-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.2865
        Important: kernel security, bug fix, and enhancement update
                               31 July 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
                   kernel-rt
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
Impact/Access:     Root Compromise                 -- Existing Account      
                   Execute Arbitrary Code/Commands -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-11811 CVE-2019-11810 CVE-2019-11085
                   CVE-2018-20784  

Reference:         ESB-2019.2826
                   ESB-2019.2753
                   ESB-2019.2132.3
                   ESB-2019.2001.4

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2019:1959
   https://access.redhat.com/errata/RHSA-2019:1971

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2019:1959-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:1959
Issue date:        2019-07-30
CVE Names:         CVE-2018-20784 CVE-2019-11085 CVE-2019-11810 
                   CVE-2019-11811 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: insufficient input validation in kernel mode driver in Intel i915
graphics leads to privilege escalation (CVE-2019-11085)

* kernel: DMA attack using peripheral devices  (Thunderclap) (BZ#1690716)

* kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c
leading to denial of service (CVE-2018-20784)

* kernel: a NULL pointer dereference in
drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)

* kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c,
ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* [DELL 8.0 z-stream BUG] - "CPU unsupported" message with CFL-H/S 8+2  due
to updated Stepping (BZ#1711048)

* RHEL8.0 Snapshot4 - [LTC Test] Guest crashes during vfio device
hot-plug/un-plug operations. (kvm) (BZ#1714746)

* Using Transactional Memory (TM) in a Guest Locks-up Host Core on a Power9
System (BZ#1714751)

* VRSAVE register not properly saved and restored (BZ#1714753)

* Fix potential spectre gadget in arch/s390/kvm/interrupt.c (BZ#1714754)

* RHEL8.0 RC2 - kernel/KVM -  count cache flush Spectre v2 mitigation
(required for POWER9 DD2.3) (BZ#1715018)

* iommu/amd: Set exclusion range correctly (BZ#1715336)

* RHEL8.0 - sched/fair: Do not re-read ->h_load_next during hierarchical
load calculation (BZ#1715337)

* cross compile builds are broken (BZ#1715339)

* Patch generated by 'make rh-test-patch' doesn't get applied during build
(BZ#1715340)

* hard lockup panic in during execution of CFS bandwidth period timer
(BZ#1715345)

* perf annotate -P does not give full paths (BZ#1716887)

* [Dell EMC 8.0 BUG] File system corrupting with I/O Stress on H330 PERC on
AMD Systems if IOMMU passthrough is disabled (BZ#1717344)

* Fix Spectre v1 gadgets in drivers/gpu/drm/drm_bufs.c and
drivers/gpu/drm/drm_ioctl.c (BZ#1717382)

* BUG: SELinux doesn't handle NFS crossmnt well (BZ#1717777)

* krb5{,i,p} doesn't work with older enctypes on aarch64 (BZ#1717800)

* [RHEL-8.0][s390x]ltp-lite mtest06 testing hits EWD due to: rcu: INFO:
rcu_sched self-detected stall on CPU (BZ#1717801)

* RHEL 8 Snapshot-6: CN1200E SW iSCSI I/O performance degradation after a
SCSI device/target reset rhel-8.0.0.z] (BZ#1717804)

* dm cache metadata: Fix loading discard bitset (BZ#1717868)

* jit'd java code on power9 ppc64le experiences stack corruption
(BZ#1717869)

* BUG: connect(AF_UNSPEC, ...) on a connected socket returns an error
(BZ#1717870)

* mm: BUG: unable to handle kernel paging request at 0000000057ac6e9d
(BZ#1718237)

* [HPE 8.0 BUG] DCPMM fsdax boot initialization takes a long time causing
auto-mount to fail (BZ#1719635)

* AMD Rome: WARNING: CPU: 1 PID: 0 at arch/x86/kernel/cpu/mcheck/mce.c:1510
mcheck_cpu_init+0x7a/0x460 (BZ#1721233)

* [RHEL8.1] AMD Rome: EDAC amd64: Error: F0 not found, device 0x1460
(broken BIOS?) (BZ#1722365)

* AMD Rome: Intermittent NMI received for unknown reason (BZ#1722367)

* [DELL 8.0 BUG] - "CPU unsupported" message with WHL-U  due to updated
Stepping (BZ#1722372)

Enhancement(s):

* RHEL 8  - AMD Rome Support (BZ#1721972)

Users of kernel are advised to upgrade to these updated packages, which fix
these bugs and add this enhancement.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1680540 - CVE-2018-20784 kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service
1690716 - kernel: DMA attack using peripheral devices  (Thunderclap)
1709164 - CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c
1710405 - CVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
kernel-4.18.0-80.7.1.el8_0.src.rpm

aarch64:
bpftool-4.18.0-80.7.1.el8_0.aarch64.rpm
bpftool-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-core-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-cross-headers-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-core-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-devel-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-modules-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-modules-extra-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-devel-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-headers-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-modules-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-modules-extra-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-tools-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-tools-libs-4.18.0-80.7.1.el8_0.aarch64.rpm
perf-4.18.0-80.7.1.el8_0.aarch64.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
python3-perf-4.18.0-80.7.1.el8_0.aarch64.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm

noarch:
kernel-abi-whitelists-4.18.0-80.7.1.el8_0.noarch.rpm
kernel-doc-4.18.0-80.7.1.el8_0.noarch.rpm

ppc64le:
bpftool-4.18.0-80.7.1.el8_0.ppc64le.rpm
bpftool-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-core-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-cross-headers-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-core-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-devel-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-modules-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-devel-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-headers-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-modules-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-modules-extra-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-tools-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-tools-libs-4.18.0-80.7.1.el8_0.ppc64le.rpm
perf-4.18.0-80.7.1.el8_0.ppc64le.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
python3-perf-4.18.0-80.7.1.el8_0.ppc64le.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm

s390x:
bpftool-4.18.0-80.7.1.el8_0.s390x.rpm
bpftool-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-core-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-cross-headers-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debug-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debug-core-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debug-devel-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debug-modules-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debug-modules-extra-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-devel-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-headers-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-modules-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-modules-extra-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-tools-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-zfcpdump-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-zfcpdump-core-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-zfcpdump-devel-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-zfcpdump-modules-4.18.0-80.7.1.el8_0.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-80.7.1.el8_0.s390x.rpm
perf-4.18.0-80.7.1.el8_0.s390x.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm
python3-perf-4.18.0-80.7.1.el8_0.s390x.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.s390x.rpm

x86_64:
bpftool-4.18.0-80.7.1.el8_0.x86_64.rpm
bpftool-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-core-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-cross-headers-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-core-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-devel-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-modules-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-modules-extra-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-devel-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-headers-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-modules-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-modules-extra-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-tools-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-tools-libs-4.18.0-80.7.1.el8_0.x86_64.rpm
perf-4.18.0-80.7.1.el8_0.x86_64.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
python3-perf-4.18.0-80.7.1.el8_0.x86_64.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
bpftool-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
kernel-tools-libs-devel-4.18.0-80.7.1.el8_0.aarch64.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-80.7.1.el8_0.ppc64le.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debug-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-tools-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
kernel-tools-libs-devel-4.18.0-80.7.1.el8_0.x86_64.rpm
perf-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm
python3-perf-debuginfo-4.18.0-80.7.1.el8_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-20784
https://access.redhat.com/security/cve/CVE-2019-11085
https://access.redhat.com/security/cve/CVE-2019-11810
https://access.redhat.com/security/cve/CVE-2019-11811
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXUARKtzjgjWX9erEAQi+vw/+LwregshtSjsdYjlS9GyK6Zie9S5reUmw
wHSGMy88Qed7CGtMcYAiUc0bUo3cM6loriXPXn0PKwjLMohwjUR/rj/6RnolFycN
Tre69Nqjng+noHwHUQsDC7/ebe6xSw/iYIPruLybwFhs7UtH1CaoWNWuFALTcdcS
/uDwrgAns2HBgq9J+CXB4y2K7EszwL3/sz5nzXSrps0BgHwVIqYMvKooukSAJd+0
jRvXLOVI3TT6PtbVEW8tcX4tqNcsRDgioPqA/FA4Iqp//8BpJBDZ6Y5wfA2y2sOQ
pSCl6tQnMfIRbvQHA1Y/Y8G563wc6AmstE0EA0QZJfaZg7TF5daN5oanxDTe/AQ6
oGqUOXoordRkD+HnBxLA0BPZjYeeGBJMO2KQqYewaTHCg2fj7tHBtxtm2NfqKiAY
Scj7Z6LL0dqc0GoTSEil21MOFAZVM8rltXqbUsoh+QF7K3yfUZXBt4WoZV02iP67
JJcgem4H6PUdhb7S5hd7ZHgBESq60CzeYpbAW62H7Z0oRZ4EjYOEfJ+DATH+gyhs
HnfZTERhEF6aEOJyBnQkWJsV7FiKwGbSq86X1X2BocGn8kEjiyfss1ulWpEkZoOg
BAzqjv5R8AWDDBkgFdv6F6QK71nVUgxh72qo8LB1iS9zKxElDys2AnxVzvf3Yf09
GlHa5YkRMrw=
=pnT7
- -----END PGP SIGNATURE-----


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update
Advisory ID:       RHSA-2019:1971-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:1971
Issue date:        2019-07-30
CVE Names:         CVE-2018-20784 CVE-2019-11085 CVE-2019-11810 
                   CVE-2019-11811 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Real Time (v. 8) - x86_64
Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: insufficient input validation in kernel mode driver in Intel i915
graphics leads to privilege escalation (CVE-2019-11085)

* kernel: DMA attack using peripheral devices  (Thunderclap) (BZ#1690716)

* kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c
leading to denial of service (CVE-2018-20784)

* kernel: a NULL pointer dereference in
drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)

* kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c,
ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update to the RHEL8.0.z batch#2 source tree (BZ#1717516)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1680540 - CVE-2018-20784 kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service
1690716 - kernel: DMA attack using peripheral devices  (Thunderclap)
1709164 - CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
1709180 - CVE-2019-11811 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c
1710405 - CVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation
1717516 - kernel-rt: update to the RHEL8.0.z batch#2 source tree

6. Package List:

Red Hat Enterprise Linux Real Time for NFV (v. 8):

Source:
kernel-rt-4.18.0-80.7.1.rt9.153.el8_0.src.rpm

x86_64:
kernel-rt-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-core-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-core-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-devel-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-modules-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-devel-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-kvm-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-kvm-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-modules-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-modules-extra-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm

Red Hat Enterprise Linux Real Time (v. 8):

Source:
kernel-rt-4.18.0-80.7.1.rt9.153.el8_0.src.rpm

x86_64:
kernel-rt-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-core-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-core-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-devel-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-modules-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-devel-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-kvm-debuginfo-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-modules-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm
kernel-rt-modules-extra-4.18.0-80.7.1.rt9.153.el8_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-20784
https://access.redhat.com/security/cve/CVE-2019-11085
https://access.redhat.com/security/cve/CVE-2019-11810
https://access.redhat.com/security/cve/CVE-2019-11811
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXUAj6tzjgjWX9erEAQihBQ//dU69oVW1FEgdtFAljb6ff0MNFF37b8kn
fPUBQUhk+1GaZbP5YH7KBXRVERwsI7n1yvw9K/vxb/vs3OX1f45j4nSKPnspSBgg
FYBkNjn1i2KHzVZPDW3/ceiOqDRDPNnNgAgeEvYkIAArhdIL7X/6s2rvzirZBYhF
EtgZ8nj8HPLUm6eqsUyKdgQF/ugPCdpOqj3ZJuyWs0wEQeR6IpvY3VDCAl/WXS/H
4XOo636rQAl8QteCIqSqL6h8WP4ROrLToqK3QTfWzYmeYmlTtZIj0ngdo0RTLdCK
YyV69LyswzP3F8kXCUSBTnSA4i9V47WbCIVrqMagA2rxsG9I8fZr66ueSqLr2dPO
+zzu/FirPG86ATI1R6HizbHQ444ZZmvN+uTnFvA0QSLaxBLNC1hdNlvtUWBBkOl3
qm4caDG3I8+TWCGqh90FOxrR5ixQYxesgCnekkcvwAk5ndQ+nyz+jWY4XWjR4eeV
ik4TjzVVxsmIFJEomwcdIDoLs1mpg2PBDlz+88+tr4IptNQ1hDOzDDVo6CMYva0F
oIAHUtr7Ra1+S4t6zGVJGs1LBFYSG3BUP5Uhk7OHfV9FXGJ5024X2VYQ1svFweoa
vosI4GCMrHYJ5JQ+k/aYvyNVmt+lxAUpHE+bslXxNbv883D9dg0o6eyTI6lTvRP5
OuBh605sv50=
=DssB
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXUEm6GaOgq3Tt24GAQiFmA/8C2yDgGfzJ7jQJZIpAukDNsShPhg7BZgw
szUzmzEmYQoU7UX37P9lHmo+G2WiOhs77CI4GiaRloWvWdVhq0Npzwhr3yXSbkjE
lg9hpF9kZnzpJqElN49cUwABd5GFA86jthF5Vc5KQrnZYXhcD0xhxV+mZSIWIrip
wXqz1h4bADYJShBdtNh8VtQyzP7oz6g1FRqiOxFHCx1izLHhKEkEYzebjyR5lMHQ
JO0KPXK2CAcrl09HQptok+6YwOVXjNseOOJ1xTINylcI+A818RsNZfd01eVc5wOy
R6K0XUr9/Ndc3r3hpx8nz3/Km4jSjR9SrNF7uIa/qCdigiB3G3CNBkF8nbAknXKd
gPWHvMc+AknBujuY7M+LAC0fEuXLwyUgd4Do7q9HTF5wD1utByoHeoco84POH5TA
5gr67DW8H60eSEv7ScAtRqu8vo0O9EWfrf5p+pagJ2Azm2Qr1+zgaAN/WvCcr6Ks
Z/L1l2GgSKCn/s4KNkr9PGIMTgp2i4kigwk8owtMfizEeDVy0idOkjEAKo02mHtS
MrAbJkWSsN0VBc8bIRz7hgkmy2X7mpVXIgbbogk3iqI+gR6gXcbDPsO5AFqcruuT
2L1u87coAxGyR+NcAlmgnAd1eGau8oVZGK9EhV+xngImJ5s4qAnX+ijbXu6aSlfk
1sgAIQelBGU=
=F05Y
-----END PGP SIGNATURE-----