Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -8 articles for you...
98
security advisorybuffer overflowsecurity fixRedHat: RHSA-2020-0831 Important: Kernel Buffer Overflow Issues
An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2020:0831-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0831 Issue date: 2020-03-17 CVE Names: CVE-2019-14895 CVE-2019-17666 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS E4S (v. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1763690 - CVE-2019-17666 kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c 6. Package List: Red Hat Enterprise Linux BaseOS E4S (v.8.0): Source: kernel-4.18.0-80.16.1.el8_0.src.rpm aarch64: bpftool-4.18.0-80.16.1.el8_0.aarch64.rpm bpftool-debuginfo-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-core-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-cross-headers-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debug-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debug-core-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debug-debuginfo-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debug-devel-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debug-modules-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debug-modules-extra-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debuginfo-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-devel-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-headers-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-modules-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-modules-extra-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-tools-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-tools-debuginfo-4.18.0-80.16.1.el8_0.aarch64.rpm kernel-tools-libs-4.18.0-80.16.1.el8_0.aarch64.rpm perf-4.18.0-80.16.1.el8_0.aarch64.rpm perf-debuginfo-4.18.0-80.16.1.el8_0.aarch64.rpm python3-perf-4.18.0-80.16.1.el8_0.aarch64.rpm python3-perf-debuginfo-4.18.0-80.16.1.el8_0.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-80.16.1.el8_0.noarch.rpm kernel-doc-4.18.0-80.16.1.el8_0.noarch.rpm ppc64le: bpftool-4.18.0-80.16.1.el8_0.ppc64le.rpm bpftool-debuginfo-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-core-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-cross-headers-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debug-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debug-core-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debug-debuginfo-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debug-devel-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debug-modules-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debug-modules-extra-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debuginfo-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-devel-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-headers-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-modules-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-modules-extra-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-tools-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-tools-debuginfo-4.18.0-80.16.1.el8_0.ppc64le.rpm kernel-tools-libs-4.18.0-80.16.1.el8_0.ppc64le.rpm perf-4.18.0-80.16.1.el8_0.ppc64le.rpm perf-debuginfo-4.18.0-80.16.1.el8_0.ppc64le.rpm python3-perf-4.18.0-80.16.1.el8_0.ppc64le.rpm python3-perf-debuginfo-4.18.0-80.16.1.el8_0.ppc64le.rpm s390x: bpftool-4.18.0-80.16.1.el8_0.s390x.rpm bpftool-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm kernel-4.18.0-80.16.1.el8_0.s390x.rpm kernel-core-4.18.0-80.16.1.el8_0.s390x.rpm kernel-cross-headers-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debug-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debug-core-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debug-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debug-devel-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debug-modules-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debug-modules-extra-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-80.16.1.el8_0.s390x.rpm kernel-devel-4.18.0-80.16.1.el8_0.s390x.rpm kernel-headers-4.18.0-80.16.1.el8_0.s390x.rpm kernel-modules-4.18.0-80.16.1.el8_0.s390x.rpm kernel-modules-extra-4.18.0-80.16.1.el8_0.s390x.rpm kernel-tools-4.18.0-80.16.1.el8_0.s390x.rpm kernel-tools-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm kernel-zfcpdump-4.18.0-80.16.1.el8_0.s390x.rpm kernel-zfcpdump-core-4.18.0-80.16.1.el8_0.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm kernel-zfcpdump-devel-4.18.0-80.16.1.el8_0.s390x.rpm kernel-zfcpdump-modules-4.18.0-80.16.1.el8_0.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-80.16.1.el8_0.s390x.rpm perf-4.18.0-80.16.1.el8_0.s390x.rpm perf-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm python3-perf-4.18.0-80.16.1.el8_0.s390x.rpm python3-perf-debuginfo-4.18.0-80.16.1.el8_0.s390x.rpm x86_64: bpftool-4.18.0-80.16.1.el8_0.x86_64.rpm bpftool-debuginfo-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-core-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-cross-headers-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debug-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debug-core-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debug-debuginfo-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debug-devel-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debug-modules-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debug-modules-extra-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debuginfo-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-devel-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-headers-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-modules-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-modules-extra-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-tools-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-tools-debuginfo-4.18.0-80.16.1.el8_0.x86_64.rpm kernel-tools-libs-4.18.0-80.16.1.el8_0.x86_64.rpm perf-4.18.0-80.16.1.el8_0.x86_64.rpm perf-debuginfo-4.18.0-80.16.1.el8_0.x86_64.rpm python3-perf-4.18.0-80.16.1.el8_0.x86_64.rpm python3-perf-debuginfo-4.18.0-80.16.1.el8_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14895 https://access.redhat.com/security/cve/CVE-2019-17666 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXnCoj9zjgjWX9erEAQgOtw//dYb/fw1FveMiC716LeEGXAtLDhdQHquG Gqv09OgprLUpvGXQnGEyBS7mFZBNPTwjrMFvh1s7zJZ5RRCs5E3opgq4ECu6Jma1 9YXzSnnW5F1nEwHvJhw4Ul/14kSmQtCBCH/3dY2+V5p2+2uX+G30f7nhF4vgu867 YVlXY/6jb7AXSJdoitUsOBbKLOv+9n/eOfLFqOPNI9UewSI7nnx7lo3yuoas3x4p Bc44EyRwdeaYb2FUkF4Our5It1TPJplT4+bxWzFNWElu600FWDamI1wrzBGI3/+P RPHBgAkCvHXtHye3GDxkGE9DQw380mc3wCTpkt5ovFH8ZOpniNUEu/T3kDi2Z9cA ZDNdmLo/si0FT8gZnxAaovS0WNZmswu6R2pfRiXsjlwsZP3Y1xYP0Sm9N/dfoT70 /MJSv5ulEngzfkHXLUxvrZix/1jh0HCDA26ztScQLSygaGuVuYbUyi/v+/3Nz9Ix RklVhQjWpjMqDufrgPgPmfZGLc97P5oXifu4NUMvCkj/3d8xghaxeJ7J7y+7D8vU 4j0GUGShYcu1h/gnoK7cyUW0iYNMs1i71g2BVB2/LHL/fNmF+M5QuTM17Mp21NY5 lBGeosyceB/lWr4EumsAhuPlafxzDK3JGYBptYxyf7R8jdr5S+LvgfyMjH9i90bz /L95VC2GPP4=Ldby -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 17, 2020 •Important Red Hat 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!