzMT4qRd2YUvCZEBAZn1CY1LBOcmI9DcUmLFKJPrPl rDSG4NEbfWxvTITP3Xl76Zb6bz2Su6lB9ZH9ikbSylYsd0lLH7+6xbCYV0o162Bd zfemmBweJLDdx8z5lROuXjgOxNPx3IQ95eZAvXGFZI82uukhekW8TGFhTlZRZlB9 YraKB8GwBmLdyCFeFCCUUWTALsrQvAexznuSXQWH4ljAC7GaTX8zb3g2KqwBumuT I7TGTxl+/0c= =fbso -----END PGP SIGNATURE-----