What is the severity of RHSA-2019:3870?

The severity of RHSA-2019:3870 is classified as Important.

How do I fix RHSA-2019:3870?

You can fix RHSA-2019:3870 by upgrading to the kernel-rt package version 4.18.0-147.0.3.rt24.95.el8_1.

What vulnerabilities does RHSA-2019:3870 address?

RHSA-2019:3870 addresses a vulnerability related to Intel GPU blitter manipulation that can allow for arbitrary kernel memory write (CVE-2019-0155).

Which systems are affected by RHSA-2019:3870?

RHSA-2019:3870 affects systems running the Real Time Linux Kernel, specifically the kernel-rt package and associated components.

Is there a workaround for RHSA-2019:3870?

There are no official workarounds for RHSA-2019:3870; the recommended action is to apply the security fix.

Vulnerability/
RHSA-2019:3870

13/11/2019

RHSA-2019:3870: Important: kernel-rt security update

First published: Wed Nov 13 2019(Updated: )

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<br>Security Fix(es):<br><li> hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/kernel-rt	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-core	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-core	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-debuginfo	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-devel	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-kvm-debuginfo	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-modules	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-modules-extra	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debuginfo	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-devel	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-kvm-debuginfo	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-modules	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-modules-extra	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-debug-kvm	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1
redhat/kernel-rt-kvm	<4.18.0-147.0.3.rt24.95.el8_1	4.18.0-147.0.3.rt24.95.el8_1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2019:3870?
The severity of RHSA-2019:3870 is classified as Important.
How do I fix RHSA-2019:3870?
You can fix RHSA-2019:3870 by upgrading to the kernel-rt package version 4.18.0-147.0.3.rt24.95.el8_1.
What vulnerabilities does RHSA-2019:3870 address?
RHSA-2019:3870 addresses a vulnerability related to Intel GPU blitter manipulation that can allow for arbitrary kernel memory write (CVE-2019-0155).
Which systems are affected by RHSA-2019:3870?
RHSA-2019:3870 affects systems running the Real Time Linux Kernel, specifically the kernel-rt package and associated components.
Is there a workaround for RHSA-2019:3870?
There are no official workarounds for RHSA-2019:3870; the recommended action is to apply the security fix.

agent/references
agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2019:3870
agent/software-canonical-lookup
agent/title
agent/event
agent/description
agent/remedy
agent/trending
agent/tags
agent/source
package-manager/redhat