RHSA-2020:1070: Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.Security Fix(es): kernel: out of bound read in DVB connexant driver. (CVE-2015-9289) kernel: Missing permissions check for requestkey() destination allows local attackers to add keys to keyring without Write permission (CVE-2017-17807) kernel: denial of service via ioctl call in network tun handling (CVE-2018-7191) kernel: usb: missing size check in the usbgetextradescriptor() leading to DoS (CVE-2018-20169) kernel: perfeventopen() and execve() race in setuid programs allows a data leak (CVE-2019-3901) kernel: brcmfmac frame validation bypass (CVE-2019-9503) kernel: null-pointer dereference in hciuartsetflowcontrol (CVE-2019-10207) kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884) kernel: unchecked kstrdup of fwstr in drmloadedidfirmware leads to denial of service (CVE-2019-12382) kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233) kernel: integer overflow and OOB read in drivers/block/floppy.c (CVE-2019-14283) kernel: memory leak in registerqueuekobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916) kernel: buffer-overflow hardening in WiFi beacon validation code. (CVE-2019-16746) kernel: oob memory read in hsoprobe in drivers/net/usb/hso.c (CVE-2018-19985) Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638) Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639) kernel: ASLR bypass for setuid binaries due to late installexeccreds() (CVE-2019-11190) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:1070?
RHSA-2020:1070 is classified as a security vulnerability that affects the kernel-rt packages.
How do I fix RHSA-2020:1070?
To resolve RHSA-2020:1070, ensure you update to the kernel-rt package version 3.10.0-1127.rt56.1093.el7 or later.
What packages are affected by RHSA-2020:1070?
RHSA-2020:1070 affects multiple kernel-rt packages including kernel-rt, kernel-rt-debug, and their respective debug packages.
What types of security issues does RHSA-2020:1070 address?
RHSA-2020:1070 addresses vulnerabilities such as an out-of-bounds read in the DVB connexant driver.
Are there any known exploits for RHSA-2020:1070?
As of now, there are no specific known exploits publicly available for RHSA-2020:1070.