RHSA-2020:3041: Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system.Security Fix(es): kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757) kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (CVE-2020-10766) kernel: Indirect Branch Prediction Barrier is force-disabled when STIBP is unavailable or enhanced IBRS is available. (CVE-2020-10767) kernel: Indirect branch speculation can be enabled after it was force-disabled by the PRSPECFORCEDISABLE prctl command. (CVE-2020-10768) kernel: buffer overflow in mwifiexcmdappendvsietlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653) kernel: heap-based buffer overflow in mwifiexretwmmgetstatus function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654) Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es): [ESXi][RHEL8.1.0] scsi driver SG list incompatibility (vmwpvscsi) (BZ#1839359)
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:3041?
The severity of RHSA-2020:3041 is considered moderate.
How do I fix RHSA-2020:3041?
To fix RHSA-2020:3041, update the kernel and associated packages to version 4.18.0-80.27.1.el8_0 or later.
What vulnerabilities are addressed in RHSA-2020:3041?
RHSA-2020:3041 addresses vulnerabilities such as CVE-2020-10757 related to DAX hugepages during mremap.
Which systems are affected by RHSA-2020:3041?
RHSA-2020:3041 affects Red Hat Enterprise Linux 8 systems running specific kernel packages.
What packages do I need to update for RHSA-2020:3041?
You need to update kernel, kernel-core, bpftool, and other associated packages to mitigate RHSA-2020:3041.