RHSA-2019:2975: Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)</li> <li> kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. (BZ#1732810)</li> <li> skb head copy occurs when sending traffic over OVS managed VXLAN tunnel (BZ#1733896)</li> <li> [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734306)</li> <li> use "make -jN" for modulesinstall (BZ#1735082)</li> <li> Backport TCP follow-up for small buffers (BZ#1739128)</li> <li> [FJ7.6 Bug]: [REG] kernel: ipc: ipcfree should use kvfree (BZ#1740176)</li> <li> RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745437)</li> <li> RHEL7.6 - powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745439)</li> <li> RHEL7.5 - ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745447)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What are the vulnerabilities addressed in RHSA-2019:2975?
RHSA-2019:2975 addresses the Bluetooth KNOB attack (CVE-2019-9506) and the Spectre SWAPGS vulnerability (CVE-2019-1125).
What is the severity level of RHSA-2019:2975?
The severity level of RHSA-2019:2975 is considered moderate due to the nature of the vulnerabilities involved.
How do I fix RHSA-2019:2975?
To fix RHSA-2019:2975, update to the kernel version 3.10.0-862.43.1.el7 or later.
Which systems are affected by RHSA-2019:2975?
RHSA-2019:2975 affects systems running Red Hat Enterprise Linux 7 with kernel version up to 3.10.0-862.43.1.el7.
Is it necessary to reboot after applying the fix for RHSA-2019:2975?
Yes, a reboot is required to ensure the new kernel with the security fix for RHSA-2019:2975 is properly loaded.