Linux Security
    Linux Security
    Linux Security

    SciLinux: SLSA-2020-0374-1 Important: kernel on SL7.x x86_64

    Date
    239
    Posted By
    kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c [More...]
    Synopsis:          Important: kernel security and bug fix update
    Advisory ID:       SLSA-2020:0374-1
    Issue Date:        2020-02-05
    CVE Numbers:       None
    --
    
    Security Fix(es):
    
    * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi
    driver (CVE-2019-14816)
    
    * kernel: heap-based buffer overflow in mwifiex_process_country_ie()
    function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
    (CVE-2019-14895)
    
    * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
    
    * kernel: buffer overflow in cfg80211_mgd_wext_giwessid in
    net/wireless/wext-sme.c (CVE-2019-17133)
    
    * kernel: incomplete fix  for race condition between
    mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599
    (CVE-2019-14898)
    
    Bug Fix(es):
    
    * [Azure][7.8] Include patch "PCI: hv: Avoid use of hv_pci_dev->pci_slot
    after freeing it" (BZ#1766089)
    
    * [Hyper-V][RHEL7.8] When accelerated networking is enabled on RedHat,
    network interface(eth0) moved to new network namespace does not obtain IP
    address. (BZ#1766093)
    
    * [Azure][RHEL 7.6] hv_vmbus probe pass-through GPU card failed
    (BZ#1766097)
    
    * SMB3: Do not error out on large file transfers if server responds with
    STATUS_INSUFFICIENT_RESOURCES (BZ#1767621)
    
    * Since RHEL commit 5330f5d09820 high load can cause dm-multipath path
    failures (BZ#1770113)
    
    * Hard lockup in free_one_page()->_raw_spin_lock() because sosreport
    command is reading from /proc/pagetypeinfo (BZ#1770732)
    
    * patchset for x86/atomic: Fix smp_mb__{before,after}_atomic() (BZ#1772812)
    
    * fix compat statfs64() returning EOVERFLOW for when _FILE_OFFSET_BITS=64
    (BZ#1775678)
    
    * Guest crash after load cpuidle-haltpoll driver (BZ#1776289)
    
    * RHEL 7.7 long I/O stalls with bnx2fc from not masking off scope bits of
    retry delay value (BZ#1776290)
    
    * Multiple "mv" processes hung on a gfs2 filesystem (BZ#1777297)
    
    * Moving Egress IP will result in conntrack sessions being DESTROYED
    (BZ#1779564)
    
    * core: backports from upstream (BZ#1780033)
    
    * kernel BUG at arch/powerpc/platforms/pseries/lpar.c:482! (BZ#1780148)
    
    * Race between tty_open() and flush_to_ldisc()  using the
    tty_struct->driver_data field. (BZ#1780163)
    
    --
    
    SL7
      x86_64
        bpftool-3.10.0-1062.12.1.el7.x86_64.rpm
        bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-debug-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-debug-devel-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-devel-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-headers-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-tools-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-tools-libs-3.10.0-1062.12.1.el7.x86_64.rpm
        perf-3.10.0-1062.12.1.el7.x86_64.rpm
        perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm
        python-perf-3.10.0-1062.12.1.el7.x86_64.rpm
        python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm
        kernel-tools-libs-devel-3.10.0-1062.12.1.el7.x86_64.rpm
      noarch
        kernel-abi-whitelists-3.10.0-1062.12.1.el7.noarch.rpm
        kernel-doc-3.10.0-1062.12.1.el7.noarch.rpm
    
    - Scientific Linux Development Team
    

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/37-how-are-you-contributing-to-open-source?task=poll.vote&format=json
    37
    radio
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.