Users are urged to update their systems immediately

Aug 22, 2019 13:00 GMT  ·  By

The Red Hat Enterprise Linux 6 and CentOS 6 GNU/Linux operating systems have received an important Linux kernel security update that addresses several critical vulnerabilities and fixes various bugs.

The new Linux kernel security update is marked by the Red Hat Product Security team as having an "Important" security impact due to the fact that it patches several critical flaws, including the Spectre SWAPGS gadget vulnerability (CVE-2019-1125) affecting x86 processors.

Also patched are a security vulnerability (CVE-2019-5489) leading to page cache side-channel attacks, an issue in the Salsa20 encryption algorithm that could allow local attackers to cause a denial of service (CVE-2017-17805), and a flaw (CVE-2018-17972) that let unprivileged users inspect kernel stacks of arbitrary tasks.

Bug fixes

Besides addressing the security vulnerabilities listed above, the new kernel security patch also fixes some bugs reported by the community or discovered by Red Hat's engineers. These include a kernel crash that occurred after running the user space script and a bad pagetable issue in the 32-bit kernel.

Also fixed are an OOPS issue with Null Pointer exception in v4l2_ctrl_query_menu when the second argument of the function is NULL, another hang in the congestion_wait() function, a bug in the fs/binfmt_misc.c file, and wrong Spectre backport, which caused Linux headers to break compilation of third-party packages.

Last but not least, the kernel patch fixes an issue were the use of the retpoline mitigation that protects against the branch target injection exploit was reported on Intel Skylake processors as vulnerable on Red Hat Enterprise Linux 6.10 systems.

The new Linux kernel security update is available for Red Hat Enterprise Linux Server 6, Red Hat Enterprise Linux Workstation 6, Red Hat Enterprise Linux Desktop 6, Red Hat Enterprise Linux 6 for IBM z Systems, Red Hat Enterprise Linux 6 for Power, big endian, Red Hat Enterprise Linux for Scientific Computing 6, and CentOS Linux 6.