RHSA-2020:0653: Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: heap overflow in mwifiexupdatevsie() function of Marvell WiFi driver (CVE-2019-14816)</li> <li> kernel: heap-based buffer overflow in mwifiexprocesscountryie() function in drivers/net/wireless/marvell/mwifiex/staioctl.c (CVE-2019-14895)</li> <li> kernel: buffer overflow in cfg80211mgdwextgiwessid in net/wireless/wext-sme.c (CVE-2019-17133)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> RHEL7.5 - kernel crashed at xfsreclaiminodescount+0x70/0xa0 (BZ#1795578)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:0653?
The severity of RHSA-2020:0653 is categorized as important due to vulnerabilities that could lead to a heap overflow and potential exploitation.
How do I fix RHSA-2020:0653?
To fix RHSA-2020:0653, update the kernel and related packages to version 3.10.0-514.73.1.el7 or later.
What vulnerabilities are addressed by RHSA-2020:0653?
RHSA-2020:0653 addresses a heap overflow vulnerability in the mwifiex_update_vs_ie function of the Marvell WiFi driver, identified as CVE-2019-14816.
Which systems are affected by RHSA-2020:0653?
RHSA-2020:0653 affects systems running specific versions of the Linux kernel, including various architectures like x86_64 and ppc64le.
Is there a workaround for RHSA-2020:0653?
There are no specific workarounds for RHSA-2020:0653; the recommended action is to apply the security patch.