Red Hat Security Advisory: kernel-rt security and bug fix update
🔗 CVE IDs covered (27)
📋 Description
CVE-2018-7755 — kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c CVE-2018-8087 — kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service CVE-2018-9363 — kernel: Buffer overflow in hidp_process_report CVE-2018-9516 — kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c CVE-2018-9517 — kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create() CVE-2018-10853 — kernel: kvm: guest userspace to guest kernel write CVE-2018-13053 — kernel: Integer overflow in the alarm_timer_nsleep function CVE-2018-13093 — kernel: NULL pointer dereference in lookup_slow function CVE-2018-13094 — kernel: NULL pointer dereference in xfs_da_shrink_inode function CVE-2018-13095 — kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c CVE-2018-14625 — kernel: use-after-free Read in vhost_transport_send_pkt CVE-2018-14734 — kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c CVE-2018-15594 — kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests CVE-2018-16658 — kernel: Information leak in cdrom_ioctl_drive_status CVE-2018-16885 — kernel: out-of-bound read in memcpy_fromiovecend() CVE-2018-18281 — kernel: TLB flush happens too late on mremap CVE-2019-3459 — kernel: Heap address information leak while using L2CAP_GET_CONF_OPT CVE-2019-3460 — kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP CVE-2019-3882 — kernel: denial of service vector through vfio DMA mappings CVE-2019-3900 — Kernel: vhost_net: infinite loop while receiving packets leads to DoS CVE-2019-5489 — Kernel: page cache side channel attacks CVE-2019-7222 — Kernel: KVM: leak of uninitialized stack contents to guest CVE-2019-9456 — kernel: OOB write due to missing bounds check leads to local privilege escalation CVE-2019-10140 — kernel: overlayfs: NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c CVE-2019-11599 — kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping CVE-2019-11810 — kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS CVE-2019-11833 — kernel: fs/ext4/extents.c leads to information disclosure
🔗 References (37)
- selfhttps://access.redhat.com/errata/RHSA-2019:2043
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/7.7_release_notes/index
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1553216
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1555145
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1573916
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1589890
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1593361
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1597747
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1597766
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1597771
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1597775
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1611005
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1619846
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1620555
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1623067
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1627731
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1631036
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1631045
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642619
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1645121
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1661503
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1663176
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1663179
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1664110
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1664380
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1665278
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1671126
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1671930
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1684745
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1689426
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1698757
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1705937
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1709164
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1712072
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1717212
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2043.json