AXSA:2019-4426:07

リリース日: 
2019/12/28 Saturday - 03:55
題名: 
kernel-3.10.0-1062.7.1.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)

* kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation (CVE-2019-15239)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* On RHEL 7.7 kernel SCSI VPD information for NVMe drives is missing (breaks InfoScale) (BZ#1752423)

* RHEL7 fnic spamming logs: Current vnic speed set to : 40000 (BZ#1754836)

* kernel build: parallelize redhat/mod-sign.sh (BZ#1755330)

* kernel build: speed up module compression step (BZ#1755339)

* Nested VirtualBox VMs on Windows guest has the potential of impacting memory region allocated to other KVM guests (BZ#1755781)

* NULL pointer dereference at check_preempt_wakeup+0x109 (BZ#1756265)

* Regression: panic in pick_next_task_rt (BZ#1756267)

* ixgbe reports "Detected Tx Unit Hang" with adapter reset on RHEL 7 (BZ#1757350)

* [Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM. (BZ#1757757)

* nvme: dead loop in blk_mq_tagset_wait_completed_request() when it is called from timeout handler (BZ#1758051)

* [mlx5] VF Representer naming is not consistent/persistent through reboots with OSPD deployment (BZ#1759003)

* OS getting restarted because of driver issue with QLogic Corp. ISP2532-based 8Gb Fibre Channel to PCI Express HBA [1077:2532] (rev 02). (BZ#1759447)

* mlx5: Load balancing not working over VF LAG configuration (BZ#1759449)

* RHEL7.8 - ISST-LTE: vimlp1: Running LTP af_alg04.c (crypto) crash the LPAR (BZ#1763620)

* RHEL7.5 - Fix security issues on crypto vmx (BZ#1763621)

* RHEL 7.7 RC1 - Host crashes about 4.5 hours into switch port bounce test (BZ#1763624)

* RHEL7.6 - cacheinfo code unsafe vs LPM (BZ#1763625)

* xfs hangs on acquiring xfs_buf semaphore (BZ#1764245)

* single CPU VM hangs during open_posix_testsuite (BZ#1766087)

* rcu_sched self-detected stall on CPU while booting with nohz_full (BZ#1766098)

CVE-2019-14821
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
CVE-2019-15239
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.

解決策: 

Update packages.

追加情報: 

N/A

ダウンロード: 

SRPMS
  1. kernel-3.10.0-1062.7.1.el7.src.rpm
    MD5: 6561270fe8a0d970c9d4761f89d11ca4
    SHA-256: 03eb6684456746807f856d6817864a9696666e3a745d09ed44842d5bd444edd3
    Size: 98.71 MB

Asianux Server 7 for x86_64
  1. bpftool-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: e818f0ffbb119dd51cc2771db125d548
    SHA-256: 8b8d1c741623308ac3da273c2cf9650dfcffe77502d7e225defeaea6265cd750
    Size: 8.19 MB
  2. kernel-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: 941d03183996e85aebedf07419a01ea0
    SHA-256: cdfbb77463105ddb84b0f6b4b80a71d7e26b6b45d8f1fab74e42ce2773c2923e
    Size: 49.76 MB
  3. kernel-abi-whitelists-3.10.0-1062.7.1.el7.noarch.rpm
    MD5: e9561f777fbdd39d1df0666c9cfa132c
    SHA-256: 013765f9d20bfc57e17480b80920c5c39c0fcb3a93cead2c3a1daf35264a051d
    Size: 7.76 MB
  4. kernel-debug-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: ba87df9ba3771d0a75d9e0e5ea97adc9
    SHA-256: 60390c31999de94f277a8b35a1e7b47849983bf4a0ecc3e1360b11e3c4064da8
    Size: 52.04 MB
  5. kernel-debug-devel-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: 69f1849726e0a1337b825eb4732d018f
    SHA-256: fa7b69622484ad4bfd896164cb6d600d1ef2e34e227b320a511286a39fc5fa16
    Size: 17.69 MB
  6. kernel-devel-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: 3d6d89bba03bc4df2562162f479c49b4
    SHA-256: b63d856a935c9063e02561ae11981a4b3ef7abebd700867c5051b5dc1965152b
    Size: 17.62 MB
  7. kernel-doc-3.10.0-1062.7.1.el7.noarch.rpm
    MD5: edc086987c5e725d6ab222a346d17040
    SHA-256: 114df53bc8177d6e23f1c71cbf90fbadb34c523372c636cc14fbd303edd31d6b
    Size: 19.18 MB
  8. kernel-headers-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: b16406526564268a70a89b971bbcf387
    SHA-256: 8931b06be46db6d21ba3b98062dcdfa533786fc941814400fefc4a9029733f30
    Size: 8.74 MB
  9. kernel-tools-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: 6226ff2ee02a55c6bc863378f9ba7688
    SHA-256: dca389335bb4404c2ca4ce3456003316780a895fdee3faf3d504284342b87bf8
    Size: 7.85 MB
  10. kernel-tools-libs-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: ae83385d7e3b3b7c138d8a0568f3772a
    SHA-256: 2b04ff8bc7ea357640330d2c452e7f9d2c20b9cf19ee418b9c2f81e2c7e0079c
    Size: 7.75 MB
  11. perf-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: 6de9c4250d23915cb27b414b437a8d72
    SHA-256: 714346ba5d82342777e892fc59285657b5cea846778f99ab9adff86419302218
    Size: 9.39 MB
  12. python-perf-3.10.0-1062.7.1.el7.x86_64.rpm
    MD5: 740a62185b07bcf024c6e2c1745f36e0
    SHA-256: c956746f2569f18397de59af1d499f4a33d6ad05df8c6dc35074dd3138f8b2f7
    Size: 7.85 MB
Copyright© 2007-2015 Asianux. All rights reserved.