You are here
Home > Preporuke > Sigurnosni nedostaci jezgre operacijskog sustava

Sigurnosni nedostaci jezgre operacijskog sustava

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel-rt security and bug fix update
Advisory ID: RHSA-2020:1070-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1070
Issue date: 2020-03-31
CVE Names: CVE-2015-9289 CVE-2017-17807 CVE-2018-7191
CVE-2018-19985 CVE-2018-20169 CVE-2019-3901
CVE-2019-9503 CVE-2019-10207 CVE-2019-10638
CVE-2019-10639 CVE-2019-11190 CVE-2019-11884
CVE-2019-12382 CVE-2019-13233 CVE-2019-14283
CVE-2019-15916 CVE-2019-16746
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for Real Time (v. 7) – noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) – noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: out of bound read in DVB connexant driver. (CVE-2015-9289)

* kernel: Missing permissions check for request_key() destination allows
local attackers to add keys to keyring without Write permission
(CVE-2017-17807)

* kernel: denial of service via ioctl call in network tun handling
(CVE-2018-7191)

* kernel: usb: missing size check in the __usb_get_extra_descriptor()
leading to DoS (CVE-2018-20169)

* kernel: perf_event_open() and execve() race in setuid programs allows a
data leak (CVE-2019-3901)

* kernel: brcmfmac frame validation bypass (CVE-2019-9503)

* kernel: null-pointer dereference in hci_uart_set_flow_control
(CVE-2019-10207)

* kernel: sensitive information disclosure from kernel stack memory via
HIDPCONNADD command (CVE-2019-11884)

* kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to
denial of service (CVE-2019-12382)

* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)

* kernel: integer overflow and OOB read in drivers/block/floppy.c
(CVE-2019-14283)

* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c
leads to denial of service (CVE-2019-15916)

* kernel: buffer-overflow hardening in WiFi beacon validation code.
(CVE-2019-16746)

* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c
(CVE-2018-19985)

* Kernel: net: weak IP ID generation leads to remote device tracking
(CVE-2019-10638)

* Kernel: net: using kernel space address bits to derive IP ID may
potentially break KASLR (CVE-2019-10639)

* kernel: ASLR bypass for setuid binaries due to late install_exec_creds()
(CVE-2019-11190)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1528335 – CVE-2017-17807 kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission
1550584 – spurious ktimersoftd wake ups increases latency (rhel-rt 7)
1660385 – CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS
1666106 – CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c
1690543 – 8 vCPU guest need max latency < 20 us with stress
1696087 – BUG: scheduling while atomic in zswap
1699438 – add_timer_on on remote CPUs not firing
1699856 – CVE-2019-11190 kernel: ASLR bypass for setuid binaries due to late install_exec_creds()
1701245 – CVE-2019-3901 kernel: perf_event_open() and execve() race in setuid programs allows a data leak
1701842 – CVE-2019-9503 kernel: brcmfmac frame validation bypass
1708718 – RT: update kernel-rt source tree to match RHEL 7.8 tree
1709837 – CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command
1715554 – CVE-2019-12382 kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service
1716328 – CVE-2018-7191 kernel: denial of service via ioctl call in network tun handling
1727756 – CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c
1729931 – CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking
1729933 – CVE-2019-10639 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
1733874 – CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control
1734243 – CVE-2019-14283 kernel: integer overflow and OOB read in drivers/block/floppy.c
1735655 – CVE-2015-9289 kernel: out of bound read in DVB connexant driver.
1741775 – crypto_rfc4543_encrypt: BUG: sleeping function called from invalid context at kernel/rtmutex.c:883
1750813 – CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service
1751083 – kernel:unregister_netdevice: waiting for veth0_client to become free. Usage count = 1
1760306 – CVE-2019-16746 kernel: buffer-overflow hardening in WiFi beacon validation code.
1772894 – kvm nx_huge_pages_recovery_ratio=0 is needed to meet KVM-RT low latency requirement

6. Package List:

Red Hat Enterprise Linux for Real Time for NFV (v. 7):

Source:
kernel-rt-3.10.0-1127.rt56.1093.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1127.rt56.1093.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm

Red Hat Enterprise Linux for Real Time (v. 7):

Source:
kernel-rt-3.10.0-1127.rt56.1093.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1127.rt56.1093.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1127.rt56.1093.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-1127.rt56.1093.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2015-9289
https://access.redhat.com/security/cve/CVE-2017-17807
https://access.redhat.com/security/cve/CVE-2018-7191
https://access.redhat.com/security/cve/CVE-2018-19985
https://access.redhat.com/security/cve/CVE-2018-20169
https://access.redhat.com/security/cve/CVE-2019-3901
https://access.redhat.com/security/cve/CVE-2019-9503
https://access.redhat.com/security/cve/CVE-2019-10207
https://access.redhat.com/security/cve/CVE-2019-10638
https://access.redhat.com/security/cve/CVE-2019-10639
https://access.redhat.com/security/cve/CVE-2019-11190
https://access.redhat.com/security/cve/CVE-2019-11884
https://access.redhat.com/security/cve/CVE-2019-12382
https://access.redhat.com/security/cve/CVE-2019-13233
https://access.redhat.com/security/cve/CVE-2019-14283
https://access.redhat.com/security/cve/CVE-2019-15916
https://access.redhat.com/security/cve/CVE-2019-16746
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBXoOcNdzjgjWX9erEAQjntA//bSb8X3PMPkTF18E5FkRPpt8hsVkJkkYN
e4GA6tUFIP1tC9ukHdQF2gIpxTZf2CSWnHxsI77BtdKOmQrVTCOobRBkH8ZzNeQJ
4oaWDjysinbdL/mZD+B1g88yNcX2EDbb4UTTNA0EL6Os0gzQN2uJy+xFZida6UdW
D34uBK+0sAnj2XcxzL50WdbEdaE+BUF4gHG7Aazks96lO5++zkfm75pWYfyThOrz
WNkh+wDdrK+elhypsSwx+HdeAfe7/t6LFFMmTMLMRptj0Q45OGUhuM2hUDOv+WHe
vFvJx7pTxCBlpF/y1txxUVgkHDwBdbLM5EVwcg/4S7QhuJ2/D/2rTNhaAuLvUL9V
6VoBSYI45MPbEnHC29GPpXErAMtUn+ypiHYg/n6b0w5wMpyCDHNBUiRmRrrqGDjM
pjkaj12VMSAtQRnL1OR9IVITky2GzSfVO5BSdv1L+0wWoIWBcaygy/q7Txu7t70j
VYK+lBtPn0x3iT/5r0E8VzBYQGtTN5VuXxeUbc7FmoVmN+0CdyV8OpQsfLXBWsqc
qvTYQNz3sHPdqTKrh8dshBU9Pw1iewlZIxPAEIJ/0msc2JTbKmmTZ2eVgLm0OW9s
a1rotm43MoXuRQr5w8+Ia6u/Oj4FIsnp5syr1mzXGUztqJogML+ZSkNOZfZHU465
SA4evcii+kw=
=tvjg
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2020:1016-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1016
Issue date: 2020-03-31
CVE Names: CVE-2015-9289 CVE-2017-17807 CVE-2018-7191
CVE-2018-19985 CVE-2018-20169 CVE-2019-3901
CVE-2019-9503 CVE-2019-10207 CVE-2019-10638
CVE-2019-10639 CVE-2019-11190 CVE-2019-11884
CVE-2019-12382 CVE-2019-13233 CVE-2019-13648
CVE-2019-14283 CVE-2019-15916 CVE-2019-16746
CVE-2019-18660
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) – noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) – noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) – x86_64
Red Hat Enterprise Linux Server (v. 7) – noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) – ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) – noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) – x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: out of bound read in DVB connexant driver. (CVE-2015-9289)

* kernel: Missing permissions check for request_key() destination allows
local attackers to add keys to keyring without Write permission
(CVE-2017-17807)

* kernel: denial of service via ioctl call in network tun handling
(CVE-2018-7191)

* kernel: usb: missing size check in the __usb_get_extra_descriptor()
leading to DoS (CVE-2018-20169)

* kernel: perf_event_open() and execve() race in setuid programs allows a
data leak (CVE-2019-3901)

* kernel: brcmfmac frame validation bypass (CVE-2019-9503)

* kernel: null-pointer dereference in hci_uart_set_flow_control
(CVE-2019-10207)

* kernel: sensitive information disclosure from kernel stack memory via
HIDPCONNADD command (CVE-2019-11884)

* kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to
denial of service (CVE-2019-12382)

* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)

* kernel: denial of service in arch/powerpc/kernel/signal_32.c and
arch/powerpc/kernel/signal_64.c via sigreturn() system call
(CVE-2019-13648)

* kernel: integer overflow and OOB read in drivers/block/floppy.c
(CVE-2019-14283)

* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c
leads to denial of service (CVE-2019-15916)

* kernel: buffer-overflow hardening in WiFi beacon validation code.
(CVE-2019-16746)

* kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information
exposure (CVE-2019-18660)

* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c
(CVE-2018-19985)

* Kernel: net: weak IP ID generation leads to remote device tracking
(CVE-2019-10638)

* Kernel: net: using kernel space address bits to derive IP ID may
potentially break KASLR (CVE-2019-10639)

* kernel: ASLR bypass for setuid binaries due to late install_exec_creds()
(CVE-2019-11190)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1507149 – [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group
1528335 – CVE-2017-17807 kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission
1651706 – kernel: sd 0:0:9:0: timing out command, waited XXXs – which command timed out?
1660385 – CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS
1666106 – CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c
1694201 – cifs repeatedly tries to open a file using smb v1 on an smb2 mount after receiving STATUS_SHARING_VIOLATION
1699856 – CVE-2019-11190 kernel: ASLR bypass for setuid binaries due to late install_exec_creds()
1701245 – CVE-2019-3901 kernel: perf_event_open() and execve() race in setuid programs allows a data leak
1701842 – CVE-2019-9503 kernel: brcmfmac frame validation bypass
1702264 – panic handing smb2_reconnect due to a use after free
1709837 – CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command
1711520 – IPSet List – Size in Memory Wildly Inconsistent
1715554 – CVE-2019-12382 kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service
1716328 – CVE-2018-7191 kernel: denial of service via ioctl call in network tun handling
1727756 – CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c
1729931 – CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking
1729933 – CVE-2019-10639 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR
1733347 – NFSv4.0 client sending a double CLOSE (leading to EIO application failure)
1733874 – CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control
1734243 – CVE-2019-14283 kernel: integer overflow and OOB read in drivers/block/floppy.c
1735630 – CVE-2019-13648 kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call
1735655 – CVE-2015-9289 kernel: out of bound read in DVB connexant driver.
1749390 – VFS: Busy inodes after unmount of loop0 when encountering duplicate directory inodes
1750577 – RHEL 7.7 long I/O stalls with bnx2fc from not masking off scope bits of retry delay value
1750813 – CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service
1757325 – perf top -p PID does not show anything
1757872 – crash in is_size_safe_to_change in 3.10.0-1062.el7 kernel as a result of another condition / race similar to earlier bug 1580165
1758001 – fix compat statfs64() returning EOVERFLOW for when _FILE_OFFSET_BITS=64
1760294 – kernel: seccomp: wrong return value for blocked syscalls on s390x
1760306 – CVE-2019-16746 kernel: buffer-overflow hardening in WiFi beacon validation code.
1770404 – CIFS client system hung with all cpus at 100% inside smb2_reconnect spinning on TCP_Server_Info.response_q.lock spinlock
1777825 – CVE-2019-18660 kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1127.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpm
kernel-doc-3.10.0-1127.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1127.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-3.10.0-1127.el7.x86_64.rpm
kernel-debug-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-devel-3.10.0-1127.el7.x86_64.rpm
kernel-headers-3.10.0-1127.el7.x86_64.rpm
kernel-tools-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.el7.x86_64.rpm
perf-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1127.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpm
kernel-doc-3.10.0-1127.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1127.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-3.10.0-1127.el7.x86_64.rpm
kernel-debug-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-devel-3.10.0-1127.el7.x86_64.rpm
kernel-headers-3.10.0-1127.el7.x86_64.rpm
kernel-tools-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.el7.x86_64.rpm
perf-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-1127.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpm
kernel-doc-3.10.0-1127.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1127.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-3.10.0-1127.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1127.el7.ppc64.rpm
kernel-debug-3.10.0-1127.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1127.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1127.el7.ppc64.rpm
kernel-devel-3.10.0-1127.el7.ppc64.rpm
kernel-headers-3.10.0-1127.el7.ppc64.rpm
kernel-tools-3.10.0-1127.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1127.el7.ppc64.rpm
perf-3.10.0-1127.el7.ppc64.rpm
perf-debuginfo-3.10.0-1127.el7.ppc64.rpm
python-perf-3.10.0-1127.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1127.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1127.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-3.10.0-1127.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1127.el7.ppc64le.rpm
kernel-debug-3.10.0-1127.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1127.el7.ppc64le.rpm
kernel-devel-3.10.0-1127.el7.ppc64le.rpm
kernel-headers-3.10.0-1127.el7.ppc64le.rpm
kernel-tools-3.10.0-1127.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1127.el7.ppc64le.rpm
perf-3.10.0-1127.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1127.el7.ppc64le.rpm
python-perf-3.10.0-1127.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1127.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1127.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1127.el7.s390x.rpm
kernel-3.10.0-1127.el7.s390x.rpm
kernel-debug-3.10.0-1127.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.s390x.rpm
kernel-debug-devel-3.10.0-1127.el7.s390x.rpm
kernel-debuginfo-3.10.0-1127.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1127.el7.s390x.rpm
kernel-devel-3.10.0-1127.el7.s390x.rpm
kernel-headers-3.10.0-1127.el7.s390x.rpm
kernel-kdump-3.10.0-1127.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1127.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1127.el7.s390x.rpm
perf-3.10.0-1127.el7.s390x.rpm
perf-debuginfo-3.10.0-1127.el7.s390x.rpm
python-perf-3.10.0-1127.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1127.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1127.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-3.10.0-1127.el7.x86_64.rpm
kernel-debug-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-devel-3.10.0-1127.el7.x86_64.rpm
kernel-headers-3.10.0-1127.el7.x86_64.rpm
kernel-tools-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.el7.x86_64.rpm
perf-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
bpftool-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1127.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1127.el7.ppc64.rpm
perf-debuginfo-3.10.0-1127.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1127.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1127.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1127.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1127.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1127.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1127.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-1127.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpm
kernel-doc-3.10.0-1127.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1127.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-3.10.0-1127.el7.x86_64.rpm
kernel-debug-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-devel-3.10.0-1127.el7.x86_64.rpm
kernel-headers-3.10.0-1127.el7.x86_64.rpm
kernel-tools-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.el7.x86_64.rpm
perf-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2015-9289
https://access.redhat.com/security/cve/CVE-2017-17807
https://access.redhat.com/security/cve/CVE-2018-7191
https://access.redhat.com/security/cve/CVE-2018-19985
https://access.redhat.com/security/cve/CVE-2018-20169
https://access.redhat.com/security/cve/CVE-2019-3901
https://access.redhat.com/security/cve/CVE-2019-9503
https://access.redhat.com/security/cve/CVE-2019-10207
https://access.redhat.com/security/cve/CVE-2019-10638
https://access.redhat.com/security/cve/CVE-2019-10639
https://access.redhat.com/security/cve/CVE-2019-11190
https://access.redhat.com/security/cve/CVE-2019-11884
https://access.redhat.com/security/cve/CVE-2019-12382
https://access.redhat.com/security/cve/CVE-2019-13233
https://access.redhat.com/security/cve/CVE-2019-13648
https://access.redhat.com/security/cve/CVE-2019-14283
https://access.redhat.com/security/cve/CVE-2019-15916
https://access.redhat.com/security/cve/CVE-2019-16746
https://access.redhat.com/security/cve/CVE-2019-18660
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBXoObR9zjgjWX9erEAQi7Qw//e3Hr9+kQnJwAQMsa5uOCJP1Fpi9xNTL/
Sf9AWF7Bb5Aj3ezcMJvkJmbH4Jibmx8Gy3rNhYQVvbWMMkpG/INUBSGBJTa8jgWY
ZOmWZzQwDYpTtIs3wUzTtW1vEb6EKCIfblM1h5bAicz3C+xLsH/uxn11RgHRedL2
g48F9MGacflUhUoSLyGrZ/ou7vV4trDARMQLRFTVmahzAyhGOgTf+gdGV9z2pq3o
W+SNjJurYeIC5ykZYA7wpeIFTWmy+6Jz1D1juiFEp54w5hwICX3seOGl7WKNUJ/o
UOZaSMQqw1oVLy1U80SF4NvoiHPrISM54nUou9HenMlK010WQiUFPygn6TIKCQnr
odjGG9dB5+Odcu7pnovaHfa3H2XCoKLeaJmi8GVIS9whgzGWdyK5aDkNX54TO77+
6BfX/syiRQj231yq2U2dbEjj8o00SR7grfv9Hd4vB8NJcJK3fzAa/7pdfoyx3D+w
VmmjT4L/WvVr9yhYNJxt1x39WphRT/tZbE0qpnSYO8ucO1LMCv4HyCctCUzJGYtv
bueIMC3AFFT1TcboqXKNnBbpcJq4C7tera3bjnVbmoAbxNRP7S3DGiQu9m5hCGCa
fF/ovshBXQx8F9+tW3tstoYl9KDbkO8b+Y2FQwC2IWUWaFhOartLCztYkOvmnEQ4
DYqQyYGritc=
=i5rX
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke taglib

Otkriven je sigurnosni nedostatak programske biblioteke taglib za operacijski sustav RHEL. Otkriveni nedostatak potencijalnim udaljenim napadačima omogućuje otkrivanje osjetljivih informacija....

Close