RHEL 7 : kernel-alt (RHSA-2018:2772)
Medium Nessus Plugin ID 117779
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es) :
* kernel: Infoleak/use-after-free in __oom_reap_task_mm function in mm/ oom_kill.c (CVE-2017-18202)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es) :
* Previously, on certain little-endian variants of IBM Power Systems, there was no 'sysfs spec_store_bypass' file. As a consequence, there was no way to indicate the Speculative Store Bypass Disable (SSBD) mitigation status. This update adds infrastructure code into the kernel to create the /sys/ devices/system/cpu/vulnerabilities/* files. As a result, sysfs spec_store_bypass shows whether the SSBD mitigation is disabled or enabled. (BZ#1602340)
* Previously, the kernel architectures for IBM z Systems were missing support to display the status of the Spectre v2 mitigations. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spectre_v2 file did not exist. With this update, the kernel now shows the status in the above mentioned file and as a result, the file now reports either 'Vulnerable' or 'Mitigation: execute trampolines' message.
SolutionUpdate the affected packages.