ID

VAR-201911-1627

CVE

CVE-2019-0155

TITLE

plural Intel Vulnerability related to privilege management in products

DESCRIPTION

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. plural Intel The product contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A security vulnerability exists in the Intel graphics hardware (GPU) due to the program's inadequate access controls. ========================================================================== Ubuntu Security Notice USN-4184-2 November 13, 2019 linux, linux-hwe, linux-oem-osp1 vulnerability and regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS Summary: Several issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-hwe: Linux hardware enablement (HWE) kernel - linux-oem-osp1: Linux kernel for OEM processors Details: USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791) Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: linux-image-5.0.0-36-generic 5.0.0-36.39 linux-image-5.0.0-36-generic-lpae 5.0.0-36.39 linux-image-5.0.0-36-lowlatency 5.0.0-36.39 linux-image-generic 5.0.0.36.38 linux-image-generic-lpae 5.0.0.36.38 linux-image-lowlatency 5.0.0.36.38 linux-image-virtual 5.0.0.36.38 Ubuntu 18.04 LTS: linux-image-5.0.0-1028-oem-osp1 5.0.0-1028.32 linux-image-5.0.0-36-generic 5.0.0-36.39~18.04.1 linux-image-5.0.0-36-generic-lpae 5.0.0-36.39~18.04.1 linux-image-5.0.0-36-lowlatency 5.0.0-36.39~18.04.1 linux-image-generic-hwe-18.04 5.0.0.36.94 linux-image-generic-lpae-hwe-18.04 5.0.0.36.94 linux-image-lowlatency-hwe-18.04 5.0.0.36.94 linux-image-oem-osp1 5.0.0.1028.32 linux-image-virtual-hwe-18.04 5.0.0.36.94 Please note that mitigating the TSX (CVE-2019-11135) and i915 (CVE-2019-0154) issues requires corresponding microcode and graphics firmware updates respectively. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4184-2 https://usn.ubuntu.com/4184-1 CVE-2019-0155, https://bugs.launchpad.net/bugs/1851709, https://bugs.launchpad.net/bugs/1852141 Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-36.39 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-36.39~18.04.1 https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1028.32 . 7.3) - noarch, x86_64 3. 6) - i386, x86_64 3. CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables (EPT), a guest VM may manipulate the memory management hardware to cause a Machine Check Error (MCE) and denial of service (hang or crash). The guest triggers this error by changing page tables without a TLB flush, so that both 4 KB and 2 MB entries for the same virtual address are loaded into the instruction TLB (iTLB). This update implements a mitigation in KVM that prevents guest VMs from loading 2 MB entries into the iTLB. This will reduce performance of guest VMs. A qemu update adding support for the PSCHANGE_MC_NO feature, which allows to disable iTLB Multihit mitigations in nested hypervisors will be provided via DSA 4566-1. Intel's explanation of the issue can be found at <https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0>. CVE-2019-0154 Intel discovered that on their 8th and 9th generation GPUs, reading certain registers while the GPU is in a low-power state can cause a system hang. The affected chips (gen8 and gen9) are listed at <https://en.wikipedia.org/wiki/List_of_Intel_graphics_processing_units#Gen8>. This update mitigates the issue by adding the security check to the i915 driver. The affected chips (gen9 onward) are listed at <https://en.wikipedia.org/wiki/List_of_Intel_graphics_processing_units#Gen9>. CVE-2019-11135 It was discovered that on Intel CPUs supporting transactional memory (TSX), a transaction that is going to be aborted may continue to execute speculatively, reading sensitive data from internal buffers and leaking it through dependent operations. Intel calls this "TSX Asynchronous Abort" (TAA). For CPUs affected by the previously published Microarchitectural Data Sampling (MDS) issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091), the existing mitigation also mitigates this issue. For processors that are vulnerable to TAA but not MDS, this update disables TSX by default. This mitigation requires updated CPU microcode. An updated intel-microcode package (only available in Debian non-free) will be provided via DSA 4565-1. The updated CPU microcode may also be available as part of a system firmware ("BIOS") update. Intel's explanation of the issue can be found at <https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort>. For the oldstable distribution (stretch), these problems have been fixed in version 4.9.189-3+deb9u2. For the stable distribution (buster), these problems have been fixed in version 4.19.67-2+deb10u2. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl3LBMVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RtSg//aBsENrrs5mbCKYxt6Lm1hVdxdmz+9TbgZkxU+lQ0XEfge4wQUCa8KhJh os4qGuDXh5q/2VkNMa+cUCyHCyxxl3qv4rCsm+MxG1Rd4Hy4JoKt4heJgi5hXW9A qhOQ5+rHb0OeoPM9BCduTi37h+mLS4ItRz30n3+3B2+VC0tj+iV2nOZJmC0WMEiq LrqeDm39pa6DqKBAExdYT/TCyKLsngMHoIGorWVPXdJP1/xmrH2gU0W3L7k5KJPz apeCi4E3H9bjRh8Be5SeT3zDoEaiiNn/sHHkLDeAryFMuwilekxFaYocbW/0CEIH kWRMkC+uq1KfQfBDSxIOsH8yq8n+zQ12XJ0YiiqEKg6ErabWz5rCaVHyPWvdh0Ny mezs99PkQ7mUkjAUVzIfz2Rq6VByOCdfuT/GvPL7rUtIJYRdqYkWBI8t/hVlrnDq yR+X7vQZWm5wb3+Jiz/sA6TqgDvKSgk1+tUfBmqI9sh1wWNKSSYee0b81BLLubs3 IInPlgW2Lp+IsA3CVKKQNTNMWZkuNyPZH2UGpZV45otazcLPrrdNtt52x4gvIJ/W lizVpb2BOpTpoeEXNYlEDCjwcrW9f1FkVztwMgz3J6eb9pHjieFuGO9vOxcP7li3 FNJbGhaUUZa8BfjsQgBwFSwVXRr212zK9yv0UHnLRJo4l0I3xC0=YZWL -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:3872-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3872 Issue date: 2019-11-13 CVE Names: CVE-2019-0155 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. 5. Bugs fixed (https://bugzilla.redhat.com/): 1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm ppc64: bpftool-3.10.0-1062.4.3.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.3.el7.ppc64.rpm kernel-devel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-headers-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.ppc64.rpm perf-3.10.0-1062.4.3.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1062.4.3.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-devel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-headers-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.ppc64le.rpm perf-3.10.0-1062.4.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm s390x: bpftool-3.10.0-1062.4.3.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.4.3.el7.s390x.rpm kernel-devel-3.10.0-1062.4.3.el7.s390x.rpm kernel-headers-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.4.3.el7.s390x.rpm perf-3.10.0-1062.4.3.el7.s390x.rpm perf-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm python-perf-3.10.0-1062.4.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcxRUNzjgjWX9erEAQi5Yg//WF/xcoOzOw9jzwdqE1SsG5n/lwSjyQS2 PFTfDJL21oGdbx0x1Z3j/RlNz5JHYQ6WVf3OQYkjet71edQrVRMy2/uJGtmHUIng dyBqZA6JBUkYxm/OqgxV+F5oH/px01dnIdKLus2Qb7p6CPJegTVz0++6U0MIUlPs d0Q08EqmBvSqznpsOA0DeQkt+Lxp29CqzkTv3f+aFdrRBoUYJkMRS3JPG0NBBo14 ZWMv1ifhikR5SRPDGYyeXaIhn/KrOJDMAkYeMhikV5YEnSdyYqePgVuE51GJjvmz 3X6zgvOWe6+XAH4jy+llCEDwpwLRbbDB6wY1llZzECEdT+Dpr0lg3cFDjVrv3y+6 w812DuXMwX/MbSSK1Vn+KHkpm2z/OM8zQw0fdpXTSd1sbuYjmlqnjlHibhiB9Xl3 sxUJ5cr91KdYAMFAV4n7n3KeAME0H+3dj8ukxEfAe4culu1hrO4SDYXmBx+QhijJ Yt/Io/sNU6Qybni7rc/lmwgRpKA/0ajLeDznnuhrCXcM5twfnRudbOYfQ6YZh2+Y WxiVuuNUN5BJAInozVWGv+B9AxX3MBorEGBVyQlX9nVrlymFPFzsNxr9UEbWpQo5 rFBST2oBfHpCrdbOL2/DRdIpd4IXCfpk0C35cOoyfZvYg2JDY2fhGvsOvUZDSqED B2RjnqNVpjA= =BPLV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

arbitrary

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES