ESB-2020.2617 – [RedHat] kernel: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2617
                    kernel security and bug fix update
                               31 July 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
                   Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
Impact/Access:     Increased Privileges            -- Existing Account            
                   Execute Arbitrary Code/Commands -- Console/Physical            
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15780 CVE-2020-12888 CVE-2020-12654
                   CVE-2020-12653 CVE-2020-10757 CVE-2020-10713
                   CVE-2019-20908 CVE-2019-19527 CVE-2019-11487

Reference:         ASB-2020.0136
                   ASB-2020.0135
                   ESB-2020.2593
                   ESB-2020.2503
                   ESB-2020.2500
                   ESB-2020.2499

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:3220
   https://access.redhat.com/errata/RHSA-2020:3224
   https://access.redhat.com/errata/RHSA-2020:3226
   https://access.redhat.com/errata/RHSA-2020:3228
   https://access.redhat.com/errata/RHSA-2020:3230
   https://access.redhat.com/errata/RHSA-2020:3232

Comment: This bulletin contains six (6) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2020:3220-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3220
Issue date:        2020-07-29
CVE Names:         CVE-2019-19527 CVE-2020-10757 CVE-2020-12653 
                   CVE-2020-12654 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: kernel: DAX hugepages not considered during mremap
(CVE-2020-10757)

* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in
drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)

* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function
in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)

* kernel: use-after-free caused by a malicious USB device in the
drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* RHEL7.7 - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot
(BZ#1830889)

* [DELL EMC 7.8 BUG bnxt_en] Error messages related to hwrm observed for
BCM 57504 under dmesg in RHEL 7.8 (BZ#1834190)

* kernel: provide infrastructure to support dual-signing of the kernel
(foundation to help address CVE-2020-10713) (BZ#1837429)

* RHEL7.7 - Request: retrofit kernel commit f82b4b6 to RHEL 7.7/7.8 3.10
kernels. (BZ#1838602)

* kipmi thread high CPU consumption when performing BMC firmware upgrade
(BZ#1841825)

* RHEL7.7 - virtio-blk: fix hw_queue stopped on arbitrary error (kvm)
(BZ#1842994)

* rhel 7 infinite blocked waiting on inode_dio_wait in nfs (BZ#1845520)

* http request is taking more time for endpoint running on different host
via nodeport service (BZ#1847333)

* ext4: change LRU to round-robin in extent status tree shrinker
(BZ#1847343)

* libaio is returning duplicate events (BZ#1850055)

* After upgrade to 3.9.89 pod containers with CPU limits fail to start due
to cgroup error (BZ#1850500)

* Fix dpdk regression introduced by bz1837297 (BZ#1852245)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1783498 - CVE-2019-19527 kernel: use-after-free caused by a malicious USB device 
in the drivers/hid/usbhid/hiddev.c driver
1831868 - CVE-2020-12653 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv 
function in drivers/net/wireless/marvell/mwifiex/scan.c
1832530 - CVE-2020-12654 kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status 
function in drivers/net/wireless/marvell/mwifiex/wmm.c
1842525 - CVE-2020-10757 kernel: kernel: DAX hugepages not considered during mremap

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1127.18.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.18.2.el7.noarch.rpm
kernel-doc-3.10.0-1127.18.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1127.18.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-headers-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.18.2.el7.x86_64.rpm
perf-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1127.18.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.18.2.el7.noarch.rpm
kernel-doc-3.10.0-1127.18.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1127.18.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-headers-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.18.2.el7.x86_64.rpm
perf-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-1127.18.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.18.2.el7.noarch.rpm
kernel-doc-3.10.0-1127.18.2.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1127.18.2.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debug-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-devel-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-headers-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-tools-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1127.18.2.el7.ppc64.rpm
perf-3.10.0-1127.18.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
python-perf-3.10.0-1127.18.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1127.18.2.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debug-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-devel-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-headers-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-tools-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1127.18.2.el7.ppc64le.rpm
perf-3.10.0-1127.18.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
python-perf-3.10.0-1127.18.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1127.18.2.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.s390x.rpm
kernel-3.10.0-1127.18.2.el7.s390x.rpm
kernel-debug-3.10.0-1127.18.2.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.s390x.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.s390x.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1127.18.2.el7.s390x.rpm
kernel-devel-3.10.0-1127.18.2.el7.s390x.rpm
kernel-headers-3.10.0-1127.18.2.el7.s390x.rpm
kernel-kdump-3.10.0-1127.18.2.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1127.18.2.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1127.18.2.el7.s390x.rpm
perf-3.10.0-1127.18.2.el7.s390x.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.s390x.rpm
python-perf-3.10.0-1127.18.2.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1127.18.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-headers-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.18.2.el7.x86_64.rpm
perf-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
bpftool-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1127.18.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1127.18.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-1127.18.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1127.18.2.el7.noarch.rpm
kernel-doc-3.10.0-1127.18.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1127.18.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-devel-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-headers-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.18.2.el7.x86_64.rpm
perf-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.18.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1127.18.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-19527
https://access.redhat.com/security/cve/CVE-2020-10757
https://access.redhat.com/security/cve/CVE-2020-12653
https://access.redhat.com/security/cve/CVE-2020-12654
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/grub2bootloader

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXyG94tzjgjWX9erEAQiijw//eB+2T6RAHbxbGEG2QBtdpY5+czM/J4hb
wY0J1j8hA6bytTytjK9rQqTdA4E2N3ppi7XL2/MkHTHNmKnZuhnhsuqSkF+5M58w
UjyUV0gg9uQ0yuZuqPx8CO50o4u7NK4OVBKbjV3FzC9ic6zvfvtkZex3Mp8qkWj5
HeM8LAxAwugs/h05ZyOiNKWikyAvl3bbQz9K2rm1PIaSz9c+XXS44NafHVwxEcXc
Tf7WgAf8DzFLeChA4GUFBEw3377b37LWa2hFlw0qN1Bx03In7u2OH//KZLrNoEj+
cmHmpknk2NWnIC28/qCyBjP4784obpsjY7wZtZhqDJrTRVwgXHFtecR1DzK9SykK
6cBaVAuKo1KKFJdBg+pteIujyY2hQOR6B1QNX5dj8QXS22ByynVUL4ffAxZvoySP
UXRg0Oye5CsppMxC3otEUxB+CFnbvXftYLAvonAUK2YzXh6wae/t5wnqQNgpXns2
n847GOXr791eg0GBG/v2xs9NLuly1bRrEzBdvrY4I5pvl0QclvtAWg39/UuVINil
fk1qfZZBKtxE7/OW4u7Kctw/GFkxDVFe45mdGeySfK7jF9YeZ1n56fosNyvwV9N3
W/2B9u1b/28GzxGV2hmpxmH3mK8676HlmxOJOtsuG7V6D/fBEXyYliw5Pw9p7nLx
quc/TjMUh4Y=
=Uxvu
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2020:3224-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3224
Issue date:        2020-07-29
CVE Names:         CVE-2020-12653 CVE-2020-12654 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.7
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.7) - ppc64, ppc64le, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in
drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)

* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function
in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel: provide infrastructure to support dual-signing of the kernel
(foundation to help address CVE-2020-10713) (BZ#1837428)

* RHEL7.7 - Request: retrofit kernel commit f82b4b6 to RHEL 7.7/7.8 3.10
kernels. (BZ#1838601)

* Possible race condition updating the cfg structure in
__assign_irq_vector. (BZ#1854553)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1831868 - CVE-2020-12653 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv 
function in drivers/net/wireless/marvell/mwifiex/scan.c
1832530 - CVE-2020-12654 kernel: heap-based buffer overflow in 
mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.7):

Source:
kernel-3.10.0-1062.31.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1062.31.2.el7.noarch.rpm
kernel-doc-3.10.0-1062.31.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1062.31.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-devel-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-headers-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1062.31.2.el7.x86_64.rpm
perf-3.10.0-1062.31.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
python-perf-3.10.0-1062.31.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7):

x86_64:
bpftool-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1062.31.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
kernel-3.10.0-1062.31.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1062.31.2.el7.noarch.rpm
kernel-doc-3.10.0-1062.31.2.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1062.31.2.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debug-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-devel-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-headers-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-tools-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1062.31.2.el7.ppc64.rpm
perf-3.10.0-1062.31.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
python-perf-3.10.0-1062.31.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1062.31.2.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debug-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-devel-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-headers-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-tools-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1062.31.2.el7.ppc64le.rpm
perf-3.10.0-1062.31.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
python-perf-3.10.0-1062.31.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1062.31.2.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1062.31.2.el7.s390x.rpm
kernel-3.10.0-1062.31.2.el7.s390x.rpm
kernel-debug-3.10.0-1062.31.2.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.s390x.rpm
kernel-debug-devel-3.10.0-1062.31.2.el7.s390x.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1062.31.2.el7.s390x.rpm
kernel-devel-3.10.0-1062.31.2.el7.s390x.rpm
kernel-headers-3.10.0-1062.31.2.el7.s390x.rpm
kernel-kdump-3.10.0-1062.31.2.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1062.31.2.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1062.31.2.el7.s390x.rpm
perf-3.10.0-1062.31.2.el7.s390x.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.s390x.rpm
python-perf-3.10.0-1062.31.2.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1062.31.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-devel-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-headers-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1062.31.2.el7.x86_64.rpm
perf-3.10.0-1062.31.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
python-perf-3.10.0-1062.31.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.7):

ppc64:
bpftool-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1062.31.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1062.31.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1062.31.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.31.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-12653
https://access.redhat.com/security/cve/CVE-2020-12654
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/grub2bootloader

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXyHbptzjgjWX9erEAQha+Q/+OnY5fCK/88GVPKAAZXPk1+UHu9QdvAqN
YhoMrdV6/vNTBsq+6fOz8GaX4mnUnVRS5gb/WkzXVM7h1XkC5sa+FJobFYHZ7L+g
mcnlCO1+4/KT2seNR8A/jOVEMxDwbccvKprPUE6LLpqTRzcwJce5+8e31UBLiSR9
nH0alA6UxqSVzuDcFq+pNe7densCvbrmWBm/WGlsqv/ttAPUOrwQIxTiCJXBV/V2
WOZtpWMXknplUnZllKtYCPqVmoM4U/WMiAJDWf3ckHN7YHBrm/dnsfkb2C1y2BsO
+KHnQEx4cPLBS6X+EHb8bO4KKbmeo3qPUVJls2XeVbpt5X/5ta7oyaxKfbY9mEa0
WZDuL48/0umtsotw762FXPqDUgI0k5jNzj8ISn+U5on5VH5sNQmlqTo0sujYCgSw
Ro2VCq1vmAWByHu2nz80f7JRnnk1RWmoOE097llukn4U5Mue3jRu1uZxixBbmoVz
Cxfjc3C6vRpFHKFHTsJyTysU+Up1Z/7kiH4HGzJvXJPydaKknsmNsKsTl61gF8T5
jDbrS2MWOW+P2IslVkt/aNHgBFGA3UEEg7NkQo91artJ155k1JxfOaPrAup/mfs1
zFa9yd4NjXbQntZmNQu6t0sXlprACCW5X/5aO6KDeamu0/LrJaemNdZA0+RrfgIQ
MGtCaod82GI=
=HDwM
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2020:3226-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3226
Issue date:        2020-07-29
CVE Names:         CVE-2020-10757 CVE-2020-12653 CVE-2020-12654 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.6
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: kernel: DAX hugepages not considered during mremap
(CVE-2020-10757)

* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in
drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)

* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function
in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel: provide infrastructure to support dual-signing of the kernel
(foundation to help address CVE-2020-10713) (BZ#1837427)

* Fix dpdk regression introduced by bz1837297 (BZ#1852775)

* Possible race condition updating the cfg structure in
__assign_irq_vector. (BZ#1854552)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1831868 - CVE-2020-12653 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv 
function in drivers/net/wireless/marvell/mwifiex/scan.c
1832530 - CVE-2020-12654 kernel: heap-based buffer overflow in
 mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c
1842525 - CVE-2020-10757 kernel: kernel: DAX hugepages not considered during mremap

6. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.6):

Source:
kernel-3.10.0-957.58.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-957.58.2.el7.noarch.rpm
kernel-doc-3.10.0-957.58.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-957.58.2.el7.x86_64.rpm
kernel-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debug-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.58.2.el7.x86_64.rpm
kernel-devel-3.10.0-957.58.2.el7.x86_64.rpm
kernel-headers-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.58.2.el7.x86_64.rpm
perf-3.10.0-957.58.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
python-perf-3.10.0-957.58.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):

x86_64:
kernel-debug-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.58.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.6):

Source:
kernel-3.10.0-957.58.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-957.58.2.el7.noarch.rpm
kernel-doc-3.10.0-957.58.2.el7.noarch.rpm

ppc64:
kernel-3.10.0-957.58.2.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debug-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debug-devel-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-957.58.2.el7.ppc64.rpm
kernel-devel-3.10.0-957.58.2.el7.ppc64.rpm
kernel-headers-3.10.0-957.58.2.el7.ppc64.rpm
kernel-tools-3.10.0-957.58.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
kernel-tools-libs-3.10.0-957.58.2.el7.ppc64.rpm
perf-3.10.0-957.58.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
python-perf-3.10.0-957.58.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm

ppc64le:
kernel-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debug-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-devel-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-headers-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-tools-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-957.58.2.el7.ppc64le.rpm
perf-3.10.0-957.58.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
python-perf-3.10.0-957.58.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm

s390x:
kernel-3.10.0-957.58.2.el7.s390x.rpm
kernel-debug-3.10.0-957.58.2.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-957.58.2.el7.s390x.rpm
kernel-debug-devel-3.10.0-957.58.2.el7.s390x.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-957.58.2.el7.s390x.rpm
kernel-devel-3.10.0-957.58.2.el7.s390x.rpm
kernel-headers-3.10.0-957.58.2.el7.s390x.rpm
kernel-kdump-3.10.0-957.58.2.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-957.58.2.el7.s390x.rpm
kernel-kdump-devel-3.10.0-957.58.2.el7.s390x.rpm
perf-3.10.0-957.58.2.el7.s390x.rpm
perf-debuginfo-3.10.0-957.58.2.el7.s390x.rpm
python-perf-3.10.0-957.58.2.el7.s390x.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.s390x.rpm

x86_64:
bpftool-3.10.0-957.58.2.el7.x86_64.rpm
kernel-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debug-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.58.2.el7.x86_64.rpm
kernel-devel-3.10.0-957.58.2.el7.x86_64.rpm
kernel-headers-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.58.2.el7.x86_64.rpm
perf-3.10.0-957.58.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
python-perf-3.10.0-957.58.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.6):

ppc64:
kernel-debug-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-957.58.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-957.58.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.ppc64.rpm

ppc64le:
kernel-debug-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-957.58.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.ppc64le.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.58.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.58.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-10757
https://access.redhat.com/security/cve/CVE-2020-12653
https://access.redhat.com/security/cve/CVE-2020-12654
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/grub2bootloader

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXyHgktzjgjWX9erEAQigzg//QS/ziW+Ap+aZTSvrYiT2cfxQeqfd9oa/
3mnzKNlIPf5Sm1ZdW18dUmrdW+E0CLCNKdgqmpvlfhlFZBwxf5cGkYEaIssEOVSO
eW4mIZydtKcfuIG8edDGuaKTWe48ypRC1yN5eSwx7mE2V4FoPdAkxrplG6PP65jU
eO6+pR/5luvWQPkfc5WoqMJT0EGGO0NuhBuju45daCrrrYVGioB0LeyzOdIIBits
+fSkOggTOG3Kc0+dh0b5N5yMzjAwXIts+n8FV3V8GsivDRCEnuEYuKubuyiNPlz1
DEjSizP0Hbp39BNaQ19yjtW69oVHV4vHX4LrmTXiC92TZbCEWQRESCDs48xIIQDS
xq+81y7raoJUYmXLdLTdogcAnphIZFocVc/8SfeX1bKVmXAGDzaYVwSSiTcL9X4C
u3j8bfxV4zdTd9+FcLDLbxDsrqtNi8VqxRi7/3m/HRpzxoyUyEVnJAmQBxITbTww
zdDRLGF7rTNpT3COqYgGV8fXvCAnRdEn6UMzZUyqKifHyQPCZ76zi+UsZU2xMok4
2AnyaUQvyKBDpJOEBDHcISvHkFVJ2uPPbNy3ewud4+qW/HcO9F7XNnIXlRIeeQh/
saHYY6/EVqUEjFjj4OF+PNebDSfLKC9xATEZBIPln+ozai7JZqG5CSwNVkypqKJ5
UGzY4V8TK/Y=
=TSwi
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- ----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security and bug fix update
Advisory ID:       RHSA-2020:3228-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3228
Issue date:        2020-07-29
CVE Names:         CVE-2019-20908 CVE-2020-15780 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.0
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: lockdown: bypass through ACPI write via efivar_ssdt
(CVE-2019-20908)

* kernel: lockdown: bypass through ACPI write via acpi_configfs
(CVE-2020-15780)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel: provide infrastructure to support dual-signing of the kernel
(foundation to help address CVE-2020-10713) (BZ#1837431)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1852942 - CVE-2019-20908 kernel: lockdown: bypass through ACPI write via efivar_ssdt
1852962 - CVE-2020-15780 kernel: lockdown: bypass through ACPI write via acpi_configfs

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.0):

Source:
kernel-4.18.0-80.27.2.el8_0.src.rpm

aarch64:
bpftool-4.18.0-80.27.2.el8_0.aarch64.rpm
bpftool-debuginfo-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-core-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-cross-headers-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debug-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debug-core-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debug-debuginfo-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debug-devel-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debug-modules-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debug-modules-extra-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debuginfo-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-devel-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-headers-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-modules-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-modules-extra-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-tools-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-tools-debuginfo-4.18.0-80.27.2.el8_0.aarch64.rpm
kernel-tools-libs-4.18.0-80.27.2.el8_0.aarch64.rpm
perf-4.18.0-80.27.2.el8_0.aarch64.rpm
perf-debuginfo-4.18.0-80.27.2.el8_0.aarch64.rpm
python3-perf-4.18.0-80.27.2.el8_0.aarch64.rpm
python3-perf-debuginfo-4.18.0-80.27.2.el8_0.aarch64.rpm

noarch:
kernel-abi-whitelists-4.18.0-80.27.2.el8_0.noarch.rpm
kernel-doc-4.18.0-80.27.2.el8_0.noarch.rpm

ppc64le:
bpftool-4.18.0-80.27.2.el8_0.ppc64le.rpm
bpftool-debuginfo-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-core-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-cross-headers-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debug-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debug-core-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debug-devel-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debug-modules-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debuginfo-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-devel-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-headers-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-modules-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-modules-extra-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-tools-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-80.27.2.el8_0.ppc64le.rpm
kernel-tools-libs-4.18.0-80.27.2.el8_0.ppc64le.rpm
perf-4.18.0-80.27.2.el8_0.ppc64le.rpm
perf-debuginfo-4.18.0-80.27.2.el8_0.ppc64le.rpm
python3-perf-4.18.0-80.27.2.el8_0.ppc64le.rpm
python3-perf-debuginfo-4.18.0-80.27.2.el8_0.ppc64le.rpm

s390x:
bpftool-4.18.0-80.27.2.el8_0.s390x.rpm
bpftool-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-core-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-cross-headers-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debug-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debug-core-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debug-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debug-devel-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debug-modules-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debug-modules-extra-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-devel-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-headers-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-modules-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-modules-extra-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-tools-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-tools-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-zfcpdump-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-zfcpdump-core-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-zfcpdump-devel-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-zfcpdump-modules-4.18.0-80.27.2.el8_0.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-80.27.2.el8_0.s390x.rpm
perf-4.18.0-80.27.2.el8_0.s390x.rpm
perf-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm
python3-perf-4.18.0-80.27.2.el8_0.s390x.rpm
python3-perf-debuginfo-4.18.0-80.27.2.el8_0.s390x.rpm

x86_64:
bpftool-4.18.0-80.27.2.el8_0.x86_64.rpm
bpftool-debuginfo-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-core-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-cross-headers-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debug-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debug-core-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debug-debuginfo-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debug-devel-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debug-modules-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debug-modules-extra-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debuginfo-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-devel-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-headers-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-modules-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-modules-extra-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-tools-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-tools-debuginfo-4.18.0-80.27.2.el8_0.x86_64.rpm
kernel-tools-libs-4.18.0-80.27.2.el8_0.x86_64.rpm
perf-4.18.0-80.27.2.el8_0.x86_64.rpm
perf-debuginfo-4.18.0-80.27.2.el8_0.x86_64.rpm
python3-perf-4.18.0-80.27.2.el8_0.x86_64.rpm
python3-perf-debuginfo-4.18.0-80.27.2.el8_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-20908
https://access.redhat.com/security/cve/CVE-2020-15780
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/security/vulnerabilities/grub2bootloader

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXyHZitzjgjWX9erEAQjaQQ//QNVwsYkZBClZ8b+nKILTnGTpX8HVNaYN
HqnkWVoDMesggS9PrJr/jyrZCkmZA80mkxNRs0QxpM5El3pUW08YfVJ49itSYZxU
s4qWCtfrJYDUCL8hpVy5RlhJ1tdyOpz4lp/tgTI9DWqITsVNJSK4jog8KFa/MiDP
LsVqHjqqWRRMLsfXeJAWgfLAuWE5inz9RtnR/+X3uUxWBpdM74b/qvj3aLOiqZ6C
MG/440RgOLoqN3To2P4f6AbtO84FFVDEIqQnRfReX1mFUExRauEpS/QHvAPkUYG6
2wQd5r3LHaOHXVeRIL+SBsa7m81ddJobMRrzmhOBKvVMUVBPrV3UdFFEArvgiuM/
5k7+MJwQbB2kOUJHtTl0/X7RyNvL8iY3AcT51n7+drVykTwCRYk9fwgdD8rZrb7g
jizsPNukN7Ie8qYxGkIHzUd6bnM88lZVTmMvHVGylgR3vLQizPBjO/zQkijfAu46
L73FDmtunl61DWvxTLklnCzSp7L9V6CqADOM+jg2uIfR8dkyuSjaJN4bOligrlRt
y1KFkIBkL06KUBeKTmAr+LA5PujyfYzhjspje28eFLo1HH5GyLaischhyNiRwsxJ
WFSor8HwTaKsObmzZ1l2Vt72fWI0dz4Qg9211Z8W8JkQ04grJzeVC7046gQ5H9kS
zwRw+QGhukQ=
=kiaY
- -----END PGP SIGNATURE-----


- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2020:3230-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3230
Issue date:        2020-07-29
CVE Names:         CVE-2019-11487 CVE-2020-12888 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.4
Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update
Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP
Solutions.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64
Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: Count overflow in FUSE request leading to use-after-free issues.
(CVE-2019-11487)

* Kernel: vfio: access to disabled MMIO space of some devices may lead to
DoS scenario (CVE-2020-12888)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel: provide infrastructure to support dual-signing of the kernel
(foundation to help address CVE-2020-10713) (BZ#1837426)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1703063 - CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free
 issues.
1836244 - CVE-2020-12888 Kernel: vfio: access to disabled MMIO space of some devices
 may lead to DoS scenario

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.4):

Source:
kernel-3.10.0-693.71.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm
kernel-devel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-headers-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.71.2.el7.x86_64.rpm
perf-3.10.0-693.71.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server E4S (v. 7.4):

Source:
kernel-3.10.0-693.71.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm

ppc64le:
kernel-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debug-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-devel-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-headers-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-tools-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-693.71.2.el7.ppc64le.rpm
perf-3.10.0-693.71.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
python-perf-3.10.0-693.71.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm

x86_64:
kernel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm
kernel-devel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-headers-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.71.2.el7.x86_64.rpm
perf-3.10.0-693.71.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server TUS (v. 7.4):

Source:
kernel-3.10.0-693.71.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.71.2.el7.noarch.rpm
kernel-doc-3.10.0-693.71.2.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm
kernel-devel-3.10.0-693.71.2.el7.x86_64.rpm
kernel-headers-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.71.2.el7.x86_64.rpm
perf-3.10.0-693.71.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 7.4):

x86_64:
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.71.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional E4S (v. 7.4):

ppc64le:
kernel-debug-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-693.71.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.ppc64le.rpm

x86_64:
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.71.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional TUS (v. 7.4):

x86_64:
kernel-debug-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.71.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.71.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-11487
https://access.redhat.com/security/cve/CVE-2020-12888
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/grub2bootloader

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXyHtO9zjgjWX9erEAQiF7g/+PQ2n8eVVNvAzmCpGa+eQP/HtYQ9biewa
KhaIWieRV8jRdYIZZxydZuZebIii473B68/1qkzT1LawDUSyCRUCoMj1N7KOY/X9
yjo8+tKK+SrKx2hzsra2pUyhy5YX6O2znmkERaS83cdPgmnIthxA4mQG6LuwUYDt
94IKfrW+ojFV3kSzyKh/7lZx44roYlv+HIOnvNqjmv4O3ITuPxSRSV86vGVIG2za
QwxQQJEApqDEUJt8y3h7PuCXCfGocjCXbe4UVXSSMnxAXntwDMifSl19+fQYenzo
VdngNuPvmog8rVQcAkYqSC/ZqxDP8uyBmSpLBAclbfiv7nYpNuMIdKTGByI12n6z
RP2cmtbz+tXjmZmlY4rPvC5xicdMj95VeYVK9Yrz3MJQPx6Er3f1VZtBvJ2zonEj
z4IN0WIFxqN2aZRtG7wIKrR+JT4T9SB4YMRFsLY5Wu/kw0h36omiQ1AqEQmFOJbs
KBtLlL3YLBf4NeppIdlAVvW1Qlz+PgApm21yhWr6vnj7pMgqRxLJBfCDPk+dzkpp
gsFa4jNM3VVlka7HnThAjyIefZrwt3WyKke6dpbwbrnkwXY3bm7JlVqLSPyJyuym
q7/bhc5TfKJOfnrREqHBrzIyJhSVVrRcsjz4VPOKSe+wfgLEN2jx6oUJx3xoXpFQ
GN0XIvti1yM=
=dZgD
- -----END PGP SIGNATURE-----


- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2020:3232-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:3232
Issue date:        2020-07-29
CVE Names:         CVE-2020-12653 CVE-2020-12654 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.2
Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in
drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653)

* kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function
in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel: provide infrastructure to support dual-signing of the kernel
(foundation to help address CVE-2020-10713) (BZ#1837424)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1831868 - CVE-2020-12653 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function
 in drivers/net/wireless/marvell/mwifiex/scan.c
1832530 - CVE-2020-12654 kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status 
function in drivers/net/wireless/marvell/mwifiex/wmm.c

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.2):

Source:
kernel-3.10.0-327.90.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-327.90.2.el7.noarch.rpm
kernel-doc-3.10.0-327.90.2.el7.noarch.rpm

x86_64:
kernel-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debug-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.90.2.el7.x86_64.rpm
kernel-devel-3.10.0-327.90.2.el7.x86_64.rpm
kernel-headers-3.10.0-327.90.2.el7.x86_64.rpm
kernel-tools-3.10.0-327.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-327.90.2.el7.x86_64.rpm
perf-3.10.0-327.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
python-perf-3.10.0-327.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 7.2):

x86_64:
kernel-debug-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-327.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.90.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-12653
https://access.redhat.com/security/cve/CVE-2020-12654
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/grub2bootloader

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXyHsDdzjgjWX9erEAQgN5Q/9EsrWbwAoYiPAhMe0KKEr3hz2HmRPwoyH
FKmCsTcLSRsIS8OkdIs17+/KRC+JXbAI++blDnauk8sgsvXhT2PgthpQGzSjMQHt
ADr3YQSSEphKWFrOBPMPgHaPY0G5nggKhCYp5caE60x9rNdaINVGTgWLDaUnC3v7
AeB7B8GCcUrcKjrT3SZDv3AG/RvF0bBdQV66v06bvgxgyvbIR4vSvsq3rwt8teRq
pNLcOsa6pBOXcqhI18+wciio9SYb6YVnt7XbyIXkvvbho4I1TzvgMRcTo8HC883W
PrYG9fAsVnl5zcs51EI12FO6OhcluA2YPAv8XEHTETscDAMNF4MlGFqJf91VValy
vR3JXuB1fOfKisbdTk620h3V5B8G5z6XyAyDI+NQeN8GuR7EmvPyUHgIf8vPVYll
ceSXHjiDgWQ6ZmCUN4JAlBATyFQXb4ownCHONgzJcVM5z5anNL4dJVO8VQuGQmpf
inM42aIBLfe2J3slpFWu7rsdZmS7V4AkBfpqEhrGOsnVo6gf6r1LhlcGYrPWlEJU
8EnZy+iCAk5yc3Xubc9mPNu+HprIfJmrpfrQPuuRgD8Z15Ad9J0My0Qabu96OraA
MF0xBbDrMAR9diIH6qsY/Nbzik5IN3sqFDAkJW2ZCh4c7MUx8Bg5APfWw8LeJzeP
ba9nbL8mdhI=
=PnY4
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXyOc2+NLKJtyKPYoAQgkkRAAqb8QlUYW6ZxCqgW+B4IcUE1Ezxzi6Qpl
DwMH/IPd2E+SK1+4gciudzczctRl0UaRp+6NhBlWM3w4fTlJkoBTEEiNMYhyYqS9
voAiTFLFADKXEMgWepA0DpayzCp7x6GBHDVsNtYl+kswP+t7NA0tlhoBa1LWRhEW
ZPC8ulJhJREWUyFFS2jXpnwLZVqsqGGxHQO/3p9oy1Tj+fpTPckxbcvkf/PY+fi5
y+EgN+CxhJVsmr+pgFOM3sM/yjWuI3oaHhpbrvdrAVu9H3cnKZT6kLo9+pqM3lLQ
keE65Z6dKip5v2dbsxyIzOTI/Eh4J/GQOqOZnHMnGzjDjMhM2mysPRRuGyMjL9nE
U3/iI7khHtB986vr9ydKMJRlkP+VcTktcWhut0yNOQDHwwfAcAjv6SgVHBE5L3nZ
KHkcUU/GSFMn+D+BEfuE+DKrRGAap1wDulENPN7SfuZiFgdxVO1quNRlhbkovFT3
wOzRFhWW4KYdRwwQdh67E/pgIH8nT5Ul5WUwIt/o1TQieSuYqfQbvn+CI+0oLXDM
H3dvFNE8grHuyhQZV5YfmnmE6lG+nb0fn5puJHuNZ5+KCRYI8YZ4ybI8OCfpyonO
2gKhT3+yFpm+OwEO39njmQVaYHe0PA61y0MuaDPsmmo47h4mQAXFxX81lVSCtikX
i1EfaScaIVg=
=vzL2
-----END PGP SIGNATURE-----

Read More

https://www.malwaredevil.com/2020/07/31/esb-2020-2617-redhat-kernel-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2617-redhat-kernel-multiple-vulnerabilities

Network Security News Summary for Friday July 31 2020

A brief daily summary of what is important in cybersecurity. The podcast is published every weekday and designed to get you ready for the day with a brief, usually about 5 minutes long, summary of current network security-related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

https://www.malwaredevil.com/2020/07/31/network-security-news-summary-for-friday-july-31-2020/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-friday-july-31-2020

Beyond good ol’ Run key, Part 125

Been awhile since I posted in this series, so here comes a new trick.

It is not your typical executable for sure, change.exe that is. When I looked at it for the first time I was perplexed — within first few lines of code it literally executes other executables. Must be something good I thought, and good it was indeed.

When launched, change.exe does something very strange – it enumerates Registry entries under this location:

• HKLMSystemCurrentControlSetControlTerminal ServerUtilitieschange

These entries are … interesting, because they look like some stringified flags followed by executable names. Possible abuse opportunity?

When you run ‘change /?’ you get the following help information:

CHANGE { LOGON | PORT | USER }

Do you see the pattern? — no? look at these Registry entries again.

In my first attempt I added ‘foo|0 1 NOTEPAD notepad.exe’:

I then ran ‘change notepad’ and … notepad executed.

Now, if you paid attention there are other registry keys listed on the first screenshot:

change -> change.exe 
query -> query.exe 
reset -> reset.exe

They all follow the same pattern and fetch command list from Registry!

So you can either add a new entry, or modify an existing one. Access rights are in place and the key is owned by TrustedInstaller, but… well… once on the box, always on the box.

Last, but not least – it’s a persistence mechanism and a LOLBIN in one.

Read More

https://www.malwaredevil.com/2020/07/30/beyond-good-ol-run-key-part-125/?utm_source=rss&utm_medium=rss&utm_campaign=beyond-good-ol-run-key-part-125

Browsers to Enforce Shorter Certificate Life Spans: What Businesses Should Know

Apple, Google, and Mozilla will shorten the life span for TLS certificates in a move poised to aid security but cause operational troubles.

On Sept. 1, browsers and devices from Apple, Google, and Mozilla will show errors for new TLS certificates with a life span longer than 398 days. The move, while beneficial for security, pushes back against certificate authorities (CAs) and may prove an operational headache for businesses.

The life span of SSL/TLS certificates has dramatically shrunk in the past 10 years. Just over a decade ago, domain registrars sold TLS certificates valid for eight to 10 years. The Certification Authority Browser Forum (CA/Browser Forum), a group of CAs, imposed a five-year limit in 2011. This was cut to three years in 2015 and to two years in 2018.

Historically, these changes were made in collaboration between browser makers and CAs, with the two parties debating rules and changes before voting on and implementing them – until a ballot proposing one-year validity was voted down by CAs at a CA/Browser Forum meeting. Following this, Apple broke standard processes and individually chose to enforce 398-day limits in Safari.

Apple made its decision public in February and confirmed this change will only affect TLS server certificates issued from Root CAs on or after Sept. 1. Certificates issued before then won’t be affected; neither will those from user-added or administrator-added Root CAs. Mozilla and Google have voiced plans to implement a similar rule in their browsers starting on Sept. 1.

The change will have consequences: Apple says connections to TLS servers violating its new requirements will fail, which may cause network and applications to fail and prevent websites from loading. Google warns certificates older than 398 days will be rejected with an error and treated as misissued. Apple recommends new certificates be issued with a 397-day validity.

Browser makers have long argued that shorter TLS life spans are better for browser security because they reduce the time frame in which attackers could compromise or duplicate a certificate, which is critical to protecting traffic to and from websites. A successful attack would give someone “the keys to the kingdom,” says Lamont Orange, CISO at Netskope. As attackers look to move higher up the food chain, he says, this is precisely what they want.

“This is better than username and password in a lot of ways,” says Orange, of this level of compromise. Credentials may grant access to a system that could enable lateral movement across the environment. Access to a certificate could let an attacker do far more nefarious activities: control Web properties, access desktops and laptops, or encrypt communications.

“As a bad actor, I open up avenues that I can use for monetary gain, or to disrupt the system and be a nuisance, or just cause general frustration within different companies around the security of their infrastructure and Web properties,” he explains.

Shortening the life span of TLS certificates will require businesses to frequently rotate them so by the time an attacker figures out how to copy one, it’s no longer valid. The change will shrink the attack surface and cut down on dwell time, protecting organizations from compromise.

In theory, it sounds like a benefit. In practice, it’s likely companies will struggle to keep up with the challenges of renewing certificates and changing private keys used to authenticate them.

Rotating TLS Certificates: Easier Said Than Done
The move to shorter life spans will come at an operational cost.

“In general, shortening lifetimes is actually good for the ecosystem – it’s not really something customers think about,” says Dean Coclin, senior director of business development at DigiCert and former chair of the CA/Browser Forum. Now, he says, they’ll have to worry about it more often.

These renewals can be done with automated tools; however, many businesses continue to do this manually, and larger firms may be responsible for renewing thousands of certificates. For administrators, it’s an operational headache. If they fail to keep up, visitors to their website on certain browsers will see a warning the site isn’t secure, which to many is a big red flag.

“When you look at the operational aspects of it, it can get pretty hairy,” says Orange. “As a practitioner that has to deal with this … there has to be a lot of planning that goes into how you migrate these certificates on an annual basis, roughly, and then understanding the applications taxonomy, or the website’s taxonomy, to understand what potentially could break.”

There wasn’t much of a guideline on how to use certificates when they became popular, he adds, so many organizations and practitioners used a “wildcard certificate,” or a public key certificate at the root of the certificate hierarchy that can be used with multiple subdomains. This made it easier to secure more assets but increased the risk if one was compromised.

Now it comes back to principles of architecture: Businesses must decide whether they need to rearchitect their use of certificates so it’s not as challenging. Service providers want to make sure they’re simplifying where possible, so they don’t inadvertently cause system unavailability.

The concerns extend beyond websites to Web applications, which may need to be refactored following this change, Orange continues. As TLS versions change, some applications may not be able to communicate on newer versions. Companies that rely on Web-based applications may notice a lack of functionality or run into more errors if their certificates aren’t updated in time.

“Some website owners find the process of securing their site to be difficult,” says Robin Wilton, director of Internet Trust for the Internet Society. “Certificate installation is still not easy, and it’s hard to carry out a complex process that only needs to be done every two to three years.”

Next page: How your organization can prepare
Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial … View Full BioRecommended Reading:

1 of 2

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

Enterprise Database Strategies for 2020

More Webcasts

White Papers

Container Security Best Practices: A How-To Guide

A Guide to the Iranian Threat Landscape

More White Papers

Reports

The Threat from the Internet–and What Your Organization Can Do About It

The AI and Human Element Security Sentiment Study

More Reports

https://www.malwaredevil.com/2020/07/30/browsers-to-enforce-shorter-certificate-life-spans-what-businesses-should-know/?utm_source=rss&utm_medium=rss&utm_campaign=browsers-to-enforce-shorter-certificate-life-spans-what-businesses-should-know

Dark Web Travel Fraudsters Left Hurting From Lockdowns

Shadow travel businesses that depend on loyalty program fraud have been impacted just like the legitimate travel orgs they prey on.

Though the slowdown in global travel hasn’t altogether deterred hackers from trying to make a buck off of fraudulent offers and discount schemes that steal from travel loyalty programs, new research out today shows many Dark Web travel agencies are feeling the pain of lockdowns just like the travel industry organizations they target.

Criminal enterprises that hack the travel industry to sell fraudulent redemption of discounts, rebates, and stolen loyalty points have been evolving for several years now. Back in 2017, Trend Micro researchers published research that showed the broad scope of scamming and thievery that was starting to coalesce in underground markets into a comprehensive bazaar of shadow travel offerings.

“Fraudulent online transactions involving travel documents, airline and hotel loyalty accounts, and other travel-related services have become valued commodities the past several years,” Trend researchers wrote then. “The Dark Web, underground forums, Telegram channels, and even social network postings advertise these services with the intention of providing cheap price tags for those who do not have a problem breaking the law.”

Since then, sophisticated discount travel agencies have continued to sprout up on the Dark Web, using various means of fraud to supply them with “product” — from stealing employee and corporate discount codes to using account takeover (ATO) attacks to control frequent flyer or hotel loyalty accounts containing many accrued miles or points. According to experts at Forter, last year fraud attacks against loyalty programs increased by 89% — likely driven, at least in part, by shadow travel industry activity.

In February, before the impacts of COVID-19 went fully global, researchers at Digital Shadows’ Photon Research Team related observations of a still-thriving Dark Web travel agency marketplace. They explained many of these attackers succeeded by booking last-minute flights to fly under the fraud detection radar and exploited weaknesses in third-party booking services to schedule trips without detection.

Authorities have been working on this problem. For example, in November 2019 an international effort coordinated by Europol, Interpol, Ameripol, and the National Cyber-Forensics & Training Alliance arrested 79 people suspected of fraudulent ticket purchases traveling across numerous worldwide airports. But like any lucrative cybercriminal endeavor, Dark Web agencies have proved to be a hydra with too many heads to count.

However, every monster has its weakness, and it appears the global pandemic is one of them for shadow travel fraud. Today Photon researchers did an update of their work from February and found Dark Web travel agencies are feeling the pain experienced across the legitimate travel industry. For example, they explained one instance of a fraudster complaining on an online service of work drying up as evidence that many of these agencies have fallen quiet during lockdowns.

“It seems that the shadow travel scene more broadly has demonstrably felt the impact of the COVID-19-prompted downturn,” Digital Shadows researchers wrote. “In general, there appear to be far fewer advertisements for such services this time around: For example, there were three times the number of travel-related search results returned on Verified (Dark Web) forum in February 2020 compared to May 2020.”

The question remains how long this lull will last. Photon researchers say they’ll be keeping tabs on shadow travel activity as travel restrictions start to ease around the world.

“As travel bans are gradually being lifted and ‘air bridges’ introduced, especially across Europe, it will be interesting to see how quickly other travel vendors react and resume their advertisements for fraudulent airline tickets, hotel rooms, and the like,” they wrote. “Just as interesting will be seeing how many of the previously well-established travel vendors will have been able to weather the storm, and how fast their trade will pick up again.”

Related Content:

Register now for this year’s fully virtual Black Hat USA, scheduled to take place August 1-6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full BioRecommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

DevOps: Innovating with Speed, Security, and Quality

More Webcasts

White Papers

Container Security Best Practices: A How-To Guide

A Guide to the Iranian Threat Landscape

More White Papers

Reports

The Threat from the Internet–and What Your Organization Can Do About It

Special Report: Computing’s New Normal, a Dark Reading Perspective

More Reports

https://www.malwaredevil.com/2020/07/30/dark-web-travel-fraudsters-left-hurting-from-lockdowns/?utm_source=rss&utm_medium=rss&utm_campaign=dark-web-travel-fraudsters-left-hurting-from-lockdowns

Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts.
Read More

https://www.malwaredevil.com/2020/07/30/zoom-flaw-could-have-allowed-hackers-to-crack-meeting-passcodes/?utm_source=rss&utm_medium=rss&utm_campaign=zoom-flaw-could-have-allowed-hackers-to-crack-meeting-passcodes

Mimecast Buys MessageControl

Subscribe to Newsletters

Expert led sessions and real networking – Join us at Data Center World 2020: A Virtual Experience
Collaborate With IT Industry Leaders at Interop Digital, Oct. 5-8
Get Expert Led Sessions and Real Networking Free Online

More Informa Tech Live Events

White Papers

Container Security Best Practices: A How-To Guide

CyberSecurity Trends 2020

A Guide to the Iranian Threat Landscape

Online Traffic & Cyber Attacks During COVID-19

Step Into the New Era of Digital Decisioning Platforms

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Confident in the size of his perimiter defense, he never saw the beach ball heading for the back of his head.

Cartoon Archive

Current Issue

Special Report: Computing’s New Normal, a Dark Reading PerspectiveThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.

Back Issues | Must Reads

Flash Poll

All Polls

The Threat from the Internet–and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

How Enterprises Are Using IT Threat Intelligence

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-16166
PUBLISHED: 2020-07-30
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
CVE-2020-16165
PUBLISHED: 2020-07-30
The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Injection in an ORDER BY clause. This is related to the /api/blade-log/api/list ascs and desc parameters.
CVE-2020-7205
PUBLISHED: 2020-07-30
A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. **Note:** This vulnerability is related to using insmo…

CVE-2020-15129
PUBLISHED: 2020-07-30
In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik’s handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard component doesn’t validate that the value of the header "X-Forwarded-Prefix" is a site…

CVE-2020-16162
PUBLISHED: 2020-07-30
** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked c…

https://www.malwaredevil.com/2020/07/30/mimecast-buys-messagecontrol/?utm_source=rss&utm_medium=rss&utm_campaign=mimecast-buys-messagecontrol