Operating System:

[RedHat]

Published:

24 October 2019

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2019.3868.3
                   kernel-rt security and bug fix update
                              24 October 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel-rt
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 6
                   Red Hat Enterprise Linux Server 7
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-10126 CVE-2019-9506 CVE-2019-3846
                   CVE-2018-20856  

Reference:         ASB-2019.0238
                   ESB-2019.3846
                   ESB-2019.3835
                   ESB-2019.3817

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2019:3089
   https://access.redhat.com/errata/RHSA-2019:3165
   https://access.redhat.com/errata/RHSA-2019:3187

Comment: This bulletin contains three (3) Red Hat security advisories.

Revision History:  October 24 2019: Added RHSA-2019:3187-01
                   October 23 2019: Added RHSA-2019:3165-01
                   October 17 2019: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update
Advisory ID:       RHSA-2019:3089-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3089
Issue date:        2019-10-16
CVE Names:         CVE-2018-20856 CVE-2019-3846 CVE-2019-9506 
                   CVE-2019-10126 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Use-after-free in __blk_drain_queue() function in
block/blk-core.c (CVE-2018-20856)

* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in
marvell/mwifiex/scan.c (CVE-2019-3846)

* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
(CVE-2019-9506)

* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in
drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c
1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c
1748570 - kernel-rt: update to the RHEL7.7.z batch#2 source tree

6. Package List:

Red Hat Enterprise Linux for Real Time for NFV (v. 7):

Source:
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm

Red Hat Enterprise Linux Realtime (v. 7):

Source:
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-20856
https://access.redhat.com/security/cve/CVE-2019-3846
https://access.redhat.com/security/cve/CVE-2019-9506
https://access.redhat.com/security/cve/CVE-2019-10126
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXabNldzjgjWX9erEAQjy9A/9E8bMomtPb4CmI8OJqPL4+QHJ+f5XBrQ4
d0QuOQGlV+8scyXuyn1ImR7tpNdM/6oL6jps/kYsHpmXCpyTvjrnlRK50gXne8jj
ys9Wi3zNNGT+B6OG6F9+Z9ITqTMe0CB3xGP3XGVMpxOHYl752tdySQZ4I4SCxUH4
53OMOkDMVx0aSlUn6Vi2hrvNEkdP5s1LYFtR1ecg6bTCO5iJcnGUUQpea9JlZ5IQ
ZcHG7TGmBBHAcVatrMAxabWuiTqxKmRuouhj2UKew/tymIX7ifgILZZUKV0shM9j
QPsnGT9jcXmeE6dsYJHdLx+F60fioCKxCJEl+j9oYOob1c/0og86YGFfebQ6o51E
Xuum5Zi4AAPnAG1x0ObdOX5IM0BXDKeFCa4WMYs5tPgM2UY4iPH5K6xIZBmuhDrT
lUkmHhYChViC0ZCiFicnifdznvmKugkT+3Yn+0nAhiPqf8o2ACinXVbUtdaj77qu
i3rLXpcAmghwOyb2waxmd3Y/a6wxlZKxnTuoHv1pvcV4ta4Bj+41C1exhwB415vH
SXwF1knzHO2uri3noEETvv0999HNNLi4ub2tg5AjkOAZuh43UMPNnZ743E+IGmDm
ik/giocJ3hJ4DrtApt4SScabNThDauiKZVyzgMTOKIVyyJeZ8HBkfsED59TRAn4d
5Ftkuf6Wd0I=
=OmnK
- -----END PGP SIGNATURE-----

==============================================================================

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel-rt security and bug fix update
Advisory ID:       RHSA-2019:3165-01
Product:           Red Hat Enterprise MRG for RHEL-6
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3165
Issue date:        2019-10-22
CVE Names:         CVE-2019-9506 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
(CVE-2019-9506)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
1751263 - update the MRG 2.5.z 3.10 realtime-kernel sources

6. Package List:

Red Hat MRG Realtime for RHEL 6 Server v.2:

Source:
kernel-rt-3.10.0-693.60.1.rt56.654.el6rt.src.rpm

noarch:
kernel-rt-doc-3.10.0-693.60.1.rt56.654.el6rt.noarch.rpm
kernel-rt-firmware-3.10.0-693.60.1.rt56.654.el6rt.noarch.rpm

x86_64:
kernel-rt-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-debug-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-debug-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-trace-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-trace-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-vanilla-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-vanilla-debuginfo-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm
kernel-rt-vanilla-devel-3.10.0-693.60.1.rt56.654.el6rt.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-9506
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXa7VBtzjgjWX9erEAQjJBA//Xauxn1HVrmCHbbdWMTElCcdI0zatQeBu
t0yFLeMjxqKL0cdBbVWPPpbnM/IL48VMKPNVnYVWdVgvsRJrvVzANYIEKTZZOnHm
Wy95HJL0vZSUjti6QlRkhrzaN8X9RBXdCXJjfNcPxnvbd2kh6rXbhKnn7y5Lgn9j
bDRPZzSy6EUAcTl9BT8pbsT3ZIfy1F7OOJ8mVat0FXIjN3w1y9Fl4i4x2D1IW5H/
jC/eLBjPgHZhp0FW0ZwAQJTKuBIH2zof92/Eh70r+RkIt783i8Wlj4J3CDK6Ie9+
YuhDVVSipttcj6WkP3t8C5gO6SsJydqZJxERhsPpCzMhmdUQ3regbbDt7KF+Qlau
C1lNaIUZttmc7WCg/6sCVOxpqrNyS5RregApNssbztDyMDBGCosxa/+NgUe9hr5O
HBLenCyPj4GPbl4XyKR8QdUJ+x+BK5k4oRPLSijDBBa5maqAhMmFT7pTDxQ6vkfz
/sHaK6+JNPW/PNEaK3GUkrLqg1q7jRU6QCw0bglSzGaD+vQsK9G9ZFVW2qMwm+ZY
dDScxA/PcLDsL1y7lUXjIKfEK99thm/D1xNO+lDksxuU4F5LrnXEEnJDjhIKZtbl
SGIrSzVaJiXZNFmxGMVdksNs1Kk57/too7jG7shGVK+EF1TFlmefayECTKdlWDeE
ZFYaE1SZHDo=
=/aFa
- -----END PGP SIGNATURE-----

==============================================================================

- ----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2019:3187-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3187
Issue date:        2019-10-23
CVE Names:         CVE-2019-9506 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.4
Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update
Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP
Solutions.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64
Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
(CVE-2019-9506)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)

* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas:
Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)

* powerpc/pseries: Fix unitialized timer reset on migration /
powerpc/pseries/mobility: Extend start/stop topology update scope (LPM)
(BZ#1745438)

* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM
(POWER9/P9) (BZ#1745446)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.4):

Source:
kernel-3.10.0-693.60.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm
kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm
perf-3.10.0-693.60.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server E4S (v. 7.4):

Source:
kernel-3.10.0-693.60.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm
kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

ppc64le:
kernel-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm
perf-3.10.0-693.60.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
python-perf-3.10.0-693.60.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm

x86_64:
kernel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm
perf-3.10.0-693.60.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server TUS (v. 7.4):

Source:
kernel-3.10.0-693.60.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm
kernel-doc-3.10.0-693.60.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm
perf-3.10.0-693.60.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 7.4):

x86_64:
kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional E4S (v. 7.4):

ppc64le:
kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional TUS (v. 7.4):

x86_64:
kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-9506
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E
KceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL
A2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e
Lbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl
1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA
rx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak
xg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT
lQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo
3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8
zOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn
RNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy
Vdo262+aA6k=
=FkCN
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXbDi92aOgq3Tt24GAQiGAhAApSkjErw8AtU+7+9BTt+cmyp2HKYOf8kk
+OFSC45RkkLYdVFXcS1ld1LAMSrY2QEaKWRIfSnURlTV6XJtmKseNYCV8gi1+cJI
oQujTKxBOMpAd33ZsCnL/+sjr3VdQjIr0E+0uocDWPngcWGpKBPOh9pGbqGHlJJz
roPTQb5X6LKkR+kRdbNLbFBLLlTELUabNxOiMWvNvIUtmHGy8HNUqsAcy+79dwAJ
dzcxPQX4dd+oBUgqn3AuBR0nWs6048pMpB2aSUFvxKtH51Jct+h7xnCaVHkk92AU
pQkOZsUxrql3+c3vNvE1kUigDCssySsfvS3Bla0OlrhWsNOrm/7GrsVZJTHIxyN7
8rvnHZM9OPKum3sAEYZvGoiGCUJOj2uYdriqRmCNSMg5hdFjxp+o3ljnSosX/lf7
0CgwTOfaF4u6LUB5KQPtuzBMaqFnW4KnYQLSvz1K9G0TSNq89qUvYkLUjcRLWyWY
tyXyPtWUpE2FVjHqAepIjpe6KSe/+sghuJpzlIe1zsfq2WaXwmqTh5YXp5AHmEyd
o7ktSHPhyiqWShNyse8/NU5OmDAwcJGykzLRHasenA2Dy94hez+R5Dx0AydfEJ4w
ebObBf9H/bi63gG5LkdZ1OQL1xc/z6VPw8dypaTQqV3G4WJ1uVEFfiSMx8cMEiZC
6SP6Enw1V9k=
=ece3
-----END PGP SIGNATURE-----