14 DAY TRIAL // Red Hat and CentOS have released new Linux kernel security updates for their Red Hat Enterprise Linux 7 and CentOS Linux 7 operating systems, addressing several vulnerabilities and issues.
Marked as important by Red Hat Product Security, the new Linux kernel security patch is here to fix a use-after-free flaw (CVE-2018-20856) discovered in the __blk_drain_queue() function in block/blk-core.c, as well as a heap overflow issue (CVE-2019-3846) discovered in the mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c.
It also addresses a heap overflow issue (CVE-2019-10126) discovered in the mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c and a Bluetooth flaw (CVE-2019-9506) that may lead to BR/EDR encryption key negotiation attacks (KNOB).
On top of that, the Linux kernel security patch includes numerous bug fixes, among which we can mention a fix for iomap write page reclaim deadlock in gfs2, backport cpuidle-haltpoll driver, a fix NFSv4.0 client sending a double CLOSE, high update_cfs_rq_blocked_load contention, and many more.
Users are urged to update their systems immediately
Red Hat Enterprise Linux 7 and CentOS Linux 7 users are urged to update their installations as soon as possible to the new Linux kernel version that's already available in the stable repositories, kernel-3.10.0-1062.4.1.el7.x86_64. After a kernel update, please make sure to reboot your computer for all changes to take effect.
This kernel update is available for Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux for IBM z Systems 7, Red Hat Enterprise Linux for Power, big endian 7, Red Hat Enterprise Linux for Power, little endian 7, Red Hat Enterprise Linux for Scientific Computing 7, Red Hat Enterprise Linux EUS Compute Node 7.7, Red Hat Virtualization Host 4, and CentOS Linux 7 systems.