LISTSERV 16.5 - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis: Important: kernel security and bug fix update
Advisory ID:       SLSA-2019:3979-1
Issue Date:        2019-12-05
CVE Numbers:       CVE-2019-14821
                   CVE-2019-15239
--

Security Fix(es):

* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)

* kernel: local attacker can trigger multiple use-after-free conditions
results in privilege escalation (CVE-2019-15239)

Bug Fix(es):

* On SL 7.7 kernel SCSI VPD information for NVMe drives is missing (breaks
InfoScale)

* SL7 fnic spamming logs: Current vnic speed set to : 40000

* kernel build: parallelize redhat/mod-sign.sh

* kernel build: speed up module compression step

* Nested VirtualBox VMs on Windows guest has the potential of impacting
memory region allocated to other KVM guests

* NULL pointer dereference at check_preempt_wakeup+0x109

* Regression: panic in pick_next_task_rt

* ixgbe reports "Detected Tx Unit Hang" with adapter reset on SL 7

* [Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not
enabled in VM.

* nvme: dead loop in blk_mq_tagset_wait_completed_request() when it is
called from timeout handler

* [mlx5] VF Representer naming is not consistent/persistent through
reboots with OSPD deployment

* OS getting restarted because of driver issue with QLogic Corp.
ISP2532-based 8Gb Fibre Channel to PCI Express HBA [1077:2532] (rev 02).

* mlx5: Load balancing not working over VF LAG configuration

* SL7.8 - ISST-LTE: vimlp1: Running LTP af_alg04.c (crypto) crash the LPAR

* SL7.5 - Fix security issues on crypto vmx

* SL 7.7 RC1 - Host crashes about 4.5 hours into switch port bounce test

* SL7.6 - cacheinfo code unsafe vs LPM

* xfs hangs on acquiring xfs_buf semaphore

* single CPU VM hangs during open_posix_testsuite

* rcu_sched self-detected stall on CPU while booting with nohz_full
--

SL7
  x86_64
    bpftool-3.10.0-1062.7.1.el7.x86_64.rpm
    bpftool-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-debug-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-devel-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-headers-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-tools-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-1062.7.1.el7.x86_64.rpm
    perf-3.10.0-1062.7.1.el7.x86_64.rpm
    perf-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm
    python-perf-3.10.0-1062.7.1.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-1062.7.1.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-1062.7.1.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-1062.7.1.el7.noarch.rpm
    kernel-doc-3.10.0-1062.7.1.el7.noarch.rpm

- Scientific Linux Development Team