-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3346
              kernel, kernel-rt security and bug fix updates
                             30 September 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
                   kernel-rt
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Increased Privileges     -- Existing Account      
                   Access Privileged Data   -- Existing Account      
                   Modify Arbitrary Files   -- Existing Account      
                   Denial of Service        -- Remote/Unauthenticated
                   Access Confidential Data -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14305 CVE-2020-12826 CVE-2020-12770
                   CVE-2020-11565 CVE-2020-10942 CVE-2020-10751
                   CVE-2020-10742 CVE-2020-10732 CVE-2020-10690
                   CVE-2020-9383 CVE-2020-8649 CVE-2020-8647
                   CVE-2020-2732 CVE-2020-1749 CVE-2019-20636
                   CVE-2019-20095 CVE-2019-20054 CVE-2019-19807
                   CVE-2019-19767 CVE-2019-19537 CVE-2019-19534
                   CVE-2019-19530 CVE-2019-19524 CVE-2019-19523
                   CVE-2019-19447 CVE-2019-19332 CVE-2019-19063
                   CVE-2019-19062 CVE-2019-19059 CVE-2019-19058
                   CVE-2019-19055 CVE-2019-19046 CVE-2019-18808
                   CVE-2019-17055 CVE-2019-17053 CVE-2019-16994
                   CVE-2019-16233 CVE-2019-16231 CVE-2019-15917
                   CVE-2019-15807 CVE-2019-15217 CVE-2019-12614
                   CVE-2019-9458 CVE-2019-9454 CVE-2018-20836
                   CVE-2017-18551  

Reference:         ESB-2020.3269
                   ESB-2020.1812
                   ESB-2020.0766
                   ESB-2020.2008.2
                   ESB-2019.4346.2

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:4062
   https://access.redhat.com/errata/RHSA-2020:4060

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update
Advisory ID:       RHSA-2020:4062-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4062
Issue date:        2020-09-29
CVE Names:         CVE-2017-18551 CVE-2018-20836 CVE-2019-9454 
                   CVE-2019-9458 CVE-2019-15217 CVE-2019-15807 
                   CVE-2019-15917 CVE-2019-16231 CVE-2019-16233 
                   CVE-2019-16994 CVE-2019-17053 CVE-2019-17055 
                   CVE-2019-18808 CVE-2019-19046 CVE-2019-19055 
                   CVE-2019-19058 CVE-2019-19059 CVE-2019-19062 
                   CVE-2019-19063 CVE-2019-19332 CVE-2019-19447 
                   CVE-2019-19523 CVE-2019-19524 CVE-2019-19530 
                   CVE-2019-19534 CVE-2019-19537 CVE-2019-19767 
                   CVE-2019-19807 CVE-2019-20054 CVE-2019-20095 
                   CVE-2019-20636 CVE-2020-1749 CVE-2020-2732 
                   CVE-2020-8647 CVE-2020-8649 CVE-2020-9383 
                   CVE-2020-10690 CVE-2020-10732 CVE-2020-10742 
                   CVE-2020-10751 CVE-2020-10942 CVE-2020-11565 
                   CVE-2020-12770 CVE-2020-12826 CVE-2020-14305 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for Real Time (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: use-after-free in sound/core/timer.c (CVE-2019-19807)

* kernel: out of bounds write in function i2c_smbus_xfer_emulated in
drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)

* kernel: race condition in smp_task_timedout() and smp_task_done() in
drivers/scsi/libsas/sas_expander.c leads to use-after-free (CVE-2018-20836)

* kernel: out of bounds write in i2c driver leads to local escalation of
privilege (CVE-2019-9454)

* kernel: use after free due to race condition in the video driver leads to
local privilege escalation (CVE-2019-9458)

Space precludes documenting all of the security fixes in this advisory. See
the descriptions of the remaining security fixes in the related Knowledge
Article:

https://access.redhat.com/articles/5442481

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1427551 - mm/swap: Convert to percpu locked
1707796 - CVE-2018-20836 kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free
1745528 - CVE-2019-15217 kernel: null pointer dereference in drivers/media/usb/zr364xx/zr364xx.c driver
1747216 - CVE-2019-15807 kernel: Memory leak in drivers/scsi/libsas/sas_expander.c
1757368 - CVE-2017-18551 kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c
1758242 - CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol
1758248 - CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol
1759681 - CVE-2019-16994 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c
1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
1760310 - CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c
1760420 - CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c
1774988 - CVE-2019-19046 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c
1775015 - CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS
1775021 - CVE-2019-19062 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS
1775042 - CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS
1775047 - CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS
1775074 - CVE-2019-19055 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS
1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
1779594 - CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid
1781679 - CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c
1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver
1783459 - CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free
1783518 - CVE-2019-19530 kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver
1783540 - CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver
1783561 - CVE-2019-19537 kernel: race condition caused by a malicious USB device in the USB character device driver layer
1786078 - CVE-2019-19807 kernel: use-after-free in sound/core/timer.c
1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
1788009 - Request nx_huge_pages=N as default value to avoid kvm-rt guest large latency spike
1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c
1802555 - CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
1802563 - CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
1805135 - CVE-2020-2732 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
1809833 - CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel
1810685 - CVE-2020-9383 kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c
1817141 - CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open
1817718 - CVE-2020-10942 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field
1818818 - CVE-2019-9454 kernel: out of bounds write in i2c driver leads to local escalation of privilege
1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation
1822077 - CVE-2020-12826 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process
1824059 - CVE-2019-20636 kernel: out-of-bounds write via crafted keycode table
1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
1831399 - CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps
1834845 - CVE-2020-12770 kernel: sg_write function lacks an sg_remove_request call in a certain failure case
1835127 - CVE-2020-10742 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic
1839634 - CVE-2020-10751 kernel: SELinux netlink permission check bypass
1850716 - CVE-2020-14305 kernel: memory corruption in Voice over IP nf_conntrack_h323 module

6. Package List:

Red Hat Enterprise Linux for Real Time for NFV (v. 7):

Source:
kernel-rt-3.10.0-1160.rt56.1131.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1160.rt56.1131.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm

Red Hat Enterprise Linux for Real Time (v. 7):

Source:
kernel-rt-3.10.0-1160.rt56.1131.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1160.rt56.1131.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1160.rt56.1131.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1160.rt56.1131.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-18551
https://access.redhat.com/security/cve/CVE-2018-20836
https://access.redhat.com/security/cve/CVE-2019-9454
https://access.redhat.com/security/cve/CVE-2019-9458
https://access.redhat.com/security/cve/CVE-2019-15217
https://access.redhat.com/security/cve/CVE-2019-15807
https://access.redhat.com/security/cve/CVE-2019-15917
https://access.redhat.com/security/cve/CVE-2019-16231
https://access.redhat.com/security/cve/CVE-2019-16233
https://access.redhat.com/security/cve/CVE-2019-16994
https://access.redhat.com/security/cve/CVE-2019-17053
https://access.redhat.com/security/cve/CVE-2019-17055
https://access.redhat.com/security/cve/CVE-2019-18808
https://access.redhat.com/security/cve/CVE-2019-19046
https://access.redhat.com/security/cve/CVE-2019-19055
https://access.redhat.com/security/cve/CVE-2019-19058
https://access.redhat.com/security/cve/CVE-2019-19059
https://access.redhat.com/security/cve/CVE-2019-19062
https://access.redhat.com/security/cve/CVE-2019-19063
https://access.redhat.com/security/cve/CVE-2019-19332
https://access.redhat.com/security/cve/CVE-2019-19447
https://access.redhat.com/security/cve/CVE-2019-19523
https://access.redhat.com/security/cve/CVE-2019-19524
https://access.redhat.com/security/cve/CVE-2019-19530
https://access.redhat.com/security/cve/CVE-2019-19534
https://access.redhat.com/security/cve/CVE-2019-19537
https://access.redhat.com/security/cve/CVE-2019-19767
https://access.redhat.com/security/cve/CVE-2019-19807
https://access.redhat.com/security/cve/CVE-2019-20054
https://access.redhat.com/security/cve/CVE-2019-20095
https://access.redhat.com/security/cve/CVE-2019-20636
https://access.redhat.com/security/cve/CVE-2020-1749
https://access.redhat.com/security/cve/CVE-2020-2732
https://access.redhat.com/security/cve/CVE-2020-8647
https://access.redhat.com/security/cve/CVE-2020-8649
https://access.redhat.com/security/cve/CVE-2020-9383
https://access.redhat.com/security/cve/CVE-2020-10690
https://access.redhat.com/security/cve/CVE-2020-10732
https://access.redhat.com/security/cve/CVE-2020-10742
https://access.redhat.com/security/cve/CVE-2020-10751
https://access.redhat.com/security/cve/CVE-2020-10942
https://access.redhat.com/security/cve/CVE-2020-11565
https://access.redhat.com/security/cve/CVE-2020-12770
https://access.redhat.com/security/cve/CVE-2020-12826
https://access.redhat.com/security/cve/CVE-2020-14305
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
https://access.redhat.com/articles/5442481

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3OEB9zjgjWX9erEAQiuzw/+IFniE2/hnxrYUlyV8Q3kD7UFnBRh91AV
C5Y0jEWQRfxMLYwnMfWnojBJBSbwRV/l5e3WYauWcdiNUxEBUuf9h7/w59FNC6+S
+Zug4aZRqQb8ugtPtCXVjkllj2HGpUB7jb7RoxQuJoDbH+EM7kqIWoSpt9Z0F/hi
9NhZqvUhipSpBz2ogCAMx4rU8soUu13/NOXqPSGuezdtGVnOHvwJcTcTL0jk/oSI
IlPHtzA8ccIgFztS30Lbu+pJy09ZKp+0rkWYJFyj4JX3hKM0iOA/NFLKrkNtNRIK
63rtMmvIHlFKCAifzdq0ES5LNr94Ic4b3ik/PngDBDNyTJRzaV1Nc5V5xwaOz0S7
OxTyyam6IKY2hu+KeU9p+68gne890RBnqnbBaMB4e7AJOv3Sq9egc7mLsd1X+Sa+
Y9ic4mGUY0a2jeqNxeuFHwk6s3CnA60RHn3qL07mmH+O3gcgUWjoevu7UiYgkJag
mXTyziSv0tl66DbDIzkRuI/vcSS5DWpTGW/aZi0I5x5p1myA1LzQNXRcGJZrgKQh
DoVtxQMvKWZ28PP5XzY9mImjlqsrp2YcPVs02EqbUiV9GKLLDHaVwzr9xQ+WE0d/
L1Hu5F0gIjshVo0XUXLqoyYXvj8LRftKWY9OcaMg4JWaLURBtAOfJotTGCOSVVht
JV3JXmFiXu0=
=yWG6
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2020:4060-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4060
Issue date:        2020-09-29
CVE Names:         CVE-2017-18551 CVE-2018-20836 CVE-2019-9454 
                   CVE-2019-9458 CVE-2019-12614 CVE-2019-15217 
                   CVE-2019-15807 CVE-2019-15917 CVE-2019-16231 
                   CVE-2019-16233 CVE-2019-16994 CVE-2019-17053 
                   CVE-2019-17055 CVE-2019-18808 CVE-2019-19046 
                   CVE-2019-19055 CVE-2019-19058 CVE-2019-19059 
                   CVE-2019-19062 CVE-2019-19063 CVE-2019-19332 
                   CVE-2019-19447 CVE-2019-19523 CVE-2019-19524 
                   CVE-2019-19530 CVE-2019-19534 CVE-2019-19537 
                   CVE-2019-19767 CVE-2019-19807 CVE-2019-20054 
                   CVE-2019-20095 CVE-2019-20636 CVE-2020-1749 
                   CVE-2020-2732 CVE-2020-8647 CVE-2020-8649 
                   CVE-2020-9383 CVE-2020-10690 CVE-2020-10732 
                   CVE-2020-10742 CVE-2020-10751 CVE-2020-10942 
                   CVE-2020-11565 CVE-2020-12770 CVE-2020-12826 
                   CVE-2020-14305 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: use-after-free in sound/core/timer.c (CVE-2019-19807)

* kernel: out of bounds write in function i2c_smbus_xfer_emulated in
drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)

* kernel: race condition in smp_task_timedout() and smp_task_done() in
drivers/scsi/libsas/sas_expander.c leads to use-after-free (CVE-2018-20836)

* kernel: out of bounds write in i2c driver leads to local escalation of
privilege (CVE-2019-9454)

* kernel: use after free due to race condition in the video driver leads to
local privilege escalation (CVE-2019-9458)

Space precludes documenting all of the security fixes in this advisory. See
the descriptions of the remaining security fixes in the related Knowledge
Article:

https://access.redhat.com/articles/5442421

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1448750 - BUG: unable to handle kernel paging request at 0; IP: [<ffffffffc05ae76b>] nfsd4_cb_done+0x2b/0x310 [nfsd]
1699402 - smallfile caused kernel Cephfs crash in RHOCS (OpenShift-on-Ceph)
1707796 - CVE-2018-20836 kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free
1718176 - CVE-2019-12614 kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
1724345 - mkfs.xfs hangs issuing discards
1745528 - CVE-2019-15217 kernel: null pointer dereference in drivers/media/usb/zr364xx/zr364xx.c driver
1747216 - CVE-2019-15807 kernel: Memory leak in drivers/scsi/libsas/sas_expander.c
1757368 - CVE-2017-18551 kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c
1758242 - CVE-2019-17053 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol
1758248 - CVE-2019-17055 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol
1759681 - CVE-2019-16994 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c
1760100 - CVE-2019-15917 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c
1760310 - CVE-2019-16231 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c
1760420 - CVE-2019-16233 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c
1774988 - CVE-2019-19046 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c
1775015 - CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS
1775021 - CVE-2019-19062 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS
1775042 - CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS
1775047 - CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS
1775074 - CVE-2019-19055 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS
1777239 - Unable to exclude files from auditing
1777418 - CVE-2019-18808 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
1779594 - CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid
1781679 - CVE-2019-19447 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c
1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver
1783459 - CVE-2019-19524 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free
1783518 - CVE-2019-19530 kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver
1783540 - CVE-2019-19534 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver
1783554 - Fix copy_file_range return value in case of same-file copy on NFS
1783561 - CVE-2019-19537 kernel: race condition caused by a malicious USB device in the USB character device driver layer
1786078 - CVE-2019-19807 kernel: use-after-free in sound/core/timer.c
1786160 - CVE-2019-19767 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c
1802555 - CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
1802563 - CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
1805135 - CVE-2020-2732 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
1809833 - CVE-2020-1749 kernel: some ipv6 protocols not encrypted over ipsec tunnel
1810685 - CVE-2020-9383 kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c
1817141 - CVE-2020-10690 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open
1817718 - CVE-2020-10942 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field
1818818 - CVE-2019-9454 kernel: out of bounds write in i2c driver leads to local escalation of privilege
1819377 - CVE-2019-9458 kernel: use after free due to race condition in the video driver leads to local privilege escalation
1822077 - CVE-2020-12826 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process
1824059 - CVE-2019-20636 kernel: out-of-bounds write via crafted keycode table
1824270 - CVE-2020-10742 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic [rhel-7]
1824918 - CVE-2020-11565 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
1829662 - kernel BUG at fs/fscache/operation.c:70! FS-Cache: 4 == 5 is false - current state is FSCACHE_OP_ST_COMPLETE but should be FSCACHE_OP_CANCELLED in fscache_enqueue_operation
1831399 - CVE-2020-10732 kernel: uninitialized kernel data leak in userspace coredumps
1832332 - "[sig-network] Services should be rejected when no endpoints exist" test fails frequently on RHEL7 nodes
1834845 - CVE-2020-12770 kernel: sg_write function lacks an sg_remove_request call in a certain failure case
1835127 - CVE-2020-10742 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic
1839634 - CVE-2020-10751 kernel: SELinux netlink permission check bypass
1845326 - libaio is returning duplicate events
1850716 - CVE-2020-14305 kernel: memory corruption in Voice over IP nf_conntrack_h323 module

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1160.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm
kernel-doc-3.10.0-1160.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-3.10.0-1160.el7.x86_64.rpm
kernel-debug-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-devel-3.10.0-1160.el7.x86_64.rpm
kernel-headers-3.10.0-1160.el7.x86_64.rpm
kernel-tools-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm
perf-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1160.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm
kernel-doc-3.10.0-1160.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-3.10.0-1160.el7.x86_64.rpm
kernel-debug-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-devel-3.10.0-1160.el7.x86_64.rpm
kernel-headers-3.10.0-1160.el7.x86_64.rpm
kernel-tools-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm
perf-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-1160.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm
kernel-doc-3.10.0-1160.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1160.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-3.10.0-1160.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1160.el7.ppc64.rpm
kernel-debug-3.10.0-1160.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1160.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.el7.ppc64.rpm
kernel-devel-3.10.0-1160.el7.ppc64.rpm
kernel-headers-3.10.0-1160.el7.ppc64.rpm
kernel-tools-3.10.0-1160.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1160.el7.ppc64.rpm
perf-3.10.0-1160.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.el7.ppc64.rpm
python-perf-3.10.0-1160.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1160.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-3.10.0-1160.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1160.el7.ppc64le.rpm
kernel-debug-3.10.0-1160.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.el7.ppc64le.rpm
kernel-devel-3.10.0-1160.el7.ppc64le.rpm
kernel-headers-3.10.0-1160.el7.ppc64le.rpm
kernel-tools-3.10.0-1160.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1160.el7.ppc64le.rpm
perf-3.10.0-1160.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm
python-perf-3.10.0-1160.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1160.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1160.el7.s390x.rpm
kernel-3.10.0-1160.el7.s390x.rpm
kernel-debug-3.10.0-1160.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.s390x.rpm
kernel-debug-devel-3.10.0-1160.el7.s390x.rpm
kernel-debuginfo-3.10.0-1160.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1160.el7.s390x.rpm
kernel-devel-3.10.0-1160.el7.s390x.rpm
kernel-headers-3.10.0-1160.el7.s390x.rpm
kernel-kdump-3.10.0-1160.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1160.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1160.el7.s390x.rpm
perf-3.10.0-1160.el7.s390x.rpm
perf-debuginfo-3.10.0-1160.el7.s390x.rpm
python-perf-3.10.0-1160.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1160.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1160.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-3.10.0-1160.el7.x86_64.rpm
kernel-debug-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-devel-3.10.0-1160.el7.x86_64.rpm
kernel-headers-3.10.0-1160.el7.x86_64.rpm
kernel-tools-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm
perf-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
bpftool-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1160.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1160.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1160.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-1160.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm
kernel-doc-3.10.0-1160.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-3.10.0-1160.el7.x86_64.rpm
kernel-debug-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-devel-3.10.0-1160.el7.x86_64.rpm
kernel-headers-3.10.0-1160.el7.x86_64.rpm
kernel-tools-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm
perf-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-18551
https://access.redhat.com/security/cve/CVE-2018-20836
https://access.redhat.com/security/cve/CVE-2019-9454
https://access.redhat.com/security/cve/CVE-2019-9458
https://access.redhat.com/security/cve/CVE-2019-12614
https://access.redhat.com/security/cve/CVE-2019-15217
https://access.redhat.com/security/cve/CVE-2019-15807
https://access.redhat.com/security/cve/CVE-2019-15917
https://access.redhat.com/security/cve/CVE-2019-16231
https://access.redhat.com/security/cve/CVE-2019-16233
https://access.redhat.com/security/cve/CVE-2019-16994
https://access.redhat.com/security/cve/CVE-2019-17053
https://access.redhat.com/security/cve/CVE-2019-17055
https://access.redhat.com/security/cve/CVE-2019-18808
https://access.redhat.com/security/cve/CVE-2019-19046
https://access.redhat.com/security/cve/CVE-2019-19055
https://access.redhat.com/security/cve/CVE-2019-19058
https://access.redhat.com/security/cve/CVE-2019-19059
https://access.redhat.com/security/cve/CVE-2019-19062
https://access.redhat.com/security/cve/CVE-2019-19063
https://access.redhat.com/security/cve/CVE-2019-19332
https://access.redhat.com/security/cve/CVE-2019-19447
https://access.redhat.com/security/cve/CVE-2019-19523
https://access.redhat.com/security/cve/CVE-2019-19524
https://access.redhat.com/security/cve/CVE-2019-19530
https://access.redhat.com/security/cve/CVE-2019-19534
https://access.redhat.com/security/cve/CVE-2019-19537
https://access.redhat.com/security/cve/CVE-2019-19767
https://access.redhat.com/security/cve/CVE-2019-19807
https://access.redhat.com/security/cve/CVE-2019-20054
https://access.redhat.com/security/cve/CVE-2019-20095
https://access.redhat.com/security/cve/CVE-2019-20636
https://access.redhat.com/security/cve/CVE-2020-1749
https://access.redhat.com/security/cve/CVE-2020-2732
https://access.redhat.com/security/cve/CVE-2020-8647
https://access.redhat.com/security/cve/CVE-2020-8649
https://access.redhat.com/security/cve/CVE-2020-9383
https://access.redhat.com/security/cve/CVE-2020-10690
https://access.redhat.com/security/cve/CVE-2020-10732
https://access.redhat.com/security/cve/CVE-2020-10742
https://access.redhat.com/security/cve/CVE-2020-10751
https://access.redhat.com/security/cve/CVE-2020-10942
https://access.redhat.com/security/cve/CVE-2020-11565
https://access.redhat.com/security/cve/CVE-2020-12770
https://access.redhat.com/security/cve/CVE-2020-12826
https://access.redhat.com/security/cve/CVE-2020-14305
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
https://access.redhat.com/articles/5442421

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX3OiL9zjgjWX9erEAQihSxAApxwgp4kpij7zRNbAhyJuEtRjbVL5gO/i
fwPX//BDQD1TPK5HfbCicmhLEgFvbM8PwV/p8DVYAeJqD6ipqGaJjUmZssr5jCRb
+EIz+7nJjq7x+iQ93/xt0nGBCRVEWwxb27nYvVQId0Prbby5TMGGmG8LmKGeMRBg
mEudwSaVgo2Rn/V6aBIQFLGwsOgpHpXd/5yY9JX6e6mclE23+yKc15zqVboJvt14
Q1beZAwtHkBWlHGzBRx3HPEJdXWZXPiYcWN+07BF7vyLSmD+opMvNGsgXlCrgyIc
ErgXdAIo3awyWwaU8JTv2pY/ZRsPYI2MTO0Ph+zHLy4ndpmMv9b/c0WbiEAan8iL
0Uj1zuSyWRDbnNwKEo2wc1Z7guMpDqKtV5QrZAFTSH3HVPSXF43WakDEZrO7LOse
T3SmYeWdP/rI50tMOtuPeldTh8kY/qUC6mRgFM45UmXlfIzQrw49l2fbgHnANIA5
8olnRowuCaM+AU4ruLM+qf5S9IoxeLQRmzRLQEZk4nH3zjSNgwO+9rFSK92E1cTj
E3mN+hH/4KP4ckOh3TDb8W9qx5DHA7U6N3XcuSloNOwROyBnnLbw8eZcJeddy0zX
SvESq0HLBOVtEBbpnmJtfXlvW5bXkajYlcSX8nSCcIJ6U7yJN9qHmlsO5bv53koB
7KUpNcbho+A=
=V/r8
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX3PQIeNLKJtyKPYoAQjMvQ/9H6grf4uFS66ZKEaQkkPzaGmxa+uRPVS8
FbznvK9kgkXqmdyzX6pQcLdmDZu8PgU7ayBkbnBFl0jVJBKOHccMpNVsQTKLmfrU
OVa7corpgIB5OhOuyqz471HDmxgVvBVKyKK65e2L42X7t0OBJ278KLLz+f3RDLQs
tfUJud3JsE9ZEgirHJy6O/dHb7wobrRcGPbhDYm+CiZhabiG9gimxm765Aoetxvw
Bh6vDPJ50BKy0SsXQT0UAFiplUV4FLODBAY9z9uoAjeEBk++SjhYIBdN2NlaQHBG
zqMLoH3gmbvEh+BkoPj1wdlaLYXzakZxL5lsaBtdCyRowm5YQ4pf/fD/Eyzvqgrc
Ty6rmPjhK6Uthk4zfalKsZFi4OpJmR6bLOlpxPfOmlxm99E0SHGT83Aa1/dGdoto
YQjC0HHyTRdBPlxg8ZFQtjH0uVLThOkRGxgvGBiQSlRdfIw5FF1ocId3wpOHW2Q8
9JNk8kSNYzgzXtyWbh/E/9SnyMioHSPGvtqm1P0y21zTkZUaKlIifTwJRBGMZ0Ru
iET6SNQjyIYlJcB9QFpntGXSX48u0HV/nLIP5OfeLHHs2EaPNndGW46fRLKHK7Sy
XVFsAMhmRnyEk+oA0IO1/AXHbqyfKDhx2D5l4/4+KRCZMqj/aCEr8OMJ4LsCoCvb
xcm5RWAf0M0=
=8rnP
-----END PGP SIGNATURE-----