RHSA-2019:3979: Important: kernel security and bug fix update

First published: Tue Nov 26 2019(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)</li> <li> kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation (CVE-2019-15239)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> On RHEL 7.7 kernel SCSI VPD information for NVMe drives is missing (breaks InfoScale) (BZ#1752423)</li> <li> RHEL7 fnic spamming logs: Current vnic speed set to : 40000 (BZ#1754836)</li> <li> kernel build: parallelize redhat/mod-sign.sh (BZ#1755330)</li> <li> kernel build: speed up module compression step (BZ#1755339)</li> <li> Nested VirtualBox VMs on Windows guest has the potential of impacting memory region allocated to other KVM guests (BZ#1755781)</li> <li> NULL pointer dereference at check_preempt_wakeup+0x109 (BZ#1756265)</li> <li> Regression: panic in pick_next_task_rt (BZ#1756267)</li> <li> ixgbe reports "Detected Tx Unit Hang" with adapter reset on RHEL 7 (BZ#1757350)</li> <li> [Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM. (BZ#1757757)</li> <li> nvme: dead loop in blk_mq_tagset_wait_completed_request() when it is called from timeout handler (BZ#1758051)</li> <li> [mlx5] VF Representer naming is not consistent/persistent through reboots with OSPD deployment (BZ#1759003)</li> <li> OS getting restarted because of driver issue with QLogic Corp. ISP2532-based 8Gb Fibre Channel to PCI Express HBA [1077:2532] (rev 02). (BZ#1759447)</li> <li> mlx5: Load balancing not working over VF LAG configuration (BZ#1759449)</li> <li> RHEL7.8 - ISST-LTE: vimlp1: Running LTP af_alg04.c (crypto) crash the LPAR (BZ#1763620)</li> <li> RHEL7.5 - Fix security issues on crypto vmx (BZ#1763621)</li> <li> RHEL 7.7 RC1 - Host crashes about 4.5 hours into switch port bounce test (BZ#1763624)</li> <li> RHEL7.6 - cacheinfo code unsafe vs LPM (BZ#1763625)</li> <li> xfs hangs on acquiring xfs_buf semaphore (BZ#1764245)</li> <li> single CPU VM hangs during open_posix_testsuite (BZ#1766087)</li> <li> rcu_sched self-detected stall on CPU while booting with nohz_full (BZ#1766098)</li>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/weakness
• agent/severity
• agent/type
• agent/first-publish-date
• agent/last-modified-date
• agent/softwarecombine
• agent/title
• agent/event
• agent/remedy
• agent/tags
• agent/description
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2019:3979
• agent/software-canonical-lookup
• package-manager/redhat