| Descripción: | Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the CESA-2019:3836 advisory.
Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207)
* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)
* Kernel: vhost_net: infinite loop while receiving packets leads to DoS
(CVE-2019-3900)
* hw: Intel GPU Denial Of Service while accessing MMIO in lower power state
(CVE-2019-0154)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* [Intel 6.10 Bug] With mWait/C-states disabled, HT on, ibrs enabled,
performance impact observed on user space benchmark (BZ#1560787)
* kernel-2.6.32-573.60.2.el6 hangs/resets during boot in
efi_enter_virtual_mode() on Xeon v2 E7-2870 (BZ#1645724)
* Slab leak: skbuff_head_cache slab object still allocated after mcast
processes are stopped and 'fragments dropped after timeout' errors are
shown (BZ#1752536)
1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IPU)
1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS
1724393 - CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state
1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA)
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
kernel-2.6.32-754.24.2.el6.src.rpm
i386:
kernel-2.6.32-754.24.2.el6.i686.rpm
kernel-debug-2.6.32-754.24.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.24.2.el6.i686.rpm
kernel-debug-devel-2.6.32-754.24.2.el6.i686.rpm
kernel-debuginfo-2.6.32-754.24.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.24.2.el6.i686.rpm
kernel-devel-2.6.32-754.24.2.el6.i686.rpm
kernel-headers-2.6.32-754.24.2.el6.i686.rpm
perf-2.6.32-754.24.2.el6.i686.rpm
perf-debuginfo-2.6.32-754.24.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.24.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.24.2.el6.noarch.rpm
kernel-doc-2.6.32-754.24.2.el6.noarch.rpm
kernel-firmware-2.6.32-754.24.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-754.24.2.el6.x86_64.rpm
kernel-debug-2.6.32-754.24.2.el6.x86_64.rpm
kernel-debug-deb ...
Description truncated. Please see the references for more information.
Affected Software/OS:
'kernel' package(s) on CentOS 6.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
