SciLinux: SLSA-2019-2029-1 Important: kernel on SL7.x x86_64
Summary
Important: kernel security, bug fix, and enhancement update
Security Fixes
* Kernel: vhost_net: infinite loop while receiving packets leads to DoS
(CVE-2019-3900)
* Kernel: page cache side channel attacks (CVE-2019-5489)
* kernel: Buffer overflow in hidp_process_report (CVE-2018-9363)
* kernel: l2tp: Race condition between pppol2tp_session_create() and
l2tp_eth_create() (CVE-2018-9517)
* kernel: kvm: guest userspace to guest kernel write (CVE-2018-10853)
* kernel: use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)
* kernel: use-after-free in ucma_leave_multicast in
drivers/infiniband/core/ucma.c (CVE-2018-14734)
* kernel: Mishandling of indirect calls weakens Spectre mitigation for
paravirtual guests (CVE-2018-15594)
* kernel: TLB flush happens too late on mremap (CVE-2018-18281)
* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT
(CVE-2019-3459)
* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP
(CVE-2019-3460)
* kernel: denial of service vector through vfio DMA mappings
(CVE-2019-3882)
* kernel: fix race condition between mmget_not_zero()/get_task_mm() and
core dumping (CVE-2019-11599)
* kernel: a NULL pointer dereference in
drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)
* kernel: fs/ext4/extents.c leads to information disclosure
(CVE-2019-11833)
* kernel: Information exposure in fd_locked_ioctl function in
drivers/block/floppy.c (CVE-2018-7755)
* kernel: Memory leak in
drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to
potential denial of service (CVE-2018-8087)
* kernel: HID: debug: Buffer overflow in hid_debug_events_read() in
drivers/hid/hid-debug.c (CVE-2018-9516)
* kernel: Integer overflow in the alarm_timer_nsleep function
(CVE-2018-13053)
* kernel: NULL pointer dereference in lookup_slow function
(CVE-2018-13093)
* kernel: NULL pointer dereference in xfs_da_shrink_inode function
(CVE-2018-13094)
* kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c
(CVE-2018-13095)
* kernel: Information leak in cdrom_ioctl_drive_status (CVE-2018-16658)
* kernel: out-of-bound read in memcpy_fromiovecend() (CVE-2018-16885)
* Kernel: KVM: leak of uninitialized stack contents to guest
(CVE-2019-7222)
SL7
x86_64
kernel-debug-devel-3.10.0-1062.el7.x86_64.rpm
kernel-tools-3.10.0-1062.el7.x86_64.rpm
python-perf-3.10.0-1062.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1062.el7.noarch.rpm
kernel-debug-3.10.0-1062.el7.x86_64.rpm
perf-3.10.0-1062.el7.x86_64.rpm
kernel-devel-3.10.0-1062.el7.x86_64.rpm
kernel-3.10.0-1062.el7.x86_64.rpm
kernel-headers-3.10.0-1062.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1062.el7.x86_64.rpm
bpftool-3.10.0-1062.el7.x86_64.rpm
kernel-doc-3.10.0-1062.el7.noarch.rpm
kernel-tools-libs-devel-3.10.0-1062.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1062.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.el7.x86_64.rpm
noarch
kernel-abi-whitelists-3.10.0-1062.el7.noarch.rpm
kernel-doc-3.10.0-1062.el7.noarch.rpm
- Scientific Linux Development Team
