RHSA-2019:2600: Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)</li> <li> kernel: brcmfmac heap buffer overflow in brcmfwowlndresults (CVE-2019-9500)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333)</li> <li> Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380)</li> <li> panic handing smb2reconnect due to a use after free (BZ#1737382)</li> <li> NFSv4.1 client stuck in infinite loop when received NFS4ERRSEQMISORDERED error (BZ#1739077)</li> <li> Backport TCP follow-up for small buffers (BZ#1739130)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What are the vulnerabilities addressed in RHSA-2019:2600?
RHSA-2019:2600 addresses the Spectre SWAPGS gadget vulnerability (CVE-2019-1125) and a heap buffer overflow in brcmfmac (CVE-2019-9500).
What is the severity of RHSA-2019:2600?
The severity of RHSA-2019:2600 is classified as critical due to the potential for remote code execution and data leakage.
How do I fix RHSA-2019:2600?
To fix RHSA-2019:2600, upgrade to the kernel version 3.10.0-1062.1.1.el7 or later.
Which packages are affected by RHSA-2019:2600?
The affected packages include kernel, kernel-debug, bpftool, and several others listed in the advisory.
Is it necessary to reboot after applying RHSA-2019:2600?
Yes, a reboot is required to apply the kernel updates from RHSA-2019:2600.