14 DAY TRIAL // Red Hat and CentOS have announced the availability of important kernel security updates for their Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series that address two security vulnerabilities and numerous other bugs.
Marked by Red Hat Product Security as having a security impact of "Important," the new Linux kernel security update is here to patch two vulnerabilities, namely CVE-2019-14821, an out-of-bounds memory access issue via MMIO ring buffer discovered in Linux kernel's KVM hypervisor, and CVE-2019-15239, a flaw that could allow a local attacker to trigger multiple use-after-free conditions, which may lead to a kernel crash or potentially in privilege escalation.
Additionally, the kernel update also addresses several bugs, including missing SCSI VPD information for NVMe drives that breaks InfoScale, NULL pointer dereference at check_preempt_wakeup+0x109, panic in pick_next_task_rt, "Detected Tx Unit Hang" error with adapter reset, broken load balancing over VF LAG configuration, security issues on crypto vmx driver, XFS hangs on acquiring xfs_buf semaphore, single CPU VM hangs during open_posix_testsuite, and many others.
Users are urged to update their systems immediately
The new Linux kernel security update is available for Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux Server - AUS 7.7, Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux for IBM z Systems 7, Red Hat Enterprise Linux for Power, big endian 7, Red Hat Enterprise Linux for Scientific Computing 7, Red Hat Enterprise Linux EUS Compute Node 7.7, and Red Hat Enterprise Linux for Power, little endian 7 operating system series.
Furthermore, it also affects Red Hat Virtualization Host 4, Red Hat Enterprise Linux Server - TUS 7.7, Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7, Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7, and CentOS Linux 7 systems. Users are urged to update their installations as soon as possible to kernel-3.10.0-1062.7.1.el7.x86_64 and reboot their machines after the new kernel version was successfully applied.