Synopsis
Important: kernel-alt security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
- kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)
- kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
- kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS (CVE-2019-5108)
- kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)
- kernel: out-of-bounds array access in __xfrm_policy_unlink (CVE-2019-15666)
- kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath40k/usb.c leads to a crash (CVE-2019-15099)
- kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922)
- kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054)
- kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c (CVE-2019-20095)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- rhel-alt-76z bsd process accounting(acct(2)) does not work (BZ#1763618)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
-
Red Hat Enterprise Linux for ARM 64 7 aarch64
-
Red Hat Enterprise Linux for Power 9 7 ppc64le
-
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
Fixes
- BZ - 1743560 - CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath40k/usb.c leads to a crash
- BZ - 1747334 - CVE-2019-15666 kernel: out-of-bounds array access in __xfrm_policy_unlink
- BZ - 1760063 - CVE-2019-15031 kernel: powerpc: local user can read vector registers of other users' processes via an interrupt
- BZ - 1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
- BZ - 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
- BZ - 1789927 - CVE-2019-5108 kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS
- BZ - 1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c
- BZ - 1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c
- BZ - 1792512 - CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications
CVEs
References