[RHSA-2020:3016] kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
kernel: use-after-free in sound/core/timer.c (CVE-2019-19807)
kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757)
kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (CVE-2020-10766)
kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. (CVE-2020-10767)
kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (CVE-2020-10768)
kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)
kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)
kernel: kvm: Information leak within a KVM guest (CVE-2019-3016)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the RHEL-8.2.z2 source tree (BZ#1829582)
- ID
- RHSA-2020:3016
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2020:3016
- Published
-
2020-07-21T00:00:00
(4 years ago) - Modified
-
2020-07-21T00:00:00
(4 years ago) - Rights
- Copyright 2020 Red Hat, Inc.
- Other Advisories
-
- ALAS-2020-1401
- ALAS-2020-1437
- ALAS2-2020-1465
- ALAS2-2020-1480
- ASB-A-156766097
- ASB-A-169505740
- ASB-A-169505929
- DSA-4698-1
- DSA-4699-1
- ELSA-2020-2664
- ELSA-2020-3010
- ELSA-2020-3220
- ELSA-2020-4060
- ELSA-2020-5526
- ELSA-2020-5528
- ELSA-2020-5533
- ELSA-2020-5714
- ELSA-2020-5755
- ELSA-2020-5756
- ELSA-2020-5801
- ELSA-2020-5804
- ELSA-2020-5805
- ELSA-2020-5844
- ELSA-2020-5845
- ELSA-2020-5885
- ELSA-2021-9030
- ELSA-2022-9969
- FEDORA-2020-07f0be216f
- FEDORA-2020-125ccdc871
- FEDORA-2020-1b2dae6219
- FEDORA-2020-203ffedeb5
- FEDORA-2020-5436586091
- FEDORA-2020-57bf620276
- FEDORA-2020-e47d28bc2b
- MS:CVE-2020-10757
- MS:CVE-2020-10766
- MS:CVE-2020-10767
- MS:CVE-2020-10768
- MS:CVE-2020-12653
- MS:CVE-2020-12654
- MS:CVE-2020-12888
- openSUSE-SU-2020:0801-1
- openSUSE-SU-2020:0935-1
- openSUSE-SU-2020:1153-1
- openSUSE-SU-2021:0242-1
- RHSA-2020:2664
- RHSA-2020:2665
- RHSA-2020:3010
- RHSA-2020:3073
- RHSA-2020:3220
- RHSA-2020:3221
- RHSA-2020:4060
- RHSA-2020:4062
- SUSE-SU-2020:1452-1
- SUSE-SU-2020:1475-1
- SUSE-SU-2020:1486-1
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1596-1
- SUSE-SU-2020:1597-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1646-1
- SUSE-SU-2020:1656-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:1671-1
- SUSE-SU-2020:1693-1
- SUSE-SU-2020:1699-1
- SUSE-SU-2020:1713-1
- SUSE-SU-2020:1754-1
- SUSE-SU-2020:1758-1
- SUSE-SU-2020:1764-1
- SUSE-SU-2020:1767-1
- SUSE-SU-2020:1775-1
- SUSE-SU-2020:1779-1
- SUSE-SU-2020:1781-1
- SUSE-SU-2020:1784-1
- SUSE-SU-2020:2027-1
- SUSE-SU-2020:2103-1
- SUSE-SU-2020:2105-1
- SUSE-SU-2020:2106-1
- SUSE-SU-2020:2107-1
- SUSE-SU-2020:2119-1
- SUSE-SU-2020:2121-1
- SUSE-SU-2020:2122-1
- SUSE-SU-2020:2134-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- SUSE-SU-2020:2508-1
- USN-4225-1
- USN-4227-1
- USN-4227-2
- USN-4300-1
- USN-4301-1
- USN-4392-1
- USN-4393-1
- USN-4426-1
- USN-4427-1
- USN-4439-1
- USN-4440-1
- USN-4483-1
- USN-4485-1
- USN-4525-1
- USN-4526-1
- USN-5361-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-modules | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-modules-extra | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-kvm | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-devel | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-debug | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-debug-modules | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-debug-modules-extra | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-debug-kvm | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-debug-devel | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-debug-core | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-8.2 | redhat | kernel-rt-core | < 4.18.0-193.13.2.rt13.65.el8_2 | redhat-8.2 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |