kernel-4.18.0-193.14.3.el8
エラータID: AXSA:2020-898:14
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: lockdown: bypass through ACPI write via efivar_ssdt (CVE-2019-20908)
* kernel: lockdown: bypass through ACPI write via acpi_configfs (CVE-2020-15780)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713)
* [Regression] AXS8 RC - [Boston/DD2.1] [AXS8/kernel-4.18.0-193.el8.ppc64le] Host kernel crashes while running storage test bucket on KVM guest (iscsi)
* AXS8 - s390/mm: fix panic in gup_fast on large pud
CVE-2019-20908
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
CVE-2020-10713
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2020-15780
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
Update packages.
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
N/A
SRPMS
- kernel-4.18.0-193.14.3.el8.src.rpm
MD5: a0791272e6f3874c547087e46d1782c9
SHA-256: b8a5342931b0a9be25e34163529a80678aa8048715b8d7005b0fd2e935c453b7
Size: 109.65 MB
Asianux Server 8 for x86_64
- bpftool-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 08d071f5271b0b79ab1fc7899d647d68
SHA-256: f1d9b388a921af5a68f3cf4fe3da9bd2b3b109b13e0a9f14598449a4f50792a6
Size: 3.39 MB - kernel-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 6492ac35f1af3fc30322e8f36befebfb
SHA-256: eefcbcbb1ff3249f4a8fd906ef9c6047f357a544b528714c03c6b51046be3d01
Size: 2.78 MB - kernel-abi-whitelists-4.18.0-193.14.3.el8.noarch.rpm
MD5: 15e41841a36acc9be32e12ed9d6ccc4e
SHA-256: 295762e2ef7a71fa8295b8b698a14e56e6cf0f642a389848bf961e2a0ce767ce
Size: 2.78 MB - kernel-core-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 2872e57ac4e9a51fc1f0ef31eb2ec320
SHA-256: 6f445bde576dd80d7076ef45abc3c13e9fd75ddaaa2b62df4441cc76c1fd2ff9
Size: 27.82 MB - kernel-cross-headers-4.18.0-193.14.3.el8.x86_64.rpm
MD5: e2c0f220b8470a4ff240b413ca66ef56
SHA-256: 1ff8f9f53d50e7c51247426f1aee674601c29f5e4f68f4ab72da8691363f400a
Size: 7.52 MB - kernel-debug-4.18.0-193.14.3.el8.x86_64.rpm
MD5: fd54513cae1a80343be8584759cc11ba
SHA-256: 671038587c8ab9ea9d9ea17f42d3aae418fa058356cd9dc9f7fb476c700f311c
Size: 2.77 MB - kernel-debug-core-4.18.0-193.14.3.el8.x86_64.rpm
MD5: bcd8d30033de47a7846b7b16732757fe
SHA-256: 4de642cdcf60a0533fdb11fed1d834fd94267ca91d1f2375edae0f9bdb67c3a1
Size: 53.58 MB - kernel-debug-devel-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 1ca7ebfde1991c58751a1d9a03d76733
SHA-256: b919777bd6723f4e540fa075a852a25990129baaf7aeb2751febd3c0d5ffcee9
Size: 15.05 MB - kernel-debug-modules-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 810e110de4961b164ca16095a0ba4db7
SHA-256: 46fa68a97158052dc121f030afc23185d257e376c83d33db5b56da94e301eddf
Size: 46.93 MB - kernel-debug-modules-extra-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 9fc881182f3ccce1f4dba5e36690a4d8
SHA-256: 76e4861a1a4113281e12635cf9525a1139f43b0f1f23fd41eb95c47cf1b70140
Size: 4.02 MB - kernel-devel-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 6c4d484a3bb34872ba73dc7e78b08feb
SHA-256: 424356aded3651a2fd70c0399b256ba066a4c739feabdfcab064317d984b429b
Size: 14.89 MB - kernel-doc-4.18.0-193.14.3.el8.noarch.rpm
MD5: 7c154d60620224093c9d3083e336632e
SHA-256: 682a8fb9efd239912cdbd1e4cb261f3febe1321fe3840a75b50d40064cb320f9
Size: 17.81 MB - kernel-headers-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 9a3b397b120b7a04f4843520d3ff7138
SHA-256: ddfa445c168d7f1998d84c0f7260b0381aa55a9b6411fe556991a3391bb692af
Size: 3.97 MB - kernel-modules-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 19cab0e6680586ea59c6f81b4a7ec86f
SHA-256: eb151233a8dee3c13ee8b0e079a3c5e3d1c626f660d392d03799c4272c27c606
Size: 23.48 MB - kernel-modules-extra-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 26663337cce133a98a0ac86143e17f44
SHA-256: dba337733d21a2a9eb2879545f6ae0a5e5bf493b9ec5f84e664b19ebe7f730aa
Size: 3.39 MB - kernel-tools-4.18.0-193.14.3.el8.x86_64.rpm
MD5: 78bf40a64f57a45da4d0727ce05c37f2
SHA-256: bb5cd797c522f43b738427fe7728c8914d839d142cea03f71c6deada39efa43f
Size: 2.96 MB - kernel-tools-libs-4.18.0-193.14.3.el8.x86_64.rpm
MD5: a598ed0c9e379398587c38a0cb439271
SHA-256: f217523bc20949e89f2a3cc8dfff0b60cc2f5f21c3cee1b171185b6f0bd96a11
Size: 2.78 MB - perf-4.18.0-193.14.3.el8.x86_64.rpm
MD5: e7d8a45ebb1dc8b84070d22a96084361
SHA-256: cf14f6e95838d5f95c4628e31f4bec6b95a80abbe9d43ab1b17f891b5b598bc1
Size: 4.73 MB - python3-perf-4.18.0-193.14.3.el8.x86_64.rpm
MD5: b110f488144ab4a94b683bc9f370a3b3
SHA-256: 8694e144dcacb0702703cc15b3a20020dfd07fdf009d52edba7be96071c33df5
Size: 2.88 MB