Oval Definition:oval:com.redhat.rhsa:def:20190512
Revision Date:2019-03-13Version:637
Title:RHSA-2019:0512: kernel security, bug fix, and enhancement update (Important)
Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)

  • kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972)

  • kernel: Faulty computation of numberic bounds in the BPF verifier (CVE-2018-18445)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es) and Enhancement(s):

  • kernel fuse invalidates cached attributes during reads (BZ#1657921)

  • [NetApp-FC-NVMe] RHEL7.6: nvme reset gets hung indefinitely (BZ#1659937)

  • Memory reclaim deadlock calling __sock_create() after memalloc_noio_save() (BZ#1660392)

  • hardened usercopy is causing crash (BZ#1660815)

  • Backport: xfrm: policy: init locks early (BZ#1660887)

  • AWS m5 instance type loses NVMe mounted volumes [was: Unable to Mount StatefulSet PV in AWS EBS] (BZ#1661947)

  • RHEL 7.6 running on a VirtualBox guest with a GUI has a mouse problem (BZ#1662848)

  • Kernel bug report in cgroups on heavily contested 3.10 node (BZ#1663114)

  • [PCIe] SHPC probe crash on Non-ACPI/Non-SHPC ports (BZ#1663241)

  • [Cavium 7.7 Feat] qla2xxx: Update to latest upstream. (BZ#1663508)

  • Regression in lpfc and the CNE1000 (BE2 FCoE) adapters that no longer initialize (BZ#1664067)

  • [csiostor] call trace after command: modprobe csiostor (BZ#1665370)

  • libceph: fall back to sendmsg for slab pages (BZ#1665814)

  • Deadlock between stop_one_cpu_nowait() and stop_two_cpus() (BZ#1667328)

  • Soft lockups occur when the sd driver passes a device size of 1 sector to string_get_size() (BZ#1667989)

  • [RHEL7.7] BUG: unable to handle kernel paging request at ffffffffffffffff (BZ#1668208)

  • RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1669044)

  • blk-mq: fix corruption with direct issue (BZ#1670511)

  • [RHEL7][patch] iscsi driver can block reboot/shutdown (BZ#1670680)

  • [DELL EMC 7.6 BUG] Unable to create-namespace over Dell NVDIMM-N (BZ#1671743)

  • efi_bgrt_init fails to ioremap error during boot (BZ#1671745)

  • Unable to mount a share on kernel- 3.10.0-957.el7. The share can be mounted on kernel-3.10.0-862.14.4.el7 (BZ#1672448)

  • System crash with RIP nfs_readpage_async+0x43 -- BUG: unable to handle kernel NULL pointer dereference (BZ#1672510)

    Users of kernel are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2018-17972
    CVE-2018-18445
    CVE-2018-9568
    RHSA-2019:0512
    RHSA-2019:0512-01
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • kernel earlier than 0:3.10.0-957.10.1.el7 is currently running
  • OR kernel earlier than 0:3.10.0-957.10.1.el7 is set to boot up on next boot
  • AND
  • bpftool is earlier than 0:3.10.0-957.10.1.el7
  • AND bpftool is signed with Red Hat redhatrelease2 key
  • kernel is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel is signed with Red Hat redhatrelease2 key
  • kernel-abi-whitelists is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
  • kernel-bootwrapper is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-bootwrapper is signed with Red Hat redhatrelease2 key
  • kernel-debug is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-debug is signed with Red Hat redhatrelease2 key
  • kernel-debug-devel is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-devel is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-devel is signed with Red Hat redhatrelease2 key
  • kernel-doc is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-doc is signed with Red Hat redhatrelease2 key
  • kernel-headers is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-headers is signed with Red Hat redhatrelease2 key
  • kernel-kdump is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-kdump is signed with Red Hat redhatrelease2 key
  • kernel-kdump-devel is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-kdump-devel is signed with Red Hat redhatrelease2 key
  • kernel-tools is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-tools is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-tools-libs is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs-devel is earlier than 0:3.10.0-957.10.1.el7
  • AND kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
  • perf is earlier than 0:3.10.0-957.10.1.el7
  • AND perf is signed with Red Hat redhatrelease2 key
  • python-perf is earlier than 0:3.10.0-957.10.1.el7
  • AND python-perf is signed with Red Hat redhatrelease2 key
    • BACK