RHEL 7 : kernel-alt (RHSA-2018:2772)
Medium Nessus Plugin ID 117779
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for kernel-alt is now available for Red Hat Enterprise Linux
Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es) :
* kernel: Infoleak/use-after-free in __oom_reap_task_mm function in
mm/ oom_kill.c (CVE-2017-18202)
For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.
Bug Fix(es) :
* Previously, on certain little-endian variants of IBM Power Systems,
there was no 'sysfs spec_store_bypass' file. As a consequence,
there was no way to indicate the Speculative Store Bypass Disable
(SSBD) mitigation status. This update adds infrastructure code into
the kernel to create the /sys/ devices/system/cpu/vulnerabilities/*
files. As a result, sysfs spec_store_bypass shows whether the SSBD
mitigation is disabled or enabled. (BZ#1602340)
* Previously, the kernel architectures for IBM z Systems were missing
support to display the status of the Spectre v2 mitigations. As a
consequence, the /sys/devices/system/cpu/vulnerabilities/spectre_v2
file did not exist. With this update, the kernel now shows the status
in the above mentioned file and as a result, the file now reports
either 'Vulnerable' or 'Mitigation: execute trampolines' message.
SolutionUpdate the affected packages.