Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Red Hat 5 ELS RHSA-2018-2602 Important: Kernel Memory Protection Issue

red hat
Calendar Grey August 29, 2018
Scroller Redhat
Critical kernel security patch for Red Hat Enterprise Linux, targeting substantial vulnerabilities and necessitating a system restart.
An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Summary

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646)
Red Hat would like to thank Intel OSSIRT (Intel.com) for reporting these issues.

References

https://access.redhat.com/security/cve/CVE-2018-3620 https://access.redhat.com/security/cve/CVE-2018-3646 https://access.redhat.com/security/updates/classification#important

Package List

Red Hat Enterprise Linux Server (v. 5 ELS):
Source: kernel-2.6.18-434.el5.src.rpm
i386: kernel-2.6.18-434.el5.i686.rpm kernel-PAE-2.6.18-434.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-434.el5.i686.rpm kernel-PAE-devel-2.6.18-434.el5.i686.rpm kernel-debug-2.6.18-434.el5.i686.rpm kernel-debug-debuginfo-2.6.18-434.el5.i686.rpm kernel-debug-devel-2.6.18-434.el5.i686.rpm kernel-debuginfo-2.6.18-434.el5.i686.rpm kernel-debuginfo-common-2.6.18-434.el5.i686.rpm kernel-devel-2.6.18-434.el5.i686.rpm kernel-headers-2.6.18-434.el5.i386.rpm kernel-xen-2.6.18-434.el5.i686.rpm kernel-xen-debuginfo-2.6.18-434.el5.i686.rpm kernel-xen-devel-2.6.18-434.el5.i686.rpm
noarch: kernel-doc-2.6.18-434.el5.noarch.rpm
s390x: kernel-2.6.18-434.el5.s390x.rpm kernel-debug-2.6.18-434.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-434.el5.s390x.rpm kernel-debug-devel-2.6.18-434.el5.s390x.rpm kernel-debuginfo-2.6.18-434.el5.s390x.rpm kernel-debuginfo-common-2.6.18-434.el5.s390x.rpm kernel-devel-2.6.18-434.el5.s390x.rpm kernel-headers-2.6.18-434.el5.s390x.rpm kernel-kdump-2.6.18-434.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-434.el5.s390x.rpm kernel-kdump-devel-2.6.18-434.el5.s390x.rpm
x86_64: kernel-2.6.18-434.el5.x86_64.rpm kernel-debug-2.6.18-434.el5.x86_64.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2018:2602-01
Product: Red Hat Enterprise Linux
Issue date: 2018-08-29

Topic

An update for kernel is now available for Red Hat Enterprise Linux 5Extended Lifecycle Support.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat Enterprise Linux Server (v. 5 ELS) - i386, noarch, s390x, x86_64

Bugs Fixed

1585005 - CVE-2018-3620 CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.