kernel-3.10.0-1127.18.2.el7

エラータID: AXSA:2020-263:09

Release date: 
Tuesday, August 11, 2020 - 08:27
Subject: 
kernel-3.10.0-1127.18.2.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757)

* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)

* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)

* kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* scsi: ibmvfc: Avoid loss of all paths during SVC node reboot

* Error messages related to hwrm observed for BCM 57504 under dmesg

* kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713)

* Request: retrofit kernel commit f82b4b6 .

* kipmi thread high CPU consumption when performing BMC firmware upgrade

* virtio-blk: fix hw_queue stopped on arbitrary error (kvm)

* infinite blocked waiting on inode_dio_wait in nfs

* http request is taking more time for endpoint running on different host via nodeport service

* ext4: change LRU to round-robin in extent status tree shrinker

* libaio is returning duplicate events

* After upgrade to 3.9.89 pod containers with CPU limits fail to start due to cgroup error

* Fix dpdk regression

CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
CVE-2020-10713
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2020-10757
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
CVE-2020-12653
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
CVE-2020-12654
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.

Solution: 

Update packages.

CVEs: 
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
CVE-2020-10713
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-10757
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
CVE-2020-12653
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
CVE-2020-12654
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
Additional Info: 

N/A

Download: 

SRPMS
  1. kernel-3.10.0-1127.18.2.el7.src.rpm
    MD5: a6836d65720886a50553fa2436a8f298
    SHA-256: 3368f786d361f4cd43112c5cf85b1b0143eb0a9b5159c41ef7f3ebf2e761f591
    Size: 99.33 MB

Asianux Server 7 for x86_64
  1. bpftool-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: 67be4d56b013ecf5dc32a88572753510
    SHA-256: 1fa4fe98348613589e661a2e1267cd016f754667abc4360303ee80ba7bc9b9a7
    Size: 8.40 MB
  2. kernel-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: cd1c027a1857d02c2bc27fac621ea557
    SHA-256: 0068e6565a4059f3f3e5a456a5f118ea940e2871cd83f1f5e7cc2e49326877f4
    Size: 50.21 MB
  3. kernel-abi-whitelists-3.10.0-1127.18.2.el7.noarch.rpm
    MD5: d5650f32065766103cac11bbe03284a6
    SHA-256: fc3e2fa6695ef29d7d54c25b76083f934e93650bfe51fb16a5a742c26acda810
    Size: 7.97 MB
  4. kernel-debug-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: ae9dc4ec98b9fa900fd7c954b4001ca9
    SHA-256: baad3b30669c0dc36608b66bf0d07028d6806938a57532a887d74ddd819dc1ea
    Size: 52.51 MB
  5. kernel-debug-devel-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: ca226c5f0488bce9d7ee2ca84d5bf48a
    SHA-256: 9493ae5b4085b55f5c4cd186a9a8a953455d0337505c6136d4024e44c8e6860f
    Size: 17.94 MB
  6. kernel-devel-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: da56c24207fe191bd6f228082bfec05c
    SHA-256: 0b5a28bf222167260f6bd0db47d81b9d57500193dbe54c03226409b6a49bbe3f
    Size: 17.87 MB
  7. kernel-doc-3.10.0-1127.18.2.el7.noarch.rpm
    MD5: 966773e8e47352fb719b8d449046b750
    SHA-256: 184fadc49f2a26cd079b4403c43f409013afdb54a7a0e80a673bdf87cd476d9e
    Size: 19.44 MB
  8. kernel-headers-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: fb665ecb983c278e5f7f2c0cd03c5ec3
    SHA-256: 22d19cc7e5ee512a414579261fac89f32b9b4f14f3bdebcaa6adea14605e33db
    Size: 8.95 MB
  9. kernel-tools-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: d9698a4424c4ee58609547134df4478d
    SHA-256: 6de13da15f5eedc807ec4fb87665c696fba010959be31490e04126ed19cf6fab
    Size: 8.05 MB
  10. kernel-tools-libs-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: b77c52c8fc578fbd2270b1797b86d646
    SHA-256: b2850f71b2f25ad733ada2c28c9804db24b01fbf584f218ab193d734db076d78
    Size: 7.96 MB
  11. perf-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: f15b47994bc4a424292ffad87be1c209
    SHA-256: f134fc53222199d300926d18cfb7a3fa76b82d9633b93824c00e9823839922c5
    Size: 9.60 MB
  12. python-perf-3.10.0-1127.18.2.el7.x86_64.rpm
    MD5: 99d79ccdab3af40235740dcec4d0f1cf
    SHA-256: 19b34d73591302554694e49955c06bfc3cb6d59d97df0727ed96bd4687aefb4f
    Size: 8.05 MB