RHSA-2020:4060: Important: kernel security, bug fix, and enhancement update

First published: Tue Sep 29 2020(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: use-after-free in sound/core/timer.c (CVE-2019-19807)</li> <li> kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)</li> <li> kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free (CVE-2018-20836)</li> <li> kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454)</li> <li> kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)</li> Space precludes documenting all of the security fixes in this advisory. See the descriptions of the remaining security fixes in the related Knowledge Article:<br><a href="https://access.redhat.com/articles/5442421" target="_blank">https://access.redhat.com/articles/5442421</a> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/severity
• agent/weakness
• agent/type
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• agent/remedy
• agent/title
• agent/description
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2020:4060
• agent/software-canonical-lookup
• agent/references
• agent/tags
• agent/event
• agent/source
• package-manager/redhat