What is the severity of RHSA-2018:1965?

RHSA-2018:1965 is classified as a high severity vulnerability due to its potential impact on the integrity and confidentiality of affected systems.

How do I fix RHSA-2018:1965?

To fix RHSA-2018:1965, update your kernel packages to version 3.10.0-862.6.3.el7 or later.

What systems are affected by RHSA-2018:1965?

RHSA-2018:1965 affects Red Hat Enterprise Linux versions that utilize the kernel packages prior to the specified patch version.

What type of issue does RHSA-2018:1965 address?

RHSA-2018:1965 addresses vulnerabilities related to speculative execution in many modern microprocessor designs.

Is a reboot required after applying the fix for RHSA-2018:1965?

Yes, a reboot is required after applying the kernel update to ensure that the changes take effect.

Vulnerability/
RHSA-2018:1965

26/6/2018

9/4/2024

RHSA-2018:1965: Important: kernel security and bug fix update

First published: Tue Jun 26 2018(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): <li> An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC, x86 AMD)</li> <li> kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message (CVE-2017-11600)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639. Bug Fix(es): These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: <a href="https://access.redhat.com/articles/3485871" target="_blank">https://access.redhat.com/articles/3485871</a>

Affected Software	Affected Version	How to fix
redhat/kernel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-abi-whitelists	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-doc	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-headers	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-libs	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-libs-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/perf	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/perf-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/python-perf	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/python-perf-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debuginfo-common-s390x	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-headers	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-kdump	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-kdump-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-kdump-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/perf	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/perf-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/python-perf	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/python-perf-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-bootwrapper	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debuginfo-common-ppc64	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-libs	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-libs-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-bootwrapper	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debug-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-debuginfo-common-ppc64le	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-headers	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-libs	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/kernel-tools-libs-devel	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/perf	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/perf-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/python-perf	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7
redhat/python-perf-debuginfo	<3.10.0-862.6.3.el7	3.10.0-862.6.3.el7

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2018:1965 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2018:1965?
RHSA-2018:1965 is classified as a high severity vulnerability due to its potential impact on the integrity and confidentiality of affected systems.
How do I fix RHSA-2018:1965?
To fix RHSA-2018:1965, update your kernel packages to version 3.10.0-862.6.3.el7 or later.
What systems are affected by RHSA-2018:1965?
RHSA-2018:1965 affects Red Hat Enterprise Linux versions that utilize the kernel packages prior to the specified patch version.
What type of issue does RHSA-2018:1965 address?
RHSA-2018:1965 addresses vulnerabilities related to speculative execution in many modern microprocessor designs.
Is a reboot required after applying the fix for RHSA-2018:1965?
Yes, a reboot is required after applying the kernel update to ensure that the changes take effect.

agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/title
agent/description
agent/remedy
agent/references
agent/event
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2018:1965
agent/software-canonical-lookup
agent/trending
agent/tags
agent/source
package-manager/redhat