Oval Definition:oval:com.redhat.rhsa:def:20192703
Revision Date:2019-09-12Version:635
Title:RHSA-2019:2703: kernel security and bug fix update (Important)
Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)

  • Kernel: KVM: nVMX: guest accesses L0 MSR causes potential DoS (CVE-2019-3887)

  • kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)

  • kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)

  • kernel: ppc: unrelated processes being able to read/write to each other's virtual memory (CVE-2019-12817)

  • kernel: Use-after-free in sound/usb/card.c:usb_audio_probe() (CVE-2018-19824)

  • kernel: brcmfmac frame validation bypass (CVE-2019-9503)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

  • [DELL EMC 8.0 BUG]: pciehp deadlock resulting in NVMe device not being recognized when hot plugged (BZ#1712261)

  • Host crashed while try to boot a compatible guest attached huge page by"-object memory-backend-file *"[1G-P9] (BZ#1714758)

  • Setting malformed authenc key will crash the system (BZ#1715335)

  • BUG: memory allocation failure in inode_doinit_with_dentry()/context_to_sid() (BZ#1717780)

  • [HPEMC 8.1 BUG] Protect against concurrent calls into UV BIOS (BZ#1724534)

  • PHC jumping on I350 (igb) (BZ#1726352)

  • aarch64 kernel missing vulnerabilities status files (BZ#1726353)

  • BUG: KASAN: use-after-free in skb_release_data() (BZ#1726354)

  • [RHEL8][PANIC][aarch64] kernel panic when loading the dme1737 module (BZ#1726355)

  • [RHEL8] [aarch64] Changes for BZ1672997 break kaslr (BZ#1726357)

  • Network fails to come up when booting with kernel 3.10.0-862.el7.x86_64, several hung tasks can be seen in logs. (BZ#1726358)

  • [Intel] 'cpupower frequency-set' produces unexpected results for some processors (BZ#1726360)

  • HDMI/DP audio: ELD not updated on hotplug event (BZ#1726361)

  • [mlx5_core] CX5 Adapter works not as expected when MTU is 9000, Unable to handle kernel paging request at virtual address 3ae0aafeff4b6b5a (BZ#1726372)

  • [DELL 8.0 Bug] - hid-multitouch 0018:1FD2:8008.0001 ,lost function from S3 resume (BZ#1727098)

  • [RHEL8.1 Pre Beta] [Power8] data corruption while returning from watchpoint exception handler (BZ#1733281)

  • RHEL8.1 pre-Beta - cacheinfo code unsafe vs LPM (BZ#1733282)

  • RHEL8.1 pre-Beta - [ZZ/Zeppelin] [kernel-4.18.0-100.el8.ppc64le] Hash MMU allows child to write parents process address space (BZ#1734689)
  • Family:unixClass:patch
    Status:Reference(s):CVE-2018-19824
    CVE-2019-11487
    CVE-2019-12817
    CVE-2019-3846
    CVE-2019-3887
    CVE-2019-9500
    CVE-2019-9503
    RHSA-2019:2703
    Platform(s):Red Hat Enterprise Linux 8
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • kernel earlier than 0:4.18.0-80.11.1.el8_0 is currently running
  • OR kernel earlier than 0:4.18.0-80.11.1.el8_0 is set to boot up on next boot
  • AND
  • bpftool is earlier than 0:4.18.0-80.11.1.el8_0
  • AND bpftool is signed with Red Hat redhatrelease2 key
  • kernel is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel is signed with Red Hat redhatrelease2 key
  • kernel-abi-whitelists is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
  • kernel-core is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-core is signed with Red Hat redhatrelease2 key
  • kernel-cross-headers is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-cross-headers is signed with Red Hat redhatrelease2 key
  • kernel-debug is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-debug is signed with Red Hat redhatrelease2 key
  • kernel-debug-core is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-debug-core is signed with Red Hat redhatrelease2 key
  • kernel-debug-devel is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-debug-modules is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-debug-modules is signed with Red Hat redhatrelease2 key
  • kernel-debug-modules-extra is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-devel is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-devel is signed with Red Hat redhatrelease2 key
  • kernel-doc is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-doc is signed with Red Hat redhatrelease2 key
  • kernel-headers is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-headers is signed with Red Hat redhatrelease2 key
  • kernel-modules is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-modules is signed with Red Hat redhatrelease2 key
  • kernel-modules-extra is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-tools is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-tools is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-tools-libs is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs-devel is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-zfcpdump is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-core is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-devel is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-modules is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-modules-extra is earlier than 0:4.18.0-80.11.1.el8_0
  • AND kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
  • perf is earlier than 0:4.18.0-80.11.1.el8_0
  • AND perf is signed with Red Hat redhatrelease2 key
  • python3-perf is earlier than 0:4.18.0-80.11.1.el8_0
  • AND python3-perf is signed with Red Hat redhatrelease2 key
  • BACK