- Vulnerability/
- RHSA-2020:3019
RHSA-2020:3019: Important: kernel security, bug fix, and enhancement update
First published: Tue Jul 21 2020(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)</li> <li> kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call (CVE-2019-13648)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1840678)</li> <li> Deadlock condition grabbing ssb_state lock (BZ#1841120)</li> <li> ext4: change LRU to round-robin in extent status tree shrinker (BZ#1847342)</li> <li> Emulex lpfc seems to get hung up failing IOCB'S continuously on kernel 3.10.0-957.21.3.el7.x86_64 leading to Oracle evictions (BZ#1849650)</li> <li> After upgrade to 3.9.89 pod containers with CPU limits fail to start due to cgroup error (BZ#1850499)</li> Enhancement(s):<br><li> [Marvell 7.8 FEAT] Update bnx2fc driver to latest upstream (BZ#1834817)</li>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/bpftool | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/bpftool-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-abi-whitelists | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-doc | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-headers | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-libs | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-libs-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/perf | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/perf-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/python-perf | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/python-perf-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/bpftool | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/bpftool-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debuginfo-common-s390x | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-headers | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-kdump | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-kdump-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-kdump-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/perf | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/perf-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/python-perf | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/python-perf-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-bootwrapper | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debuginfo-common-ppc64 | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-libs | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-libs-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/bpftool | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/bpftool-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-bootwrapper | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debug-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-debuginfo-common-ppc64le | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-headers | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-libs | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/kernel-tools-libs-devel | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/perf | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/perf-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/python-perf | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
| redhat/python-perf-debuginfo | <3.10.0-1062.30.1.el7 | 3.10.0-1062.30.1.el7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of RHSA-2020:3019?
The severity of RHSA-2020:3019 is classified as important, indicating a significant security concern that requires timely attention.
How do I fix RHSA-2020:3019?
You can fix RHSA-2020:3019 by updating to the kernel version 3.10.0-1062.30.1.el7 or later as recommended in the advisory.
What vulnerabilities are addressed in RHSA-2020:3019?
RHSA-2020:3019 addresses vulnerabilities including a denial of service scenario caused by vfio access to disabled MMIO space of some devices (CVE-2020-12888).
What packages are affected by RHSA-2020:3019?
Affected packages include kernel, kernel-debug, and bpftool among others, which need updates to the specified version.
Is RHSA-2020:3019 applicable to all Linux distributions?
No, RHSA-2020:3019 specifically applies to Red Hat Enterprise Linux, so other distributions may not be affected.
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/type
- agent/severity
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2020:3019
- agent/software-canonical-lookup
- agent/title
- agent/references
- agent/remedy
- agent/description
- agent/event
- agent/trending
- agent/tags
- agent/source
- package-manager/redhat