CWE
362
Advisory Published

RHSA-2019:3220: Important: kernel security and bug fix update

First published: Tue Oct 29 2019(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)</li> <li> hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)</li> <li> kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734325)</li> <li> Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737378)</li> <li> [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740177)</li> <li> high update_cfs_rq_blocked_load contention (BZ#1740179)</li> <li> kvm: backport cpuidle-haltpoll driver (BZ#1740191)</li> <li> Growing unreclaimable slab memory (BZ#1741919)</li> <li> [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with &gt; 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743323)</li> <li> NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744945)</li> <li> powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745441)</li> <li> ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745448)</li> <li> [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1748237)</li> <li> [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748238)</li> <li> Allows macvlan to operate correctly over the active-backup mode to support bonding events (BZ#1749291)</li> <li> debug kernel reports scheduling while atomic bug in EFI code (BZ#1755324)</li>

Affected SoftwareAffected VersionHow to fix
redhat/kernel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/bpftool<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-abi-whitelists<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-doc<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-headers<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-libs<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-libs-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/perf<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/perf-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/python-perf<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/python-perf-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debuginfo-common-s390x<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-headers<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-kdump<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-kdump-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-kdump-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/perf<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/perf-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/python-perf<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/python-perf-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-bootwrapper<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debuginfo-common-ppc64<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-libs<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-libs-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-bootwrapper<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debug-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-debuginfo-common-ppc64le<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-headers<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-libs<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/kernel-tools-libs-devel<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/perf<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/perf-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/python-perf<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7
redhat/python-perf-debuginfo<3.10.0-957.38.1.el7
3.10.0-957.38.1.el7

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of RHSA-2019:3220?

    The severity of RHSA-2019:3220 is critical due to vulnerabilities that could be exploited for denial of service and potential data interception.

  • How do I fix RHSA-2019:3220?

    To fix RHSA-2019:3220, you should update the kernel packages to version 3.10.0-957.38.1.el7 or later.

  • What are the main vulnerabilities addressed in RHSA-2019:3220?

    RHSA-2019:3220 addresses a denial of service vulnerability in vhost_net and attacks related to Bluetooth encryption key negotiation.

  • Which systems are affected by RHSA-2019:3220?

    RHSA-2019:3220 affects Red Hat Enterprise Linux systems that utilize the specified kernel version.

  • Is there any impact on system performance after applying RHSA-2019:3220?

    There should be no negative impact on system performance after applying RHSA-2019:3220; however, the update will enhance security.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203