Explore top 10 tips to secure your open-source projects now. Read More
×
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()
(CVE-2019-6974)
* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the
preemption timer (CVE-2019-7221)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* VM hangs on RHEL rt-kernel and OSP 13 [rhel-7.6.z] (BZ#1688673)
* kernel-rt: update to the RHEL7.6.z batch#4 source tree (BZ#1689417)
Users of kernel are advised to upgrade to these updated packages, which fix
these bugs.
https://access.redhat.com/security/cve/CVE-2019-6974 https://access.redhat.com/security/cve/CVE-2019-7221 https://access.redhat.com/security/updates/classification/#important
Red Hat Enterprise Linux for Real Time for NFV (v. 7):
Source:
kernel-rt-3.10.0-957.12.1.rt56.927.el7.src.rpm
noarch:
kernel-rt-doc-3.10.0-957.12.1.rt56.927.el7.noarch.rpm
x86_64:
kernel-rt-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debug-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-devel-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-trace-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-957.12.1.rt56.927.el7.x86_64.rpm
Red Hat Enterprise Linux Realtime (v. 7):
Source:
kernel-rt-3.10.0-957.12.1.rt56.927.el7.src.rpm
noarch:
Read the Full Advisory
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64
1671904 - CVE-2019-7221 Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
1671913 - CVE-2019-6974 Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()
1688673 - VM hangs on RHEL rt-kernel and OSP 13 [rhel-7.6.z]
1689417 - kernel-rt: update to the RHEL7.6.z batch#4 source tree
Get the latest Linux and open source security news straight to your inbox.