Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.1355 kernel-alt security and bug fix update 17 April 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel-alt Publisher: Red Hat Operating System: Red Hat Impact/Access: Root Compromise -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-20095 CVE-2019-20054 CVE-2019-19922 CVE-2019-15666 CVE-2019-15099 CVE-2019-15031 CVE-2019-14901 CVE-2019-14895 CVE-2019-5108 Reference: ESB-2020.1349 ESB-2020.1250 ESB-2020.0960 ESB-2020.0772 ESB-2020.0262 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:1493 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-alt security and bug fix update Advisory ID: RHSA-2020:1493-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1493 Issue date: 2020-04-16 CVE Names: CVE-2019-5108 CVE-2019-14895 CVE-2019-14901 CVE-2019-15031 CVE-2019-15099 CVE-2019-15666 CVE-2019-19922 CVE-2019-20054 CVE-2019-20095 ===================================================================== 1. Summary: An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le 3. Description: The kernel-alt packages provide the Linux kernel version 4.x. Security Fix(es): * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS (CVE-2019-5108) * kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031) * kernel: out-of-bounds array access in __xfrm_policy_unlink (CVE-2019-15666) * kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099) * kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922) * kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054) * kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c (CVE-2019-20095) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * rhel-alt-76z bsd process accounting(acct(2)) does not work (BZ#1763618) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1743560 - CVE-2019-15099 kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash 1747334 - CVE-2019-15666 kernel: out-of-bounds array access in __xfrm_policy_unlink 1760063 - CVE-2019-15031 kernel: powerpc: local user can read vector registers of other users' processes via an interrupt 1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c 1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c 1789927 - CVE-2019-5108 kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS 1790063 - CVE-2019-20054 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c 1791954 - CVE-2019-20095 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c 1792512 - CVE-2019-19922 kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications 6. Package List: Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: kernel-alt-4.14.0-115.19.1.el7a.src.rpm aarch64: kernel-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debug-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debug-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debug-devel-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.14.0-115.19.1.el7a.aarch64.rpm kernel-devel-4.14.0-115.19.1.el7a.aarch64.rpm kernel-headers-4.14.0-115.19.1.el7a.aarch64.rpm kernel-tools-4.14.0-115.19.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm kernel-tools-libs-4.14.0-115.19.1.el7a.aarch64.rpm perf-4.14.0-115.19.1.el7a.aarch64.rpm perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm python-perf-4.14.0-115.19.1.el7a.aarch64.rpm python-perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm noarch: kernel-abi-whitelists-4.14.0-115.19.1.el7a.noarch.rpm kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm ppc64le: kernel-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-bootwrapper-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debug-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debug-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-devel-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-headers-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-tools-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-tools-libs-4.14.0-115.19.1.el7a.ppc64le.rpm perf-4.14.0-115.19.1.el7a.ppc64le.rpm perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm python-perf-4.14.0-115.19.1.el7a.ppc64le.rpm python-perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm s390x: kernel-4.14.0-115.19.1.el7a.s390x.rpm kernel-debug-4.14.0-115.19.1.el7a.s390x.rpm kernel-debug-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm kernel-debug-devel-4.14.0-115.19.1.el7a.s390x.rpm kernel-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm kernel-debuginfo-common-s390x-4.14.0-115.19.1.el7a.s390x.rpm kernel-devel-4.14.0-115.19.1.el7a.s390x.rpm kernel-headers-4.14.0-115.19.1.el7a.s390x.rpm kernel-kdump-4.14.0-115.19.1.el7a.s390x.rpm kernel-kdump-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm kernel-kdump-devel-4.14.0-115.19.1.el7a.s390x.rpm perf-4.14.0-115.19.1.el7a.s390x.rpm perf-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm python-perf-4.14.0-115.19.1.el7a.s390x.rpm python-perf-debuginfo-4.14.0-115.19.1.el7a.s390x.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: kernel-debug-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm kernel-debuginfo-common-aarch64-4.14.0-115.19.1.el7a.aarch64.rpm kernel-tools-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm kernel-tools-libs-devel-4.14.0-115.19.1.el7a.aarch64.rpm perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm python-perf-debuginfo-4.14.0-115.19.1.el7a.aarch64.rpm noarch: kernel-doc-4.14.0-115.19.1.el7a.noarch.rpm ppc64le: kernel-debug-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debug-devel-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-tools-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm kernel-tools-libs-devel-4.14.0-115.19.1.el7a.ppc64le.rpm perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm python-perf-debuginfo-4.14.0-115.19.1.el7a.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-5108 https://access.redhat.com/security/cve/CVE-2019-14895 https://access.redhat.com/security/cve/CVE-2019-14901 https://access.redhat.com/security/cve/CVE-2019-15031 https://access.redhat.com/security/cve/CVE-2019-15099 https://access.redhat.com/security/cve/CVE-2019-15666 https://access.redhat.com/security/cve/CVE-2019-19922 https://access.redhat.com/security/cve/CVE-2019-20054 https://access.redhat.com/security/cve/CVE-2019-20095 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXphuB9zjgjWX9erEAQhP5g//QNfpCO+hN7wYgDdbUMH8A/HKoCdG3o4L O/Wo/FMCGrR5oufj7d2n6o0RaEoHgaHnlj04PThGIhzOWWFPE7mliFihYYPtPaKZ fskYzYLRK1VQPQgAuVLGeImpmqhf8g4Qbyva1iXO19xd2xZKvhcvSC6X8/6CzM+k cv6E4t/1AeZXYpz4NfWzmjLpSNsWPXZqCEN3I8xsdwTl1VnyglBkXhqQxJYYHchr GSLRQ/OA9eppMihA38TVumiLeOLYCbHxkLs816Wz2TTcYBhWAdSDA9fkLoRZbqHM MIqJ38EdCz98t3b99Ej2ZHPF3ad3NDbzHWrT3ND/NZbxxA2pfW6ttbmOOXOjSOGN C6hiqVbARK0XKe3oS6DxMASm42PKRCl5RFxJy1vsNqL03cUrxb54x0CLfDxIbe1G FdJ9Ys7qWUtxiywoEEbteckCicsQdlrDESlwHJpYs3iWe2erMTkyaO546Jz9QD7u dZdLFGnvoJnnrS0OIfh7by76qTDEsRgT7RAuhNRJzIecZS0zQSscBEXJ3T8f6dK9 xbtnBs6Bha8Ym8RTD41/PwTdPLfVczQeZDBQegBDrbNuTmFfHj6gLHLK9RhTn8N2 lVE68TIip4vJrJC08IjiQZULGxrdWcKa+1vRifDoIp1izgp43rISoeTGD9FfWKNS y4N6H9KkGSU= =47l+ - -----END PGP SIGNATURE----- - -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXpkHm2aOgq3Tt24GAQhD4hAAmc27FMQ+Wjax8igW9wNWF0JuPDOng2rC S3sbJQf7AtIjHkd9PSQeXV62RbHO5cYouGWgOMwFFXvk0WiXKri9DFONPQor3h0u 7AZi+k6JMRl1CpYQ14k2TMex0PRGNqw2dJxLOU842f0OT0r5+cb4ooFy5xy9JWCU bfaP6RSwM9yPYUjmTGNgcbfFSU3XpnpIHPspcsaGf8NFaNTFUGlSBuYwot3ebLCz Sw4TS55FZK4plufKttH32FCG6HJDhBg3dHaGfISxzLRnupEyvLTa+fSlQOUuAdiM 7Nsa2Dl8FZLeM5TN4+knNJTxiZLNDvT8I2VgIpOSIPD20kZqCL2wotIfX1rFhwja 7/LYrOBTz9xFL7gSc8M5KT5DoSPZsWKdRF2nFb7QcQNw7doCrNDlCxWRbuJHlPbo sUWr8LDK8oriJW/F5x4pucFm/mlHfEHICmLdxMgK0mjg12NQaw8K1fCgETKI68SB NwOVc6MccSP2rc1nk+PU6BW9MmhJMOLNU3tGxsWZAncWKG8BMZXxGAwO/fs8t2Fx 84ZyD+nU7DX4mw/auYNasphWSYcOUDhDKj6u7BfzLTPiaAIWGTH3ZtLTl00RuV0t 6VQu0TAC+mDGLMtq3QMtVQ/PBdv6Sor+ZnircmC7Z/bkIYxaEIM9nskBUA79oLeO ccjqfh172rk= =PeQU -----END PGP SIGNATURE-----