Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.0415 kernel security and bug fix update 5 February 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 6 Red Hat Enterprise Linux Server 8 Impact/Access: Root Compromise -- Remote/Unauthenticated Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Existing Account Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-19338 CVE-2019-17666 CVE-2019-17133 CVE-2019-14901 CVE-2019-14898 CVE-2019-14895 CVE-2019-14816 CVE-2019-14815 CVE-2019-14814 CVE-2019-11599 CVE-2019-11135 Reference: ESB-2020.0411 ESB-2020.0262 ESB-2020.0228 ESB-2020.0226 ESB-2020.0151 ESB-2020.0006 ESB-2019.4772 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0374 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2020:0339-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0339 Issue date: 2020-02-04 CVE Names: CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14898 CVE-2019-14901 CVE-2019-17666 CVE-2019-19338 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814) * kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815) * kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 (CVE-2019-14898) * Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) (CVE-2019-19338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [Azure][8.1] Include patch "PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it" (BZ#1764635) * block layer: update to v5.3 (BZ#1777766) * backport xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (BZ#1778692) * Backport important bugfixes from upstream post 5.3 (BZ#1778693) * LUN path recovery issue with Emulex LPe32002 HBA in RHEL 8.0 Server during storage side cable pull testing (BZ#1781108) * cifs tasks enter D state and error out with "CIFS VFS: SMB signature verification returned error = -5" (BZ#1781110) * Update CIFS to linux 5.3 (except RDMA and conflicts) (BZ#1781113) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781114) * blk-mq: overwirte performance drops on real MQ device (BZ#1782181) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1744130 - CVE-2019-14814 kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS 1744137 - CVE-2019-14815 kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS 1744149 - CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver 1763690 - CVE-2019-17666 kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/ rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow 1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c 1774671 - CVE-2019-14898 kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_ country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c 1781514 - CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: kernel-4.18.0-147.5.1.el8_1.src.rpm aarch64: bpftool-4.18.0-147.5.1.el8_1.aarch64.rpm bpftool-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-core-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-cross-headers-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-core-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-devel-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-modules-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-modules-extra-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-devel-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-headers-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-modules-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-modules-extra-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-tools-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-tools-libs-4.18.0-147.5.1.el8_1.aarch64.rpm perf-4.18.0-147.5.1.el8_1.aarch64.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm python3-perf-4.18.0-147.5.1.el8_1.aarch64.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-147.5.1.el8_1.noarch.rpm kernel-doc-4.18.0-147.5.1.el8_1.noarch.rpm ppc64le: bpftool-4.18.0-147.5.1.el8_1.ppc64le.rpm bpftool-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-core-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-cross-headers-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-core-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-devel-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-modules-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-modules-extra-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-devel-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-headers-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-modules-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-modules-extra-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-tools-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-tools-libs-4.18.0-147.5.1.el8_1.ppc64le.rpm perf-4.18.0-147.5.1.el8_1.ppc64le.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm python3-perf-4.18.0-147.5.1.el8_1.ppc64le.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm s390x: bpftool-4.18.0-147.5.1.el8_1.s390x.rpm bpftool-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm kernel-4.18.0-147.5.1.el8_1.s390x.rpm kernel-core-4.18.0-147.5.1.el8_1.s390x.rpm kernel-cross-headers-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debug-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debug-core-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debug-devel-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debug-modules-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debug-modules-extra-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-147.5.1.el8_1.s390x.rpm kernel-devel-4.18.0-147.5.1.el8_1.s390x.rpm kernel-headers-4.18.0-147.5.1.el8_1.s390x.rpm kernel-modules-4.18.0-147.5.1.el8_1.s390x.rpm kernel-modules-extra-4.18.0-147.5.1.el8_1.s390x.rpm kernel-tools-4.18.0-147.5.1.el8_1.s390x.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm kernel-zfcpdump-4.18.0-147.5.1.el8_1.s390x.rpm kernel-zfcpdump-core-4.18.0-147.5.1.el8_1.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm kernel-zfcpdump-devel-4.18.0-147.5.1.el8_1.s390x.rpm kernel-zfcpdump-modules-4.18.0-147.5.1.el8_1.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-147.5.1.el8_1.s390x.rpm perf-4.18.0-147.5.1.el8_1.s390x.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm python3-perf-4.18.0-147.5.1.el8_1.s390x.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.s390x.rpm x86_64: bpftool-4.18.0-147.5.1.el8_1.x86_64.rpm bpftool-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-core-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-cross-headers-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-core-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-devel-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-modules-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-modules-extra-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-devel-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-headers-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-modules-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-modules-extra-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-tools-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-tools-libs-4.18.0-147.5.1.el8_1.x86_64.rpm perf-4.18.0-147.5.1.el8_1.x86_64.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm python3-perf-4.18.0-147.5.1.el8_1.x86_64.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: bpftool-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm kernel-tools-libs-devel-4.18.0-147.5.1.el8_1.aarch64.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm kernel-tools-libs-devel-4.18.0-147.5.1.el8_1.ppc64le.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debug-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-tools-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm kernel-tools-libs-devel-4.18.0-147.5.1.el8_1.x86_64.rpm perf-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm python3-perf-debuginfo-4.18.0-147.5.1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14814 https://access.redhat.com/security/cve/CVE-2019-14815 https://access.redhat.com/security/cve/CVE-2019-14816 https://access.redhat.com/security/cve/CVE-2019-14895 https://access.redhat.com/security/cve/CVE-2019-14898 https://access.redhat.com/security/cve/CVE-2019-14901 https://access.redhat.com/security/cve/CVE-2019-17666 https://access.redhat.com/security/cve/CVE-2019-19338 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXjlt69zjgjWX9erEAQhLTQ//bDkbDOu6B9cM8xsJSwaDMRMVLm3uEfIx ft4cwVlwcGeIVWSQ2Mnka8wkkCh3fHJj/TEIcbNAZe/r2xyW6X24sPfXdeDdO84P TnMZMh4AL+zDg36Sl60sstRVUKNCp3ncpECcQENXDBtLUrKVVJvh+taoIk3rHKIy WohpkR6of6tcdiEC7t4Mbcs3Rsbn+vTnQHBaNAuzGFAe5RTlIvDKSrnpJm7KEAPV L5pTctYYdowGqHvIpLvB+Isi3/NeeTuK/PgId6fkV4Vq98oOqTQajb3y9DLwNKEL xcB/MkQRfER1VjdjUp0K826dCzmGIZ0EQaGcYTxUslbUW45++QVTeaJLT/7buEb3 weFKnVqbGtZxnDRt8S/KHRITswfEZBH9tMEnOFEiiJqKf8NnJGmhsZdQHO4QHtJ/ QNyGXndRDgBYLORK3qiUoN/8Sw6Tjzgc4j7leG7LLnZX+Zr8kgsF9y8NNC2jDPIl b/KdieOCEm3fgRnJx/fb4TPu5Cml0kRA/g+n8hFPLt0dpUZu7OX17u8W7vVzjTTx b9tnbdC9T2yaxqqS3M3Z+Bo1Fztxs62FlHAaB7d5k8aT83i8fQ4cJSIOUs0fICdM UbIi4ZTJCqiL/PpE4OCK5p+44T+rTVggd7YVCO8lHO9/xzeRdzK2EtR1BBdLGU7K MCytLS/ktZ0= =QVDw - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - ----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2020:0374-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0374 Issue date: 2020-02-04 CVE Names: CVE-2019-14816 CVE-2019-14895 CVE-2019-14898 CVE-2019-14901 CVE-2019-17133 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133) * kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 (CVE-2019-14898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [Azure][7.8] Include patch "PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it" (BZ#1766089) * [Hyper-V][RHEL7.8] When accelerated networking is enabled on RedHat, network interface(eth0) moved to new network namespace does not obtain IP address. (BZ#1766093) * [Azure][RHEL 7.6] hv_vmbus probe pass-through GPU card failed (BZ#1766097) * SMB3: Do not error out on large file transfers if server responds with STATUS_INSUFFICIENT_RESOURCES (BZ#1767621) * Since RHEL commit 5330f5d09820 high load can cause dm-multipath path failures (BZ#1770113) * Hard lockup in free_one_page()->_raw_spin_lock() because sosreport command is reading from /proc/pagetypeinfo (BZ#1770732) * patchset for x86/atomic: Fix smp_mb__{before,after}_atomic() (BZ#1772812) * fix compat statfs64() returning EOVERFLOW for when _FILE_OFFSET_BITS=64 (BZ#1775678) * Guest crash after load cpuidle-haltpoll driver (BZ#1776289) * RHEL 7.7 long I/O stalls with bnx2fc from not masking off scope bits of retry delay value (BZ#1776290) * Multiple "mv" processes hung on a gfs2 filesystem (BZ#1777297) * Moving Egress IP will result in conntrack sessions being DESTROYED (BZ#1779564) * core: backports from upstream (BZ#1780033) * kernel BUG at arch/powerpc/platforms/pseries/lpar.c:482! (BZ#1780148) * Race between tty_open() and flush_to_ldisc() using the tty_struct->driver_data field. (BZ#1780163) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1744149 - CVE-2019-14816 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver 1771909 - CVE-2019-17133 kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c 1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c 1774671 - CVE-2019-14898 kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_ country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1062.12.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.12.1.el7.noarch.rpm kernel-doc-3.10.0-1062.12.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.12.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.12.1.el7.x86_64.rpm perf-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1062.12.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.12.1.el7.noarch.rpm kernel-doc-3.10.0-1062.12.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.12.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.12.1.el7.x86_64.rpm perf-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1062.12.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.12.1.el7.noarch.rpm kernel-doc-3.10.0-1062.12.1.el7.noarch.rpm ppc64: bpftool-3.10.0-1062.12.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-3.10.0-1062.12.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debug-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.12.1.el7.ppc64.rpm kernel-devel-3.10.0-1062.12.1.el7.ppc64.rpm kernel-headers-3.10.0-1062.12.1.el7.ppc64.rpm kernel-tools-3.10.0-1062.12.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.12.1.el7.ppc64.rpm perf-3.10.0-1062.12.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm python-perf-3.10.0-1062.12.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1062.12.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debug-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-devel-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-headers-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-tools-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.12.1.el7.ppc64le.rpm perf-3.10.0-1062.12.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm python-perf-3.10.0-1062.12.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm s390x: bpftool-3.10.0-1062.12.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm kernel-3.10.0-1062.12.1.el7.s390x.rpm kernel-debug-3.10.0-1062.12.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.12.1.el7.s390x.rpm kernel-devel-3.10.0-1062.12.1.el7.s390x.rpm kernel-headers-3.10.0-1062.12.1.el7.s390x.rpm kernel-kdump-3.10.0-1062.12.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.12.1.el7.s390x.rpm perf-3.10.0-1062.12.1.el7.s390x.rpm perf-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm python-perf-3.10.0-1062.12.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.s390x.rpm x86_64: bpftool-3.10.0-1062.12.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.12.1.el7.x86_64.rpm perf-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.12.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.12.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.12.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1062.12.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.12.1.el7.noarch.rpm kernel-doc-3.10.0-1062.12.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.12.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.12.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.12.1.el7.x86_64.rpm perf-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.12.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.12.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14816 https://access.redhat.com/security/cve/CVE-2019-14895 https://access.redhat.com/security/cve/CVE-2019-14898 https://access.redhat.com/security/cve/CVE-2019-14901 https://access.redhat.com/security/cve/CVE-2019-17133 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXjnG/NzjgjWX9erEAQiZpA/+PrziwQc9nitsDyWqtq556llAnWG2YjEK kzbq/d3Vp+7i0aaOHXNG9b6XDgR8kPSLnb/2tCUBQKmLeWEptgY6s24mXXkiAHry plZ40Xlmca9cjPQCSET7IkQyHlYcUsc9orUT3g1PsZ0uOxPQZ1ivB1utn6nyhbSg 9Az/e/9ai7R++mv4zJ7UDrDzuGPv5SOtyIcfuUyYdbuZO9OrmFsbWCRwG+cVvXJ6 q6uXlIpcWx4H7key9SiboU/VSXXPQ0E5vv1A72biDgCXhm2kYWEJXSwlLH2jJJo7 DfujB4+NSnDVp7Qu0aF/YsEiR9JQfGOOrfuNsmOSdK3Bx3p8LkS4Fd9y3H/fCwjI EOoXerSgeGjB5E/DtH24HKu1FB5ZniDJP69itCIONokq6BltVZsQRvZxpXQdmvpz hTJIkYqnuvrkv2liCc8Dr7P7EK0SBPhwhmcBMcAcPHE8BbOtEkcGzF2f2/p/CQci N0c4UhB2p+eSLq+W4qG4W/ZyyUh2oYdvPjPCrziT1qHOR4ilw9fH9b+jCxmAM7Lh wqj3yMR9YhUrEBRUUokA/wjggmI88u6I8uQatbf6Keqj1v1CykMKF3AEC5qfxwGz hk0YzSh0YK6DfybzNxcZK/skcp0Ga0vD+El/nXFI0WGXB8LsQiOUBgfp1JyAlXT6 IwzrfQ6EsXE= =mofI - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXjpTomaOgq3Tt24GAQiKxRAAx6/OCvJno3kRDI3SftzkLTaEmq9S5BFb GzO3ClCwlkAEAqxeJPdiiG/TKWjMQ8Bw1JRNNWnUcdhP2MeO8HaDbj9Df+peu9cm nWKoTLKZZfJIMAlgQe63l6IbwYHnNhHm3ll4YO77mmdFhW7NSxArtH+Sd1Z3k0jV RqEiY0Ge3Ir+h/m0dx1e8EzRiRCr72m20lRL83Ev7Vh9P4x5Cr1AdemuLe05+SfW r2e15zfqHpMUNA3eYG10tMfdaqcxEuKdVjOw/5UcG5NldqB2Qa8Fv4MfOYjdhfyv wia6tEadbctbENCUoxWLcSYE+mH9huxoPNVjNDqy3Jw9Y+WnDKkoFsfqfI5wm75S QfVGBe+Sr48HZ0di2PRN6xdHT0mODeIUXf2uQujU/Sbl2iGNXoMZErRmPA+Y3jL6 3eYIDY18MVAQDZYhQA0PwoKGD9Ho7HU6xh7ISLBtShMOFafQNtYr9BP/e064v3OM hfV52eFGZ1wdqTLsHne5DTRBQXP2huItTjTsBBui8fHE1s3swo6h8eSdAPdMYtlZ SVb7HoqoQWEbliA/ibjQPYua/6S81eWeaJmnDKBS1G407qZYd2RUFOoUy0sxGD58 APfOL/eGYbHS9fRWZsYYnXszhXwseK3jd5Gt40GOpU3wsqzx3H6naEnFRv/z8mXb 51qRatEZVjk= =5tzK -----END PGP SIGNATURE-----