Synopsis:          Important: kernel security and bug fix update
Advisory ID:       SLSA-2019:2473-1
Issue Date:        2019-08-13
CVE Numbers:       CVE-2017-17805
                   CVE-2018-17972
                   CVE-2019-5489
                   CVE-2019-1125
--Security Fix(es):

* Kernel: page cache side channel attacks (CVE-2019-5489)

* kernel: Salsa20 encryption algorithm does not correctly handle
zero-length inputs allowing local attackers to cause denial-of-service
(CVE-2017-17805)

* kernel: Unprivileged users able to inspect kernel stacks of arbitrary
tasks (CVE-2018-17972)

* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* OOPS with Null Pointer exception in v4l2_ctrl_query_menu when second arg
of function is NULL (BZ#1647975)

* Another RHEL 6 hang in congestion_wait() (BZ#1658254)

* kernel crash after running user space script (BZ#1663262)

* RHEL-6.10: Don't report the use of retpoline on Skylake as vulnerable
(BZ#1666102)

* Bad pagetable: 000f “*pdpt = 0000000000000000 *pde = 0000000000000000”
RHEL 6 32bit (BZ#1702782)

* fs/binfmt_misc.c: do not allow offset overflow [6.10.z] (BZ#1710149)

* Wrong spectre backport causing linux headers to break compilation of 3rd
party packages (BZ#1722185)
--SL6
  x86_64
    kernel-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-debug-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-debug-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    kernel-debug-debuginfo-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-debug-devel-2.6.32-754.18.2.el6.i686.rpm
    kernel-debug-devel-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    kernel-debuginfo-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-debuginfo-common-i686-2.6.32-754.18.2.el6.i686.rpm
    kernel-debuginfo-common-x86_64-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-devel-2.6.32-754.18.2.el6.x86_64.rpm
    kernel-headers-2.6.32-754.18.2.el6.x86_64.rpm
    perf-2.6.32-754.18.2.el6.x86_64.rpm
    perf-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    perf-debuginfo-2.6.32-754.18.2.el6.x86_64.rpm
    python-perf-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    python-perf-debuginfo-2.6.32-754.18.2.el6.x86_64.rpm
    python-perf-2.6.32-754.18.2.el6.x86_64.rpm
  i386
    kernel-2.6.32-754.18.2.el6.i686.rpm
    kernel-debug-2.6.32-754.18.2.el6.i686.rpm
    kernel-debug-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    kernel-debug-devel-2.6.32-754.18.2.el6.i686.rpm
    kernel-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    kernel-debuginfo-common-i686-2.6.32-754.18.2.el6.i686.rpm
    kernel-devel-2.6.32-754.18.2.el6.i686.rpm
    kernel-headers-2.6.32-754.18.2.el6.i686.rpm
    perf-2.6.32-754.18.2.el6.i686.rpm
    perf-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    python-perf-debuginfo-2.6.32-754.18.2.el6.i686.rpm
    python-perf-2.6.32-754.18.2.el6.i686.rpm
  noarch
    kernel-abi-whitelists-2.6.32-754.18.2.el6.noarch.rpm
    kernel-doc-2.6.32-754.18.2.el6.noarch.rpm
    kernel-firmware-2.6.32-754.18.2.el6.noarch.rpm

- Scientific Linux Development Team