RHSA-2020:0592: Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system.Security Fix(es): kernel: use-after-free in fs/xfs/xfssuper.c (CVE-2018-20976) kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) kernel: heap-based buffer overflow in mwifiexprocesscountryie() function in drivers/net/wireless/marvell/mwifiex/staioctl.c (CVE-2019-14895) kernel: buffer overflow in cfg80211mgdwextgiwessid in net/wireless/wext-sme.c (CVE-2019-17133) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es): core: backports from upstream (BZ#1794372) Enhancement(s): Selective backport: perf: Sync with upstream v4.16 (BZ#1782750)
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:0592?
RHSA-2020:0592 poses a high severity level due to multiple vulnerabilities including a use-after-free issue and insufficient input validation.
How do I fix RHSA-2020:0592?
To fix RHSA-2020:0592, you should update your kernel packages to version 3.10.0-693.64.1.el7 or later.
What vulnerabilities are addressed in RHSA-2020:0592?
RHSA-2020:0592 addresses a use-after-free vulnerability in the XFS filesystem and insufficient input validation in the Intel i915 driver.
Which systems are affected by RHSA-2020:0592?
Systems running the kernel version prior to 3.10.0-693.64.1.el7 are affected by RHSA-2020:0592.
Is a reboot required to apply the updates for RHSA-2020:0592?
Yes, a system reboot is typically required to fully apply the kernel updates associated with RHSA-2020:0592.