kernel-4.18.0-147.8.1.el8

エラータID: AXSA:2020-750:12

Release date: 
Friday, October 16, 2020 - 09:30
Subject: 
kernel-4.18.0-147.8.1.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception (CVE-2019-15030)

* kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)

* kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)

* kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* [FJ8.1 Bug]: fs/devpts: always delete dcache dentry-s in dput()

* qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap

* qla2xxxx: Firmware update for Gen7 adapter could result in an unusable adapter

* s390/sclp: Fix bit checked for has_sipl

* Error output for CPU-MF auxtrace data in perf

* [FJ8.0 Bug]: [kernel]: using "kexec -e" to reboot A64FX system causes system panic during the boot of the 2nd kernel

* Fixup tlbie vs store ordering issue on POWER9

* add safeguards to RX data path

* STC940:ZZ:Fleet:LPM failed with no rmc connection during 6th iteration (ibmvnic)

* disable trace-imc feature

* megaraid_sas driver update request

* [ FW940 ] [ zz P9 ] kdump fails when XIVE is enabled and dump is trigged from HMC.

* T10 DIF: OOM observed while running I/O

* backport fix for potential deadlock relative to snapshot COW throttling

* Neoverse n1 errata 1542419 "Core may fetch stale instructions from memory and violate ordering"

* [HPE 8.1 Bug] hpsa: bug fix for reset issue

* [HPE 8.0 BUG] System crash when reading /sys/block//mq/0/cpu_list file

* kernel: T10 CRC not using hardware-accelerated version from crct10dif_pclmul

* [FJ8.1 Bug]: Dirty pages remain when write() returns ENOSPC.

* NVMe/FC Fabric Broadcom Autoconnect Script Fails to Reconnect after Controller Reset

* Chelsio crypto co-processor Driver (chcr) bugfixes

*[Snapshot-1]LUN discovery says unrecognized

* 8.2 snap2 kernel incorrectly signed in brew

CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
CVE-2019-18660
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. kernel-4.18.0-147.8.1.el8.src.rpm
    MD5: 4c1c6353abb2a20ddfda6103ba5519ac
    SHA-256: 125981a40efcf66fac0c33c82f67ffc4f7d1589cfad9cf186916cb1ac94a6ce0
    Size: 105.25 MB

Asianux Server 8 for x86_64
  1. bpftool-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 5efa7137392edf31e09b3daf5b91afb4
    SHA-256: 141a4458e1cbe4c036fbca02423212c22420db1e8a6e12aa933779498dcf6b86
    Size: 2.11 MB
  2. kernel-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 05a6dab0add9097b73d6585085856c66
    SHA-256: 74cd00d3d87ae082371c2faa95539694a06aad1dae457ab19e912c0752efad76
    Size: 1.54 MB
  3. kernel-abi-whitelists-4.18.0-147.8.1.el8.noarch.rpm
    MD5: 6a18665ef27b8028c654b7c327e20120
    SHA-256: 697c2c8d58531db72e4ac0a3ce8e48e8eca79c03f151767d5efce98d955fb254
    Size: 1.54 MB
  4. kernel-core-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 39270286a5bc00580b21ab5975eb4d9e
    SHA-256: e89e6f26883969ae07b6da109d625677464541465eb6631bd425c00452f6f908
    Size: 25.36 MB
  5. kernel-cross-headers-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 0a3f5ec75c8ae6bdb4cdb46c68ef1407
    SHA-256: 15a7d3b9cc61dabe70dc2ab85f3b0bf7e6499a7cb103ce3e162c4a9c685cbee1
    Size: 6.19 MB
  6. kernel-debug-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 0a72bf5fca792927b6bc10131723c21d
    SHA-256: e8bbc86b333ccae900b5b164d51ae13372e733bd951fdfb0076d201240dd864b
    Size: 1.54 MB
  7. kernel-debug-core-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 404984397bf796758d964e31a3dea590
    SHA-256: 661b089854086ce9b53ba5e6e5f729bd5a1d62c8bd1d5e61e7227ff76c22e457
    Size: 50.65 MB
  8. kernel-debug-devel-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 6249ac89fbd8f7687f1d3afb07d48ec1
    SHA-256: 823adfb50481fcf048efc4e291de6279cad0d47d4b29622338ab85266776a813
    Size: 13.67 MB
  9. kernel-debug-modules-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 34e1c93ce315c6075ab83648929d55f5
    SHA-256: b972176800a678c0279312a4ace200af99e283f23005e645e6b9478600080038
    Size: 44.66 MB
  10. kernel-debug-modules-extra-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 8a2f036915b43ff6c8c6df296bfdbec2
    SHA-256: 2a1770d4c21399fbe71fdd44c7ac23e96f36a4cc676bd598720e81be8c0fe63e
    Size: 2.77 MB
  11. kernel-devel-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: bb5c20a2abce0ba74eab492d4f8def28
    SHA-256: d0d53cb15f258e22234479a2ff15d7b449a73cdcb8b5bb7b671ca37c4af039a3
    Size: 13.46 MB
  12. kernel-doc-4.18.0-147.8.1.el8.noarch.rpm
    MD5: 87256f5b9297ce652f1ba43e846c143f
    SHA-256: fe6825b982208f636e2e4846fa0fe1df94ee1f78970fb18719e6a86aa1135ae8
    Size: 16.31 MB
  13. kernel-headers-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: cf74cc3456586eb68b316fc54ec01fca
    SHA-256: 46c50b4f606ad12cf2cb0d6fb80c2b8e62a7fd73b46722b9fbe30a34df1669be
    Size: 2.71 MB
  14. kernel-modules-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: ce76282f8d84db030301c11f6281a215
    SHA-256: 2ec824d2b0589091a32c2c483bd9346c29c779247f217dedef0c368036a3a17b
    Size: 21.73 MB
  15. kernel-modules-extra-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: be7dfd61c6d23102762574215c03289f
    SHA-256: 61f312253fd845cf034552f2e47c8a6ed86866a43b9de77d62840d7d989ce8cd
    Size: 2.15 MB
  16. kernel-tools-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 3470f01137f25a2fa7bd6be8902b99ac
    SHA-256: 59642c4008730fa27c1c97317a184193aa3d52bcaeecf64b1313e0eff68ad608
    Size: 1.70 MB
  17. kernel-tools-libs-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 9e3caa02a51b24084d334b5b10a6e3ca
    SHA-256: 5db74786799f2faefb8b740fcb4297440557d0699a332fa2aa2251e0471d78af
    Size: 1.55 MB
  18. perf-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: cd102ab726f78297ee5af5b886ddfd63
    SHA-256: 3c60da5e145f64d5c40e269f6eeeb7743d939c8f000a6ccaaa1f7e069504695b
    Size: 3.38 MB
  19. python3-perf-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: b6a32f45d8bb60e91da3bb022fc8f789
    SHA-256: b1cc8b645792e185ead09017eb450ad29a664795e9a48981e922e6cf3928a2f9
    Size: 1.65 MB