Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.3346 kernel, kernel-rt security and bug fix updates 30 September 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel kernel-rt Publisher: Red Hat Operating System: Red Hat Impact/Access: Increased Privileges -- Existing Account Access Privileged Data -- Existing Account Modify Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2020-14305 CVE-2020-12826 CVE-2020-12770 CVE-2020-11565 CVE-2020-10942 CVE-2020-10751 CVE-2020-10742 CVE-2020-10732 CVE-2020-10690 CVE-2020-9383 CVE-2020-8649 CVE-2020-8647 CVE-2020-2732 CVE-2020-1749 CVE-2019-20636 CVE-2019-20095 CVE-2019-20054 CVE-2019-19807 CVE-2019-19767 CVE-2019-19537 CVE-2019-19534 CVE-2019-19530 CVE-2019-19524 CVE-2019-19523 CVE-2019-19447 CVE-2019-19332 CVE-2019-19063 CVE-2019-19062 CVE-2019-19059 CVE-2019-19058 CVE-2019-19055 CVE-2019-19046 CVE-2019-18808 CVE-2019-17055 CVE-2019-17053 CVE-2019-16994 CVE-2019-16233 CVE-2019-16231 CVE-2019-15917 CVE-2019-15807 CVE-2019-15217 CVE-2019-12614 CVE-2019-9458 CVE-2019-9454 CVE-2018-20836 CVE-2017-18551 Reference: ESB-2020.3269 ESB-2020.1812 ESB-2020.0766 ESB-2020.2008.2 ESB-2019.4346.2 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:4062 https://access.redhat.com/errata/RHSA-2020:4060 Comment: This bulletin contains two (2) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2020:4062-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4062 Issue date: 2020-09-29 CVE Names: CVE-2017-18551 CVE-2018-20836 CVE-2019-9454 CVE-2019-9458 CVE-2019-15217 CVE-2019-15807 CVE-2019-15917 CVE-2019-16231 CVE-2019-16233 CVE-2019-16994 CVE-2019-17053 CVE-2019-17055 CVE-2019-18808 CVE-2019-19046 CVE-2019-19055 CVE-2019-19058 CVE-2019-19059 CVE-2019-19062 CVE-2019-19063 CVE-2019-19332 CVE-2019-19447 CVE-2019-19523 CVE-2019-19524 CVE-2019-19530 CVE-2019-19534 CVE-2019-19537 CVE-2019-19767 CVE-2019-19807 CVE-2019-20054 CVE-2019-20095 CVE-2019-20636 CVE-2020-1749 CVE-2020-2732 CVE-2020-8647 CVE-2020-8649 CVE-2020-9383 CVE-2020-10690 CVE-2020-10732 CVE-2020-10742 CVE-2020-10751 CVE-2020-10942 CVE-2020-11565 CVE-2020-12770 CVE-2020-12826 CVE-2020-14305 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux for Real Time (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free in sound/core/timer.c (CVE-2019-19807) * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551) * kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free (CVE-2018-20836) * kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454) * kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458) Space precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article: https://access.redhat.com/articles/5442481 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1427551 - mm/swap: Convert to percpu locked 1707796 - CVE-2018-20836 kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free 1745528 - CVE-2019-15217 kernel: null pointer dereference in drivers/media/usb/zr364xx/zr364xx.c driver 1747216 - CVE-2019-15807 kernel: Memory leak in drivers/scsi/libsas/sas_expander.c 1757368 - CVE-2017-18551 kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c 1758242 - CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol 1758248 - CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol 1759681 - CVE-2019-16994 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c 1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c 1760310 - CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c 1760420 - CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c 1774988 - CVE-2019-19046 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c 1775015 - CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS 1775021 - CVE-2019-19062 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS 1775042 - CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS 1775047 - CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS 1775074 - CVE-2019-19055 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS 1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c 1779594 - CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid 1781679 - CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c 1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver 1783459 - CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free 1783518 - CVE-2019-19530 kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver 1783540 - CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver 1783561 - CVE-2019-19537 kernel: race condition caused by a malicious USB device in the USB character device driver layer 1786078 - CVE-2019-19807 kernel: use-after-free in sound/core/timer.c 1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c 1788009 - Request nx_huge_pages=N as default value to avoid kvm-rt guest large latency spike 1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c 1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c 1802555 - CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c 1802563 - CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c 1805135 - CVE-2020-2732 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources 1809833 - CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel 1810685 - CVE-2020-9383 kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c 1817141 - CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open 1817718 - CVE-2020-10942 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field 1818818 - CVE-2019-9454 kernel: out of bounds write in i2c driver leads to local escalation of privilege 1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation 1822077 - CVE-2020-12826 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process 1824059 - CVE-2019-20636 kernel: out-of-bounds write via crafted keycode table 1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c 1831399 - CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps 1834845 - CVE-2020-12770 kernel: sg_write function lacks an sg_remove_request call in a certain failure case 1835127 - CVE-2020-10742 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic 1839634 - CVE-2020-10751 kernel: SELinux netlink permission check bypass 1850716 - CVE-2020-14305 kernel: memory corruption in Voice over IP nf_conntrack_h323 module 6. Package List: Red Hat Enterprise Linux for Real Time for NFV (v. 7): Source: kernel-rt-3.10.0-1160.rt56.1131.el7.src.rpm noarch: kernel-rt-doc-3.10.0-1160.rt56.1131.el7.noarch.rpm x86_64: kernel-rt-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-kvm-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-kvm-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-kvm-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-kvm-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-kvm-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-kvm-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm Red Hat Enterprise Linux for Real Time (v. 7): Source: kernel-rt-3.10.0-1160.rt56.1131.el7.src.rpm noarch: kernel-rt-doc-3.10.0-1160.rt56.1131.el7.noarch.rpm x86_64: kernel-rt-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-18551 https://access.redhat.com/security/cve/CVE-2018-20836 https://access.redhat.com/security/cve/CVE-2019-9454 https://access.redhat.com/security/cve/CVE-2019-9458 https://access.redhat.com/security/cve/CVE-2019-15217 https://access.redhat.com/security/cve/CVE-2019-15807 https://access.redhat.com/security/cve/CVE-2019-15917 https://access.redhat.com/security/cve/CVE-2019-16231 https://access.redhat.com/security/cve/CVE-2019-16233 https://access.redhat.com/security/cve/CVE-2019-16994 https://access.redhat.com/security/cve/CVE-2019-17053 https://access.redhat.com/security/cve/CVE-2019-17055 https://access.redhat.com/security/cve/CVE-2019-18808 https://access.redhat.com/security/cve/CVE-2019-19046 https://access.redhat.com/security/cve/CVE-2019-19055 https://access.redhat.com/security/cve/CVE-2019-19058 https://access.redhat.com/security/cve/CVE-2019-19059 https://access.redhat.com/security/cve/CVE-2019-19062 https://access.redhat.com/security/cve/CVE-2019-19063 https://access.redhat.com/security/cve/CVE-2019-19332 https://access.redhat.com/security/cve/CVE-2019-19447 https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19524 https://access.redhat.com/security/cve/CVE-2019-19530 https://access.redhat.com/security/cve/CVE-2019-19534 https://access.redhat.com/security/cve/CVE-2019-19537 https://access.redhat.com/security/cve/CVE-2019-19767 https://access.redhat.com/security/cve/CVE-2019-19807 https://access.redhat.com/security/cve/CVE-2019-20054 https://access.redhat.com/security/cve/CVE-2019-20095 https://access.redhat.com/security/cve/CVE-2019-20636 https://access.redhat.com/security/cve/CVE-2020-1749 https://access.redhat.com/security/cve/CVE-2020-2732 https://access.redhat.com/security/cve/CVE-2020-8647 https://access.redhat.com/security/cve/CVE-2020-8649 https://access.redhat.com/security/cve/CVE-2020-9383 https://access.redhat.com/security/cve/CVE-2020-10690 https://access.redhat.com/security/cve/CVE-2020-10732 https://access.redhat.com/security/cve/CVE-2020-10742 https://access.redhat.com/security/cve/CVE-2020-10751 https://access.redhat.com/security/cve/CVE-2020-10942 https://access.redhat.com/security/cve/CVE-2020-11565 https://access.redhat.com/security/cve/CVE-2020-12770 https://access.redhat.com/security/cve/CVE-2020-12826 https://access.redhat.com/security/cve/CVE-2020-14305 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index https://access.redhat.com/articles/5442481 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OEB9zjgjWX9erEAQiuzw/+IFniE2/hnxrYUlyV8Q3kD7UFnBRh91AV C5Y0jEWQRfxMLYwnMfWnojBJBSbwRV/l5e3WYauWcdiNUxEBUuf9h7/w59FNC6+S +Zug4aZRqQb8ugtPtCXVjkllj2HGpUB7jb7RoxQuJoDbH+EM7kqIWoSpt9Z0F/hi 9NhZqvUhipSpBz2ogCAMx4rU8soUu13/NOXqPSGuezdtGVnOHvwJcTcTL0jk/oSI IlPHtzA8ccIgFztS30Lbu+pJy09ZKp+0rkWYJFyj4JX3hKM0iOA/NFLKrkNtNRIK 63rtMmvIHlFKCAifzdq0ES5LNr94Ic4b3ik/PngDBDNyTJRzaV1Nc5V5xwaOz0S7 OxTyyam6IKY2hu+KeU9p+68gne890RBnqnbBaMB4e7AJOv3Sq9egc7mLsd1X+Sa+ Y9ic4mGUY0a2jeqNxeuFHwk6s3CnA60RHn3qL07mmH+O3gcgUWjoevu7UiYgkJag mXTyziSv0tl66DbDIzkRuI/vcSS5DWpTGW/aZi0I5x5p1myA1LzQNXRcGJZrgKQh DoVtxQMvKWZ28PP5XzY9mImjlqsrp2YcPVs02EqbUiV9GKLLDHaVwzr9xQ+WE0d/ L1Hu5F0gIjshVo0XUXLqoyYXvj8LRftKWY9OcaMg4JWaLURBtAOfJotTGCOSVVht JV3JXmFiXu0= =yWG6 - -----END PGP SIGNATURE----- - ------------------------------------------------------------------------------ - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2020:4060-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4060 Issue date: 2020-09-29 CVE Names: CVE-2017-18551 CVE-2018-20836 CVE-2019-9454 CVE-2019-9458 CVE-2019-12614 CVE-2019-15217 CVE-2019-15807 CVE-2019-15917 CVE-2019-16231 CVE-2019-16233 CVE-2019-16994 CVE-2019-17053 CVE-2019-17055 CVE-2019-18808 CVE-2019-19046 CVE-2019-19055 CVE-2019-19058 CVE-2019-19059 CVE-2019-19062 CVE-2019-19063 CVE-2019-19332 CVE-2019-19447 CVE-2019-19523 CVE-2019-19524 CVE-2019-19530 CVE-2019-19534 CVE-2019-19537 CVE-2019-19767 CVE-2019-19807 CVE-2019-20054 CVE-2019-20095 CVE-2019-20636 CVE-2020-1749 CVE-2020-2732 CVE-2020-8647 CVE-2020-8649 CVE-2020-9383 CVE-2020-10690 CVE-2020-10732 CVE-2020-10742 CVE-2020-10751 CVE-2020-10942 CVE-2020-11565 CVE-2020-12770 CVE-2020-12826 CVE-2020-14305 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in sound/core/timer.c (CVE-2019-19807) * kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551) * kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free (CVE-2018-20836) * kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454) * kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458) Space precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article: https://access.redhat.com/articles/5442421 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1448750 - BUG: unable to handle kernel paging request at 0; IP: [<ffffffffc05ae76b>] nfsd4_cb_done+0x2b/0x310 [nfsd] 1699402 - smallfile caused kernel Cephfs crash in RHOCS (OpenShift-on-Ceph) 1707796 - CVE-2018-20836 kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free 1718176 - CVE-2019-12614 kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service 1724345 - mkfs.xfs hangs issuing discards 1745528 - CVE-2019-15217 kernel: null pointer dereference in drivers/media/usb/zr364xx/zr364xx.c driver 1747216 - CVE-2019-15807 kernel: Memory leak in drivers/scsi/libsas/sas_expander.c 1757368 - CVE-2017-18551 kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c 1758242 - CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol 1758248 - CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol 1759681 - CVE-2019-16994 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c 1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c 1760310 - CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c 1760420 - CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c 1774988 - CVE-2019-19046 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c 1775015 - CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS 1775021 - CVE-2019-19062 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS 1775042 - CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS 1775047 - CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS 1775074 - CVE-2019-19055 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS 1777239 - Unable to exclude files from auditing 1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c 1779594 - CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid 1781679 - CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c 1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver 1783459 - CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free 1783518 - CVE-2019-19530 kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver 1783540 - CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver 1783554 - Fix copy_file_range return value in case of same-file copy on NFS 1783561 - CVE-2019-19537 kernel: race condition caused by a malicious USB device in the USB character device driver layer 1786078 - CVE-2019-19807 kernel: use-after-free in sound/core/timer.c 1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c 1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c 1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c 1802555 - CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c 1802563 - CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c 1805135 - CVE-2020-2732 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources 1809833 - CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel 1810685 - CVE-2020-9383 kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c 1817141 - CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open 1817718 - CVE-2020-10942 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field 1818818 - CVE-2019-9454 kernel: out of bounds write in i2c driver leads to local escalation of privilege 1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation 1822077 - CVE-2020-12826 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process 1824059 - CVE-2019-20636 kernel: out-of-bounds write via crafted keycode table 1824270 - CVE-2020-10742 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic [rhel-7] 1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c 1829662 - kernel BUG at fs/fscache/operation.c:70! FS-Cache: 4 == 5 is false - current state is FSCACHE_OP_ST_COMPLETE but should be FSCACHE_OP_CANCELLED in fscache_enqueue_operation 1831399 - CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps 1832332 - "[sig-network] Services should be rejected when no endpoints exist" test fails frequently on RHEL7 nodes 1834845 - CVE-2020-12770 kernel: sg_write function lacks an sg_remove_request call in a certain failure case 1835127 - CVE-2020-10742 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic 1839634 - CVE-2020-10751 kernel: SELinux netlink permission check bypass 1845326 - libaio is returning duplicate events 1850716 - CVE-2020-14305 kernel: memory corruption in Voice over IP nf_conntrack_h323 module 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1160.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm kernel-doc-3.10.0-1160.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-3.10.0-1160.el7.x86_64.rpm kernel-debug-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-devel-3.10.0-1160.el7.x86_64.rpm kernel-headers-3.10.0-1160.el7.x86_64.rpm kernel-tools-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm perf-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1160.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm kernel-doc-3.10.0-1160.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-3.10.0-1160.el7.x86_64.rpm kernel-debug-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-devel-3.10.0-1160.el7.x86_64.rpm kernel-headers-3.10.0-1160.el7.x86_64.rpm kernel-tools-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm perf-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1160.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm kernel-doc-3.10.0-1160.el7.noarch.rpm ppc64: bpftool-3.10.0-1160.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-3.10.0-1160.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.el7.ppc64.rpm kernel-debug-3.10.0-1160.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.el7.ppc64.rpm kernel-devel-3.10.0-1160.el7.ppc64.rpm kernel-headers-3.10.0-1160.el7.ppc64.rpm kernel-tools-3.10.0-1160.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.el7.ppc64.rpm perf-3.10.0-1160.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.el7.ppc64.rpm python-perf-3.10.0-1160.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1160.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-3.10.0-1160.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.el7.ppc64le.rpm kernel-debug-3.10.0-1160.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.el7.ppc64le.rpm kernel-devel-3.10.0-1160.el7.ppc64le.rpm kernel-headers-3.10.0-1160.el7.ppc64le.rpm kernel-tools-3.10.0-1160.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.el7.ppc64le.rpm perf-3.10.0-1160.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm python-perf-3.10.0-1160.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm s390x: bpftool-3.10.0-1160.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.el7.s390x.rpm kernel-3.10.0-1160.el7.s390x.rpm kernel-debug-3.10.0-1160.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.el7.s390x.rpm kernel-devel-3.10.0-1160.el7.s390x.rpm kernel-headers-3.10.0-1160.el7.s390x.rpm kernel-kdump-3.10.0-1160.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.el7.s390x.rpm perf-3.10.0-1160.el7.s390x.rpm perf-debuginfo-3.10.0-1160.el7.s390x.rpm python-perf-3.10.0-1160.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.el7.s390x.rpm x86_64: bpftool-3.10.0-1160.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-3.10.0-1160.el7.x86_64.rpm kernel-debug-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-devel-3.10.0-1160.el7.x86_64.rpm kernel-headers-3.10.0-1160.el7.x86_64.rpm kernel-tools-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm perf-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1160.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm kernel-doc-3.10.0-1160.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-3.10.0-1160.el7.x86_64.rpm kernel-debug-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-devel-3.10.0-1160.el7.x86_64.rpm kernel-headers-3.10.0-1160.el7.x86_64.rpm kernel-tools-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm perf-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-18551 https://access.redhat.com/security/cve/CVE-2018-20836 https://access.redhat.com/security/cve/CVE-2019-9454 https://access.redhat.com/security/cve/CVE-2019-9458 https://access.redhat.com/security/cve/CVE-2019-12614 https://access.redhat.com/security/cve/CVE-2019-15217 https://access.redhat.com/security/cve/CVE-2019-15807 https://access.redhat.com/security/cve/CVE-2019-15917 https://access.redhat.com/security/cve/CVE-2019-16231 https://access.redhat.com/security/cve/CVE-2019-16233 https://access.redhat.com/security/cve/CVE-2019-16994 https://access.redhat.com/security/cve/CVE-2019-17053 https://access.redhat.com/security/cve/CVE-2019-17055 https://access.redhat.com/security/cve/CVE-2019-18808 https://access.redhat.com/security/cve/CVE-2019-19046 https://access.redhat.com/security/cve/CVE-2019-19055 https://access.redhat.com/security/cve/CVE-2019-19058 https://access.redhat.com/security/cve/CVE-2019-19059 https://access.redhat.com/security/cve/CVE-2019-19062 https://access.redhat.com/security/cve/CVE-2019-19063 https://access.redhat.com/security/cve/CVE-2019-19332 https://access.redhat.com/security/cve/CVE-2019-19447 https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19524 https://access.redhat.com/security/cve/CVE-2019-19530 https://access.redhat.com/security/cve/CVE-2019-19534 https://access.redhat.com/security/cve/CVE-2019-19537 https://access.redhat.com/security/cve/CVE-2019-19767 https://access.redhat.com/security/cve/CVE-2019-19807 https://access.redhat.com/security/cve/CVE-2019-20054 https://access.redhat.com/security/cve/CVE-2019-20095 https://access.redhat.com/security/cve/CVE-2019-20636 https://access.redhat.com/security/cve/CVE-2020-1749 https://access.redhat.com/security/cve/CVE-2020-2732 https://access.redhat.com/security/cve/CVE-2020-8647 https://access.redhat.com/security/cve/CVE-2020-8649 https://access.redhat.com/security/cve/CVE-2020-9383 https://access.redhat.com/security/cve/CVE-2020-10690 https://access.redhat.com/security/cve/CVE-2020-10732 https://access.redhat.com/security/cve/CVE-2020-10742 https://access.redhat.com/security/cve/CVE-2020-10751 https://access.redhat.com/security/cve/CVE-2020-10942 https://access.redhat.com/security/cve/CVE-2020-11565 https://access.redhat.com/security/cve/CVE-2020-12770 https://access.redhat.com/security/cve/CVE-2020-12826 https://access.redhat.com/security/cve/CVE-2020-14305 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index https://access.redhat.com/articles/5442421 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OiL9zjgjWX9erEAQihSxAApxwgp4kpij7zRNbAhyJuEtRjbVL5gO/i fwPX//BDQD1TPK5HfbCicmhLEgFvbM8PwV/p8DVYAeJqD6ipqGaJjUmZssr5jCRb +EIz+7nJjq7x+iQ93/xt0nGBCRVEWwxb27nYvVQId0Prbby5TMGGmG8LmKGeMRBg mEudwSaVgo2Rn/V6aBIQFLGwsOgpHpXd/5yY9JX6e6mclE23+yKc15zqVboJvt14 Q1beZAwtHkBWlHGzBRx3HPEJdXWZXPiYcWN+07BF7vyLSmD+opMvNGsgXlCrgyIc ErgXdAIo3awyWwaU8JTv2pY/ZRsPYI2MTO0Ph+zHLy4ndpmMv9b/c0WbiEAan8iL 0Uj1zuSyWRDbnNwKEo2wc1Z7guMpDqKtV5QrZAFTSH3HVPSXF43WakDEZrO7LOse T3SmYeWdP/rI50tMOtuPeldTh8kY/qUC6mRgFM45UmXlfIzQrw49l2fbgHnANIA5 8olnRowuCaM+AU4ruLM+qf5S9IoxeLQRmzRLQEZk4nH3zjSNgwO+9rFSK92E1cTj E3mN+hH/4KP4ckOh3TDb8W9qx5DHA7U6N3XcuSloNOwROyBnnLbw8eZcJeddy0zX SvESq0HLBOVtEBbpnmJtfXlvW5bXkajYlcSX8nSCcIJ6U7yJN9qHmlsO5bv53koB 7KUpNcbho+A= =V/r8 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBX3PQIeNLKJtyKPYoAQjMvQ/9H6grf4uFS66ZKEaQkkPzaGmxa+uRPVS8 FbznvK9kgkXqmdyzX6pQcLdmDZu8PgU7ayBkbnBFl0jVJBKOHccMpNVsQTKLmfrU OVa7corpgIB5OhOuyqz471HDmxgVvBVKyKK65e2L42X7t0OBJ278KLLz+f3RDLQs tfUJud3JsE9ZEgirHJy6O/dHb7wobrRcGPbhDYm+CiZhabiG9gimxm765Aoetxvw Bh6vDPJ50BKy0SsXQT0UAFiplUV4FLODBAY9z9uoAjeEBk++SjhYIBdN2NlaQHBG zqMLoH3gmbvEh+BkoPj1wdlaLYXzakZxL5lsaBtdCyRowm5YQ4pf/fD/Eyzvqgrc Ty6rmPjhK6Uthk4zfalKsZFi4OpJmR6bLOlpxPfOmlxm99E0SHGT83Aa1/dGdoto YQjC0HHyTRdBPlxg8ZFQtjH0uVLThOkRGxgvGBiQSlRdfIw5FF1ocId3wpOHW2Q8 9JNk8kSNYzgzXtyWbh/E/9SnyMioHSPGvtqm1P0y21zTkZUaKlIifTwJRBGMZ0Ru iET6SNQjyIYlJcB9QFpntGXSX48u0HV/nLIP5OfeLHHs2EaPNndGW46fRLKHK7Sy XVFsAMhmRnyEk+oA0IO1/AXHbqyfKDhx2D5l4/4+KRCZMqj/aCEr8OMJ4LsCoCvb xcm5RWAf0M0= =8rnP -----END PGP SIGNATURE-----