SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es) :
* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)
* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es) :
* VM hangs on RHEL rt-kernel and OSP 13 [rhel-7.6.z] (BZ#1688673)
* kernel-rt: update to the RHEL7.6.z batch#4 source tree (BZ#1689417)
Users of kernel are advised to upgrade to these updated packages, which fix these bugs.
SolutionUpdate the affected packages.