The new Linux kernel security update marked by the Red Hat product safety team has "important" security implications, because it fixes several critical flaws, including the impact of x86 processors Spectre SWAPGS gadgets Vulnerability ( CVE-2019-1125 ).
Also fixes a security vulnerability ( CVE-2019-5489 ), leading to side channel attacks page cache, which is a problem Salsa20 encryption algorithm could allow a local attacker to cause a denial of service ( CVE-2017-17805 ), as well as defects ( 2018-17972-CVE ), the kernel stack allows non-privileged users to check any task.
Bug fixes
In addition to addressing security vulnerabilities listed above outside, the new kernel security patch also fixes some bugs report or Red Hat community engineer found. These include a kernel panic occurs after the user space script to run, and an error page table issue 32 kernel.
When the second argument is NULL, the congestion_wait () function in another pending, fs / binfmt_misc.c errors in the file, and cause errors Linux Specter backport, also fixes the Null pointer exception v4l2_ctrl_query_menu OOPS problem for the destruction of third party software packages compiled headers.
Last but not least, the kernel patch fixes a problem that the report uses to prevent the branch target injection attacks retpoline ease on Red Hat Enterprise Linux 6.10 system is vulnerable Skylake on Intel processors.
新的Linux内核安全更新适用于Red Hat Enterprise Linux Server 6,Red Hat Enterprise Linux Workstation 6,Red Hat Enterprise Linux Desktop 6,适用于IBM z Systems的Red Hat Enterprise Linux 6,适用于Power的Red Hat Enterprise Linux 6,big endian ,Red Hat Enterprise Linux for Scientific Computing 6和CentOS Linux 6。