What is the severity of RHSA-2020:5206?

The severity of RHSA-2020:5206 is classified as moderate due to potential out-of-bounds memory writes.

How do I fix RHSA-2020:5206?

To fix RHSA-2020:5206, you should update to the kernel version 3.10.0-1062.40.1.el7 or later.

What vulnerabilities are addressed in RHSA-2020:5206?

RHSA-2020:5206 addresses CVE-2017-18551, which involves out-of-bounds write issues in the i2c subsystem.

Which systems are affected by RHSA-2020:5206?

RHSA-2020:5206 affects systems running specific versions of the Red Hat Enterprise Linux kernel prior to 3.10.0-1062.40.1.el7.

What packages need to be updated for RHSA-2020:5206?

You need to update kernel, kernel-debug, kernel-devel, and other related packages specified in the advisory for RHSA-2020:5206.

Vulnerability/
RHSA-2020:5206

CWE

416

24/11/2020

RHSA-2020:5206: Moderate: kernel security and bug fix update

First published: Tue Nov 24 2020(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)</li> <li> kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454)</li> <li> kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c (CVE-2019-19046)</li> <li> kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c (CVE-2019-19447)</li> <li> kernel: sg_write function lacks an sg_remove_request call in a certain failure case (CVE-2020-12770)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> [RHEL7] deadlock between page fault handler and __get_free_pages() (BZ#1889766)</li> <li> RHEL7.6: no-carrier configured interfaces causes soft lockups by mount.nfs and hang booting/shutdown process (BZ#1889772)</li> <li> RHEL7.7 zstream - ESS - kernel panic triggered by freelist pointer corruption (BZ#1893807)</li>

Affected Software	Affected Version	How to fix
redhat/kernel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/bpftool	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/bpftool-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-abi-whitelists	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-doc	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-headers	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-libs	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-libs-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/perf	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/perf-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/python-perf	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/python-perf-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/bpftool	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/bpftool-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debuginfo-common-s390x	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-headers	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-kdump	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-kdump-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-kdump-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/perf	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/perf-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/python-perf	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/python-perf-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-bootwrapper	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debuginfo-common-ppc64	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-libs	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-libs-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/bpftool	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/bpftool-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-bootwrapper	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debug-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-debuginfo-common-ppc64le	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-headers	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-libs	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/kernel-tools-libs-devel	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/perf	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/perf-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/python-perf	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7
redhat/python-perf-debuginfo	<3.10.0-1062.40.1.el7	3.10.0-1062.40.1.el7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:5206?
The severity of RHSA-2020:5206 is classified as moderate due to potential out-of-bounds memory writes.
How do I fix RHSA-2020:5206?
To fix RHSA-2020:5206, you should update to the kernel version 3.10.0-1062.40.1.el7 or later.
What vulnerabilities are addressed in RHSA-2020:5206?
RHSA-2020:5206 addresses CVE-2017-18551, which involves out-of-bounds write issues in the i2c subsystem.
Which systems are affected by RHSA-2020:5206?
RHSA-2020:5206 affects systems running specific versions of the Red Hat Enterprise Linux kernel prior to 3.10.0-1062.40.1.el7.
What packages need to be updated for RHSA-2020:5206?
You need to update kernel, kernel-debug, kernel-devel, and other related packages specified in the advisory for RHSA-2020:5206.

agent/severity
agent/type
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2020:5206
agent/software-canonical-lookup
agent/remedy
agent/weakness
agent/references
agent/title
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat