Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2019:3055
HistoryOct 15, 2019 - 3:47 p.m.

(RHSA-2019:3055) Important: kernel security and bug fix update

2019-10-1515:47:02
access.redhat.com
364

0.014 Low

EPSS

Percentile

86.5%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)

  • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)

  • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)

  • kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fixes:

  • gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)

  • [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)

  • high update_cfs_rq_blocked_load contention (BZ#1740180)

  • [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188)

  • kvm: backport cpuidle-haltpoll driver (BZ#1740192)

  • Growing unreclaimable slab memory (BZ#1741920)

  • [bnx2x] ping failed from pf to vf which has been attached to vm (BZ#1741926)

  • [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)

  • Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442)

  • RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443)

  • RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ#1744444)

  • NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946)

  • [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239)

  • NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290)

  • [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)

  • Allows macvlan to operated correctly over the active-backup mode to support bonding events. (BZ#1751579)

  • [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1752421)

Users of kernel are advised to upgrade to these updated packages, which fix these bugs.

OSVersionArchitecturePackageVersionFilename
RedHat7s390xkernel-debug-debuginfo< 3.10.0-1062.4.1.el7kernel-debug-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm
RedHat7x86_64python-perf< 3.10.0-1062.4.1.el7python-perf-3.10.0-1062.4.1.el7.x86_64.rpm
RedHat7s390xkernel-debuginfo-common-s390x< 3.10.0-1062.4.1.el7kernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7.s390x.rpm
RedHat7ppc64kernel-tools< 3.10.0-1062.4.1.el7kernel-tools-3.10.0-1062.4.1.el7.ppc64.rpm
RedHat7x86_64kernel-debug-debuginfo< 3.10.0-1062.4.1.el7kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
RedHat7ppc64leperf-debuginfo< 3.10.0-1062.4.1.el7perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm
RedHat7ppc64lekernel-devel< 3.10.0-1062.4.1.el7kernel-devel-3.10.0-1062.4.1.el7.ppc64le.rpm
RedHat7ppc64perf< 3.10.0-1062.4.1.el7perf-3.10.0-1062.4.1.el7.ppc64.rpm
RedHat7ppc64lekernel-debug-debuginfo< 3.10.0-1062.4.1.el7kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm
RedHat7x86_64kernel-tools-libs< 3.10.0-1062.4.1.el7kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm
Rows per page:
1-10 of 751

Related

openvas 35
centos 1
nessus 63
redhat 20
oraclelinux 2
redhatcve 4
veracode 4
f5 4
cvelist 4
ubuntucve 4
cve 4
nvd 4
debiancve 4
prion 4
cert 1
githubexploit 1
mscve 1
malwarebytes 1
fortinet 1
symantec 1
hp 1
thn 1
cisco 1
huawei 1
slackware 2
ibm 2
virtuozzo 1
lenovo 2
ubuntu 5
debian 4
osv 3
threatpost 1
cloudfoundry 1
amazon 1
suse 4
mageia 1
androidsecurity 1
fedora 3
photon 1
openvas
openvas
CentOS Update for bpftool CESA-2019:3055 centos7
2019-10-22 00:00:00
Slackware: Security Advisory (SSA:2019-202-01)
2022-04-21 00:00:00
Ubuntu: Security Advisory (USN-4093-1)
2019-08-14 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2019-10-21 17:31:04
nessus
nessus
RHEL 7 : kernel (RHSA-2019:3055)
2019-10-16 00:00:00
RHEL 7 : kernel-rt (RHSA-2019:3089)
2019-10-17 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (20191016)
2019-10-21 00:00:00
redhat
redhat
(RHSA-2019:3076) Important: kpatch-patch security update
2019-10-15 15:48:39
(RHSA-2019:3089) Important: kernel-rt security and bug fix update
2019-10-16 07:42:15
(RHSA-2020:0698) Important: kpatch-patch security update
2020-03-03 15:42:56
oraclelinux
oraclelinux
kernel security and bug fix update
2019-10-16 00:00:00
kernel security, bug fix, and enhancement update
2019-11-14 00:00:00
redhatcve
redhatcve
CVE-2018-20856
2020-04-07 16:59:02
CVE-2019-10126
2020-04-09 07:20:45
CVE-2019-9506
2020-01-07 15:44:45
veracode
veracode
Denial Of Service (DoS)
2019-10-16 00:21:15
Use-after-Free
2019-10-16 00:21:14
Brute-force Attack
2019-10-09 00:22:32
f5
f5
K14673240 : Linux kernel vulnerability CVE-2018-20856
2019-10-15 00:00:00
K95593121 : Linux kernel vulnerability CVE-2019-10126
2019-07-04 00:00:00
K51813353 : Linux Kernel vulnerability CVE-2019-9506
2022-07-21 00:00:00
cvelist
cvelist
CVE-2018-20856
2019-07-26 04:40:41
CVE-2019-10126
2019-06-14 13:56:32
CVE-2019-9506 Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
2019-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2018-20856
2019-07-26 00:00:00
CVE-2019-10126
2019-06-14 00:00:00
CVE-2019-9506
2019-08-13 00:00:00
cve
cve
CVE-2019-9506
2019-08-14 17:15:11
CVE-2018-20856
2019-07-26 05:15:10
CVE-2019-10126
2019-06-14 14:29:00
nvd
nvd
CVE-2019-10126
2019-06-14 14:29:00
CVE-2018-20856
2019-07-26 05:15:10
CVE-2019-9506
2019-08-14 17:15:11
debiancve
debiancve
CVE-2019-10126
2019-06-14 14:29:00
CVE-2018-20856
2019-07-26 05:15:10
CVE-2019-9506
2019-08-14 17:15:11
prion
prion
Design/Logic Flaw
2019-07-26 05:15:00
Code injection
2019-08-14 17:15:00
Heap overflow
2019-06-14 14:29:00
cert
cert
Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
2019-08-14 00:00:00
githubexploit
githubexploit
Exploit for Use of a Broken or Risky Cryptographic Algorithm in Google Android
2019-08-15 11:54:21
mscve
mscve
Encryption Key Negotiation of Bluetooth Vulnerability
2019-08-13 07:00:00
malwarebytes
malwarebytes
Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks
2019-08-21 15:56:45
fortinet
fortinet
CVE-2019-9506 Encryption Key Negotiation of Bluetooth (KNOB) Vulnerability
2020-04-23 00:00:00
symantec
symantec
Microsoft Windows Bluetooth CVE-2019-9506 Remote Security Vulnerability
2019-08-13 00:00:00
hp
hp
HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability
2019-12-04 00:00:00
thn
thn
New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections
2019-08-14 16:47:00
cisco
cisco
Key Negotiation of Bluetooth Vulnerability
2019-08-13 17:00:00
huawei
huawei
Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability
2019-08-28 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-07-22 04:08:19
[slackware-security] Slackware 14.2 kernel
2019-08-14 06:12:49
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
2020-10-07 16:13:17
Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
2020-10-07 16:14:07
virtuozzo
virtuozzo
Important kernel security update: Virtuozzo ReadyKernel patch 89.2 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0
2019-10-16 00:00:00
lenovo
lenovo
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
2019-08-13 15:18:05
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
2019-08-13 15:18:05
ubuntu
ubuntu
Linux kernel (Xenial HWE) vulnerabilities
2019-08-13 00:00:00
Linux kernel vulnerabilities
2019-08-13 00:00:00
Linux kernel vulnerabilities
2019-08-13 00:00:00
debian
debian
[SECURITY] [DLA 1823-1] linux security update
2019-06-17 23:42:52
[SECURITY] [DSA 4465-1] linux security update
2019-06-17 18:00:31
[SECURITY] [DSA 4465-1] linux security update
2019-06-17 18:00:31
osv
osv
linux - security update
2019-06-17 00:00:00
linux - security update
2019-06-17 00:00:00
linux-4.9 - security update
2019-06-17 00:00:00
threatpost
threatpost
Lenovo Warns of ThinkPad Bugs, One Unpatched
2019-08-14 17:56:01
cloudfoundry
cloudfoundry
USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2019-08-29 00:00:00
amazon
amazon
Important: kernel
2018-10-03 02:57:00
suse
suse
Security update for the Linux Kernel (important)
2019-10-10 00:00:00
Security update for the Linux Kernel (important)
2019-10-10 00:00:00
Security update for the Linux Kernel (important)
2019-07-19 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-08-13 00:08:18
androidsecurity
androidsecurity
Pixel Update Bulletin—August 2019
2019-08-05 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-tools-5.1.6-200.fc29
2019-06-06 02:36:24
[SECURITY] Fedora 29 Update: kernel-headers-5.1.6-200.fc29
2019-06-06 02:36:24
[SECURITY] Fedora 30 Update: kernel-headers-5.1.7-300.fc30
2019-06-10 00:53:26
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0175
2019-09-10 00:00:00

0.014 Low

EPSS

Percentile

86.5%

JSON
Related for RHSA-2019:3055
openvas35centos1nessus63redhat20oraclelinux2redhatcve4veracode4f54cvelist4ubuntucve4cve4nvd4debiancve4prion4cert1githubexploit1mscve1malwarebytes1fortinet1symantec1hp1thn1cisco1huawei1slackware2ibm2virtuozzo1lenovo2ubuntu5debian4osv3threatpost1cloudfoundry1amazon1suse4mageia1androidsecurity1fedora3photon1