kernel-4.18.0-147.8.1.el8

エラータID: AXSA:2020-750:12

リリース日: 
2020/10/16 Friday - 09:30
題名: 
kernel-4.18.0-147.8.1.el8
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- drivers/hidden/usbhid/hidden.c ドライバには、悪意のある USB デバイスに
より、use-after-free を引き起こすことを可能とする脆弱性が存在します。
(CVE-2019-19527)

一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
CVE-2019-18660
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. kernel-4.18.0-147.8.1.el8.src.rpm
    MD5: 4c1c6353abb2a20ddfda6103ba5519ac
    SHA-256: 125981a40efcf66fac0c33c82f67ffc4f7d1589cfad9cf186916cb1ac94a6ce0
    Size: 105.25 MB

Asianux Server 8 for x86_64
  1. bpftool-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 5efa7137392edf31e09b3daf5b91afb4
    SHA-256: 141a4458e1cbe4c036fbca02423212c22420db1e8a6e12aa933779498dcf6b86
    Size: 2.11 MB
  2. kernel-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 05a6dab0add9097b73d6585085856c66
    SHA-256: 74cd00d3d87ae082371c2faa95539694a06aad1dae457ab19e912c0752efad76
    Size: 1.54 MB
  3. kernel-abi-whitelists-4.18.0-147.8.1.el8.noarch.rpm
    MD5: 6a18665ef27b8028c654b7c327e20120
    SHA-256: 697c2c8d58531db72e4ac0a3ce8e48e8eca79c03f151767d5efce98d955fb254
    Size: 1.54 MB
  4. kernel-core-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 39270286a5bc00580b21ab5975eb4d9e
    SHA-256: e89e6f26883969ae07b6da109d625677464541465eb6631bd425c00452f6f908
    Size: 25.36 MB
  5. kernel-cross-headers-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 0a3f5ec75c8ae6bdb4cdb46c68ef1407
    SHA-256: 15a7d3b9cc61dabe70dc2ab85f3b0bf7e6499a7cb103ce3e162c4a9c685cbee1
    Size: 6.19 MB
  6. kernel-debug-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 0a72bf5fca792927b6bc10131723c21d
    SHA-256: e8bbc86b333ccae900b5b164d51ae13372e733bd951fdfb0076d201240dd864b
    Size: 1.54 MB
  7. kernel-debug-core-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 404984397bf796758d964e31a3dea590
    SHA-256: 661b089854086ce9b53ba5e6e5f729bd5a1d62c8bd1d5e61e7227ff76c22e457
    Size: 50.65 MB
  8. kernel-debug-devel-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 6249ac89fbd8f7687f1d3afb07d48ec1
    SHA-256: 823adfb50481fcf048efc4e291de6279cad0d47d4b29622338ab85266776a813
    Size: 13.67 MB
  9. kernel-debug-modules-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 34e1c93ce315c6075ab83648929d55f5
    SHA-256: b972176800a678c0279312a4ace200af99e283f23005e645e6b9478600080038
    Size: 44.66 MB
  10. kernel-debug-modules-extra-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 8a2f036915b43ff6c8c6df296bfdbec2
    SHA-256: 2a1770d4c21399fbe71fdd44c7ac23e96f36a4cc676bd598720e81be8c0fe63e
    Size: 2.77 MB
  11. kernel-devel-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: bb5c20a2abce0ba74eab492d4f8def28
    SHA-256: d0d53cb15f258e22234479a2ff15d7b449a73cdcb8b5bb7b671ca37c4af039a3
    Size: 13.46 MB
  12. kernel-doc-4.18.0-147.8.1.el8.noarch.rpm
    MD5: 87256f5b9297ce652f1ba43e846c143f
    SHA-256: fe6825b982208f636e2e4846fa0fe1df94ee1f78970fb18719e6a86aa1135ae8
    Size: 16.31 MB
  13. kernel-headers-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: cf74cc3456586eb68b316fc54ec01fca
    SHA-256: 46c50b4f606ad12cf2cb0d6fb80c2b8e62a7fd73b46722b9fbe30a34df1669be
    Size: 2.71 MB
  14. kernel-modules-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: ce76282f8d84db030301c11f6281a215
    SHA-256: 2ec824d2b0589091a32c2c483bd9346c29c779247f217dedef0c368036a3a17b
    Size: 21.73 MB
  15. kernel-modules-extra-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: be7dfd61c6d23102762574215c03289f
    SHA-256: 61f312253fd845cf034552f2e47c8a6ed86866a43b9de77d62840d7d989ce8cd
    Size: 2.15 MB
  16. kernel-tools-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 3470f01137f25a2fa7bd6be8902b99ac
    SHA-256: 59642c4008730fa27c1c97317a184193aa3d52bcaeecf64b1313e0eff68ad608
    Size: 1.70 MB
  17. kernel-tools-libs-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: 9e3caa02a51b24084d334b5b10a6e3ca
    SHA-256: 5db74786799f2faefb8b740fcb4297440557d0699a332fa2aa2251e0471d78af
    Size: 1.55 MB
  18. perf-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: cd102ab726f78297ee5af5b886ddfd63
    SHA-256: 3c60da5e145f64d5c40e269f6eeeb7743d939c8f000a6ccaaa1f7e069504695b
    Size: 3.38 MB
  19. python3-perf-4.18.0-147.8.1.el8.x86_64.rpm
    MD5: b6a32f45d8bb60e91da3bb022fc8f789
    SHA-256: b1cc8b645792e185ead09017eb450ad29a664795e9a48981e922e6cf3928a2f9
    Size: 1.65 MB