Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2020:1016-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-13233 CVE-2019-11190 CVE-2019-12382 CVE-2019-14283 CVE-2015-9289 CVE-2019-10638 CVE-2019-10207 CVE-2019-15916 CVE-2018-7191 CVE-2019-9503 CVE-2019-18660 CVE-2019-13648 CVE-2019-16746 CVE-2018-19985 CVE-2019-11884 CVE-2017-17807 CVE-2019-3901 CVE-2019-10639 CVE-2018-20169 -- * kernel: out of bound read in DVB connexant driver. * kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission * kernel: denial of service via ioctl call in network tun handling * kernel: usb: missing size check in the __usb_get_extra_descriptor() * kernel: perf_event_open() and execve() race in setuid programs allows a data leak * kernel: brcmfmac frame validation bypass * kernel: null-pointer dereference in hci_uart_set_flow_control * kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command * kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service * kernel: use-after-free in arch/x86/lib/insn-eval.c * kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call * kernel: integer overflow and OOB read in drivers/block/floppy.c * kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service * kernel: buffer-overflow hardening in WiFi beacon validation code. * kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure * kernel: oob memory read in hso_probe in drivers/net/usb/hso.c * Kernel: net: weak IP ID generation leads to remote device tracking * Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR * kernel: ASLR bypass for setuid binaries due to late install_exec_creds() -- SL7 x86_64 kernel-3.10.0-1127.el7.x86_64.rpm kernel-doc-3.10.0-1127.el7.noarch.rpm bpftool-3.10.0-1127.el7.x86_64.rpm kernel-devel-3.10.0-1127.el7.x86_64.rpm python-perf-3.10.0-1127.el7.x86_64.rpm kernel-tools-3.10.0-1127.el7.x86_64.rpm kernel-debug-3.10.0-1127.el7.x86_64.rpm kernel-headers-3.10.0-1127.el7.x86_64.rpm kernel-debug-devel-3.10.0-1127.el7.x86_64.rpm perf-3.10.0-1127.el7.x86_64.rpm kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpm kernel-tools-libs-3.10.0-1127.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1127.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1127.el7.x86_64.rpm kernel-debuginfo-3.10.0-1127.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1127.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1127.el7.x86_64.rpm perf-debuginfo-3.10.0-1127.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1127.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpm kernel-doc-3.10.0-1127.el7.noarch.rpm - Scientific Linux Development Team