For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207)
* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)
* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
* hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory
write (CVE-2019-0155)
* Kernel: vhost_net: infinite loop while receiving packets leads to DoS
(CVE-2019-3900)
* Kernel: page cache side channel attacks (CVE-2019-5489)
* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
(CVE-2019-9506)
* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in
drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
* kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi
driver (CVE-2019-14816)
* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
* kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
* hw: Intel GPU Denial Of Service while accessing MMIO in lower power state
(CVE-2019-0154)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* Backport TCP follow-up for small buffers (BZ#1739184)
* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)
* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test
(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)
* block: blk-mq improvement (BZ#1780567)
* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during
RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)
* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)
* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads
to drain out system memory quickly. (BZ#1782705)
https://access.redhat.com/security/cve/CVE-2018-12207 https://access.redhat.com/security/cve/CVE-2018-16884 https://access.redhat.com/security/cve/CVE-2019-0154 https://access.redhat.com/security/cve/CVE-2019-0155 https://access.redhat.com/security/cve/CVE-2019-3900 https://access.redhat.com/security/cve/CVE-2019-5489 https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/cve/CVE-2019-10126 https://access.redhat.com/security/cve/CVE-2019-11135 https://access.redhat.com/security/cve/CVE-2019-14816 https://access.redhat.com/security/cve/CVE-2019-14821 https://access.redhat.com/security/cve/CVE-2019-14901 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/ifu-page-mce
Red Hat Enterprise Linux BaseOS E4S (v. 8.0):
Source:
kernel-4.18.0-80.15.1.el8_0.src.rpm
aarch64:
bpftool-4.18.0-80.15.1.el8_0.aarch64.rpm
bpftool-debuginfo-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-core-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-cross-headers-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debug-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debug-core-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debug-debuginfo-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debug-devel-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debug-modules-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debug-modules-extra-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debuginfo-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-devel-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-headers-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-modules-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-modules-extra-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-tools-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-tools-debuginfo-4.18.0-80.15.1.el8_0.aarch64.rpm
kernel-tools-libs-4.18.0-80.15.1.el8_0.aarch64.rpm
perf-4.18.0-80.15.1.el8_0.aarch64.rpm
perf-debuginfo-4.18.0-80.15.1.el8_0.aarch64.rpm
python3-perf-4.18.0-80.15.1.el8_0.aarch64.rpm
Read the Full Advisory
An update for kernel is now available for Red Hat Enterprise Linux 8.0Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Red Hat Enterprise Linux BaseOS E4S (v. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64
1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IFU)
1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()
1664110 - CVE-2019-5489 Kernel: page cache side channel attacks
1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS
1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
1724393 - CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state
1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
1744149 - CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
1746708 - CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer
1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA)
1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
Get the latest Linux and open source security news straight to your inbox.