RHSA-2020:2832: Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: buffer overflow in mwifiexcmdappendvsietlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)</li> <li> kernel: heap-based buffer overflow in mwifiexretwmmgetstatus function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)</li> <li> Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1840675)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:2832?
The severity of RHSA-2020:2832 is categorized as important due to buffer overflow vulnerabilities.
How do I fix RHSA-2020:2832?
To fix RHSA-2020:2832, you should update the kernel packages to version 3.10.0-514.78.1.el7 or later.
What vulnerabilities are addressed in RHSA-2020:2832?
RHSA-2020:2832 addresses vulnerabilities related to a buffer overflow in the mwifiex_cmd_append_vsie_tlv function and heap-based buffer overflows.
Which software packages are affected by RHSA-2020:2832?
Affected software packages include kernel, kernel-debug, kernel-devel, and kernel-tools among others.
What platforms are impacted by RHSA-2020:2832?
RHSA-2020:2832 impacts the Red Hat Enterprise Linux 7 (el7) platform across various architectures including x86_64 and ppc64le.