RHSA-2019:3089: Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<br>Security Fix(es):<br><li> kernel: Use-after-free in blkdrainqueue() function in block/blk-core.c (CVE-2018-20856)</li> <li> kernel: Heap overflow in mwifiexupdatebssdescwithie function in marvell/mwifiex/scan.c (CVE-2019-3846)</li> <li> hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)</li> <li> kernel: Heap overflow in mwifiexuapparsetailies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2019:3089?
RHSA-2019:3089 has been classified as a moderate severity vulnerability.
How do I fix RHSA-2019:3089?
To fix RHSA-2019:3089, update your kernel-rt packages to version 3.10.0-1062.4.1.rt56.1027.el7.
What vulnerabilities are addressed in RHSA-2019:3089?
RHSA-2019:3089 addresses a use-after-free vulnerability in the __blk_drain_queue() function, specifically identified as CVE-2018-20856.
Which systems are affected by RHSA-2019:3089?
RHSA-2019:3089 affects systems running the kernel-rt version prior to 3.10.0-1062.4.1.rt56.1027.el7.
Is RHSA-2019:3089 applicable to non-Red Hat systems?
RHSA-2019:3089 is specifically applicable to Red Hat systems using the kernel-rt package.