ID

VAR-201909-1526

CVE

CVE-2019-14816

TITLE

Linux kernel Buffer error vulnerability

DESCRIPTION

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2020:1266-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1266 Issue date: 2020-04-01 CVE Names: CVE-2019-14816 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.5) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.5) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.5) - ppc64, ppc64le, x86_64 3. Security Fix(es): * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Slow console output with ast (Aspeed) graphics driver (BZ#1780145) * core: backports from upstream (BZ#1794373) * System Crash on vport creation (NPIV on FCoE) (BZ#1796362) * [GSS] Can't access the mount point due to possible blocking of i/o on rbd (BZ#1796432) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.5): Source: kernel-3.10.0-862.51.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-862.51.1.el7.noarch.rpm kernel-doc-3.10.0-862.51.1.el7.noarch.rpm x86_64: kernel-3.10.0-862.51.1.el7.x86_64.rpm kernel-debug-3.10.0-862.51.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.51.1.el7.x86_64.rpm kernel-devel-3.10.0-862.51.1.el7.x86_64.rpm kernel-headers-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.51.1.el7.x86_64.rpm perf-3.10.0-862.51.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm python-perf-3.10.0-862.51.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.5): x86_64: kernel-debug-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.51.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.5): Source: kernel-3.10.0-862.51.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-862.51.1.el7.noarch.rpm kernel-doc-3.10.0-862.51.1.el7.noarch.rpm ppc64: kernel-3.10.0-862.51.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-862.51.1.el7.ppc64.rpm kernel-debug-3.10.0-862.51.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-862.51.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.51.1.el7.ppc64.rpm kernel-devel-3.10.0-862.51.1.el7.ppc64.rpm kernel-headers-3.10.0-862.51.1.el7.ppc64.rpm kernel-tools-3.10.0-862.51.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-862.51.1.el7.ppc64.rpm perf-3.10.0-862.51.1.el7.ppc64.rpm perf-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm python-perf-3.10.0-862.51.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-862.51.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debug-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.51.1.el7.ppc64le.rpm kernel-devel-3.10.0-862.51.1.el7.ppc64le.rpm kernel-headers-3.10.0-862.51.1.el7.ppc64le.rpm kernel-tools-3.10.0-862.51.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.51.1.el7.ppc64le.rpm perf-3.10.0-862.51.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm python-perf-3.10.0-862.51.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm s390x: kernel-3.10.0-862.51.1.el7.s390x.rpm kernel-debug-3.10.0-862.51.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.51.1.el7.s390x.rpm kernel-debug-devel-3.10.0-862.51.1.el7.s390x.rpm kernel-debuginfo-3.10.0-862.51.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.51.1.el7.s390x.rpm kernel-devel-3.10.0-862.51.1.el7.s390x.rpm kernel-headers-3.10.0-862.51.1.el7.s390x.rpm kernel-kdump-3.10.0-862.51.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.51.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.51.1.el7.s390x.rpm perf-3.10.0-862.51.1.el7.s390x.rpm perf-debuginfo-3.10.0-862.51.1.el7.s390x.rpm python-perf-3.10.0-862.51.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.s390x.rpm x86_64: kernel-3.10.0-862.51.1.el7.x86_64.rpm kernel-debug-3.10.0-862.51.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.51.1.el7.x86_64.rpm kernel-devel-3.10.0-862.51.1.el7.x86_64.rpm kernel-headers-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.51.1.el7.x86_64.rpm perf-3.10.0-862.51.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm python-perf-3.10.0-862.51.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.5): ppc64: kernel-debug-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.51.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-862.51.1.el7.ppc64.rpm perf-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.51.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.51.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.51.1.el7.x86_64.rpm perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.51.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXoRSEtzjgjWX9erEAQhMdQ//VXn5tAbeHpRsQaS1uJocOJYJToU4t5nG ShIirQnSpZIWgFJyXG8w1zTc2mfh9eGKPnzOyF6/VDEI7OQzVl1ghY29CXrfcjtn kcMzjp4o3c9WCz9dxFveMq4reE9Vpw8+ygElu09nV33X/ZILVRCfLOa7b0yC4Jzu 2+sHZ1NaCM3dUbGJGXApmDvYnCpniqQLGZiX8sSE5A6JiEsLVvua1j/6G+u7dc93 8yYzZoh1vE0HGo+I7tFjqN6QpxwgmkjXzNOEaIeZ10GRgp2I3vEKuVdDPmuP1vqw xzaS7XyBbvHZXto+jKbfrjDHA71Gfnelu2Xrj5MTiIWyda40gliKN31/7araDKJR UMp19D4nfjYWmDdmHNJuPae2bzOlDbYk40u2efrJZUPMPYhP34oEuZqCLDqS3scs f95sSONDj1+xr6TektowYAg2OrqB+xglxtDPUfDAttKzIUUvdJmnXbRlHVsvq293 0bScgurRmQYzaVjH/7coAxd6iRWGOk4vubEjm/GhjVW5vDLMhOe3eIVfkPTxWqnR JxtGXEwtKYxVWyA0wwQGMZXahWeVHhB7tkKV8RdGlHe/b5Hls2hf+kavR9GeV4bS qcAB2mf5VQiXkiL4/vC20qKtNoGTfEVng2FHmNNYGFkf4ioisDzRK6IJENKTS/YC G0tP4LNJThc=Pjy6 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.199/*: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.191: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117 Fixed in 4.4.193: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835 Fixed in 4.4.194: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821 Fixed in 4.4.195: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054 Fixed in 4.4.196: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215 Fixed in 4.4.197: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976 Fixed in 4.4.198: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133 Fixed in 4.4.199: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: 0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz ee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz a8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz cd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz 842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz 257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz 96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz 0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz Slackware x86_64 14.2 packages: 6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz dadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz f5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz a5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz 5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.199-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.199 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. ========================================================================= Ubuntu Security Notice USN-4163-2 October 23, 2019 linux-lts-xenial, linux-aws vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: USN-4163-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a race condition existed in the ARC EMAC ethernet driver for the Linux kernel, resulting in a use-after-free vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2016-10906) It was discovered that a race condition existed in the Serial Attached SCSI (SAS) implementation in the Linux kernel when handling certain error conditions. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2017-18232) It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. (CVE-2018-21008) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. (CVE-2019-14814, CVE-2019-14816) Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821) Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117) Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118) It was discovered that the Technisat DVB-S/S2 USB device driver in the Linux kernel contained a buffer overread. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2019-15505) Brad Spengler discovered that a Spectre mitigation was improperly implemented in the ptrace susbsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. (CVE-2019-15902) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: linux-image-4.4.0-1056-aws 4.4.0-1056.60 linux-image-4.4.0-166-generic 4.4.0-166.195~14.04.1 linux-image-4.4.0-166-generic-lpae 4.4.0-166.195~14.04.1 linux-image-4.4.0-166-lowlatency 4.4.0-166.195~14.04.1 linux-image-4.4.0-166-powerpc-e500mc 4.4.0-166.195~14.04.1 linux-image-4.4.0-166-powerpc-smp 4.4.0-166.195~14.04.1 linux-image-4.4.0-166-powerpc64-emb 4.4.0-166.195~14.04.1 linux-image-4.4.0-166-powerpc64-smp 4.4.0-166.195~14.04.1 linux-image-aws 4.4.0.1056.57 linux-image-generic-lpae-lts-xenial 4.4.0.166.145 linux-image-generic-lts-xenial 4.4.0.166.145 linux-image-lowlatency-lts-xenial 4.4.0.166.145 linux-image-powerpc-e500mc-lts-xenial 4.4.0.166.145 linux-image-powerpc-smp-lts-xenial 4.4.0.166.145 linux-image-powerpc64-emb-lts-xenial 4.4.0.166.145 linux-image-powerpc64-smp-lts-xenial 4.4.0.166.145 linux-image-virtual-lts-xenial 4.4.0.166.145 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4163-2 https://usn.ubuntu.com/4163-1 CVE-2016-10906, CVE-2017-18232, CVE-2018-21008, CVE-2019-14814, CVE-2019-14816, CVE-2019-14821, CVE-2019-15117, CVE-2019-15118, CVE-2019-15505, CVE-2019-15902 . 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [Azure][8.1] Include patch "PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it" (BZ#1764635) * block layer: update to v5.3 (BZ#1777766) * backport xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (BZ#1778692) * Backport important bugfixes from upstream post 5.3 (BZ#1778693) * LUN path recovery issue with Emulex LPe32002 HBA in RHEL 8.0 Server during storage side cable pull testing (BZ#1781108) * cifs tasks enter D state and error out with "CIFS VFS: SMB signature verification returned error = -5" (BZ#1781110) * Update CIFS to linux 5.3 (except RDMA and conflicts) (BZ#1781113) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781114) * blk-mq: overwirte performance drops on real MQ device (BZ#1782181) 4. 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.1.z2 source tree (BZ#1780326) 4

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

buffer error

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Ubuntu,Red Hat

SOURCES

LAST UPDATE DATE

2026-03-05T20:50:07.039000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE