AXSA:2019-3871:03

リリース日: 
2019/05/10 Friday - 10:14
題名: 
kernel-3.10.0-957.12.1.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)

* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* rbd: avoid corruption on partially completed bios [rhel-7.6.z] (BZ#1672514)

* xfs_vm_writepages deadly embrace between kworker and user task. [rhel-7.6.z] (BZ#1673281)

* Offload Connections always get vlan priority 0 [rhel-7.6.z] (BZ#1673821)

* [NOKIA] RHEL sends flood of Neighbour Solicitations under specific conditions [rhel-7.6.z] (BZ#1677179)

* RHEL 7.6 - Host crash occurred on NVMe/IB system while running controller reset [rhel-7.6.z] (BZ#1678214)

* [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z] (BZ#1678215)

* [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue creation causes kernel panic [rhel-7.6.z] (BZ#1678216)

* RFC: Regression with -fstack-check in 'backport upstream large stack guard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)

* [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup [rhel-7.6.z] (BZ#1679997)

* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z] (BZ#1683078)

* ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)

* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter fail-over [rhel-7.6.z] (BZ#1683093)

* Openshift node drops outgoing POD traffic due to NAT hashtable race in __ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)

* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of igmp unsolicited report interval [rhel-7.6.z] (BZ#1686771)

* [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter [rhel-7.6.z] (BZ#1687487)

* The number of unsolict report about IGMP is incorrect [rhel-7.6.z] (BZ#1688225)

* RDT driver causing failure to boot on AMD Rome system with more than 255 CPUs [rhel-7.6.z] (BZ#1689120)

* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)

* rwsem in inconsistent state leading system to hung [rhel-7.6.z] (BZ#1690323)

Users of kernel are advised to upgrade to these updated packages, which fix these bugs.

CVE-2019-6974
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
CVE-2019-7221
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

解決策: 

Update packages.

追加情報: 

N/A

ダウンロード: 

SRPMS
1. kernel-3.10.0-957.12.1.el7.src.rpm
md5sum: 3a1a4aee7004b05989465dfca451aca9
sha256sum: 3d872fe3144f3ff748a8f7b1213f92dc21282f386d42a9f504dfa58682a213d8
Size: 98,692 Kb

Asianux Server 7.0 for x86_64
1. bpftool-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 09a8739e5cba1518b711516eca1f1875
sha256sum: fe47275f2f802deca11b1bd0ab0d161dada37a22018e910df3aff15f9c744a32
Size: 7,630 Kb
2. kernel-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 0b1909bd5d66cdbed77565624effb889
sha256sum: 26ec787b28dec6417eea544c3e621293d97d0de6901d7f1e3b866ae2399ac7cc
Size: 49,392 Kb
3. kernel-abi-whitelists-3.10.0-957.12.1.el7.noarch.rpm
md5sum: 70558644b37dd91b22de011a5d4e5205
sha256sum: b015e975df76ccf074d4e668f4c23e5d18d878aded428828d17e183870210747
Size: 7,192 Kb
4. kernel-debug-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 72791d4fedc8484c56c64e83fe49b565
sha256sum: f14ffa0d5360d014418f05dc8a34d95a515a568c6b0241a96755326c960e931b
Size: 51,505 Kb
5. kernel-debug-devel-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: c873eec9975c4515eb2d36213a45a1b5
sha256sum: d85dd9a7ac410b3c648009713ca2e51430cbac43504cbf6ee86e447368ec7639
Size: 17,211 Kb
6. kernel-devel-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: c48d4d4fa735b93cb24b0fafd3b58fd7
sha256sum: 511ad6575328c99403ce2e7599f7000313c9b042064989978845d4cc6120e6ff
Size: 17,146 Kb
7. kernel-doc-3.10.0-957.12.1.el7.noarch.rpm
md5sum: 58b457abed8018b0477757c48eb492d0
sha256sum: 323e2b78c9e041e3ccc3f8d0869b1d8d91babfbde671440c3f31a7a1af30245b
Size: 18,801 Kb
8. kernel-headers-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 20a2f2cc8250ed820d50815fdedf66b8
sha256sum: 24d437e04e5a516a69a22f7dbc17c9abd45956faa0637dd62e088945c60585d8
Size: 8,179 Kb
9. kernel-tools-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 0f99cf2e7e1ae816cb7f5584531a3570
sha256sum: e2cc5ecbabf7a4ae5168fa71e72e20523cff9f73ba1b76234d49a66997c58178
Size: 7,280 Kb
10. kernel-tools-libs-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 364a584f95efcdbaceb1a372516832c9
sha256sum: 7f41634ccc59ef70bbfcd582f2fdc0dd421413aaee96e4055c8483feb5ce9765
Size: 7,186 Kb
11. perf-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 484677f5afd5b12fc97df7d99c8d265d
sha256sum: 973b36ea6e4a2a4bcb44153e71fcd83f30f6e170af05f1f1d3b57825e9078ce3
Size: 8,722 Kb
12. python-perf-3.10.0-957.12.1.el7.x86_64.rpm
md5sum: 7ea60c6979ee329c0245d80df0c27ef8
sha256sum: fcd2a08a6fcd37c55804472dd06d16f11204b414db50804806f0f176d5f26282
Size: 7,279 Kb
Copyright© 2007-2015 Asianux. All rights reserved.