Vulnerabilities > CVE-2020-12657 - Use After Free vulnerability in Linux Kernel

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
linux
CWE-416
nessus
NVD
Published: 2020-05-05
Updated: 2020-06-13

Summary

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.

Vulnerable Configurations

Part Description Count
OS
Linux
3253

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2429.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2429 advisory. - kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660) - Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711) - Kernel: s390: page table upgrade in secondary address mode may lead to privilege escalation (CVE-2020-11884) - kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-12
    modified2020-06-09
    plugin id137275
    published2020-06-09
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137275
    titleRHEL 8 : kernel (RHSA-2020:2429)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2427.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2427 advisory. - kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-12
    modified2020-06-09
    plugin id137278
    published2020-06-09
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137278
    titleRHEL 8 : kernel (RHSA-2020:2427)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4368-1.NASL
    descriptionTristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. (CVE-2019-19769) It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608) It was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609) It was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668) David Gibson discovered that the Linux kernel on Power9 CPUs did not properly save and restore Authority Mask registers state in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2020-11669) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-20
    plugin id136733
    published2020-05-20
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136733
    titleUbuntu 18.04 LTS : linux-gke-5.0, linux-oem-osp1 vulnerabilities (USN-4368-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4363-1.NASL
    descriptionIt was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) David Gibson discovered that the Linux kernel on Power9 CPUs did not properly save and restore Authority Mask registers state in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2020-11669) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-19
    plugin id136710
    published2020-05-19
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136710
    titleUbuntu 16.04 LTS / 18.04 LTS : linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, (USN-4363-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1592.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel
    last seen2020-06-11
    modified2020-05-26
    plugin id136870
    published2020-05-26
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136870
    titleEulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1592)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2428.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2428 advisory. - kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-12
    modified2020-06-09
    plugin id137274
    published2020-06-09
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137274
    titleRHEL 8 : kernel-rt (RHSA-2020:2428)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-5714.NASL
    descriptionDescription of changes: [5.4.17-2011.3.2.1.el8uek] - x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31352779] {CVE-2020-0543} - x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543} - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543} - x86/cpu: Add
    last seen2020-06-13
    modified2020-06-10
    plugin id137290
    published2020-06-10
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137290
    titleOracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2020-5714)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4367-1.NASL
    descriptionIt was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-20
    plugin id136732
    published2020-05-20
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136732
    titleUbuntu 20.04 : linux, linux-aws, linux-gcp, linux-kvm, linux-oracle, linux-riscv (USN-4367-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4367-2.NASL
    descriptionUSN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details : It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-06
    modified2020-05-29
    plugin id136965
    published2020-05-29
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136965
    titleUbuntu 20.04 : linux regression (USN-4367-2)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-2427.NASL
    descriptionFrom Red Hat Security Advisory 2020:2427 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2427 advisory. - kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-13
    modified2020-06-12
    plugin id137384
    published2020-06-12
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137384
    titleOracle Linux 8 : kernel (ELSA-2020-2427)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4369-2.NASL
    descriptionUSN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details : It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. (CVE-2019-19769) It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608) It was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609) It was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-06
    modified2020-05-29
    plugin id136966
    published2020-05-29
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136966
    titleUbuntu 18.04 LTS / 19.10 : linux, linux-raspi2, linux-raspi2-5.3 regression (USN-4369-2)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4369-1.NASL
    descriptionIt was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377) Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. (CVE-2019-19769) It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608) It was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609) It was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668) It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-21
    plugin id136759
    published2020-05-21
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136759
    titleUbuntu 18.04 LTS / 19.10 : linux, linux-aws, linux-aws-5.3, linux-gcp, linux-gcp-5.3, linux-gke-5.3, (USN-4369-1)

Redhat

advisories
  • bugzilla
    id1832866
    titleCVE-2020-12657 kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • commentkernel earlier than 0:4.18.0-193.6.3.el8_2 is currently running
          ovaloval:com.redhat.rhsa:tst:20202427051
        • commentkernel earlier than 0:4.18.0-193.6.3.el8_2 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20202427052
      • OR
        • AND
          • commentkernel-doc is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427001
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427003
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentpython3-perf is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427005
          • commentpython3-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167024
        • AND
          • commentperf is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427007
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-tools-libs is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427009
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-tools is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427011
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-modules-extra is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427013
          • commentkernel-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167016
        • AND
          • commentkernel-modules is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427015
          • commentkernel-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167044
        • AND
          • commentkernel-headers is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427017
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427019
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-modules-extra is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427021
          • commentkernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167010
        • AND
          • commentkernel-debug-modules is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427023
          • commentkernel-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167018
        • AND
          • commentkernel-debug-devel is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427025
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug-core is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427027
          • commentkernel-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167026
        • AND
          • commentkernel-debug is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427029
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel-cross-headers is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427031
          • commentkernel-cross-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167046
        • AND
          • commentkernel-core is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427033
          • commentkernel-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167036
        • AND
          • commentkernel is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427035
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentbpftool is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427037
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentkernel-zfcpdump-modules-extra is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427039
          • commentkernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167014
        • AND
          • commentkernel-zfcpdump-modules is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427041
          • commentkernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167020
        • AND
          • commentkernel-zfcpdump-devel is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427043
          • commentkernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167038
        • AND
          • commentkernel-zfcpdump-core is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427045
          • commentkernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167006
        • AND
          • commentkernel-zfcpdump is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427047
          • commentkernel-zfcpdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167008
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:4.18.0-193.6.3.el8_2
            ovaloval:com.redhat.rhsa:tst:20202427049
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
    rhsa
    idRHSA-2020:2427
    released2020-06-09
    severityImportant
    titleRHSA-2020:2427: kernel security and bug fix update (Important)
  • bugzilla
    id1832866
    titleCVE-2020-12657 kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentkernel-rt-modules-extra is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428001
          • commentkernel-rt-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174008
        • AND
          • commentkernel-rt-modules is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428003
          • commentkernel-rt-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174020
        • AND
          • commentkernel-rt-kvm is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428005
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
        • AND
          • commentkernel-rt-devel is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428007
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-debug-modules-extra is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428009
          • commentkernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174016
        • AND
          • commentkernel-rt-debug-modules is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428011
          • commentkernel-rt-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174010
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428013
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428015
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt-debug-core is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428017
          • commentkernel-rt-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174022
        • AND
          • commentkernel-rt-debug is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428019
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
        • AND
          • commentkernel-rt-core is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428021
          • commentkernel-rt-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174006
        • AND
          • commentkernel-rt is earlier than 0:4.18.0-193.6.3.rt13.59.el8_2
            ovaloval:com.redhat.rhsa:tst:20202428023
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
    rhsa
    idRHSA-2020:2428
    released2020-06-09
    severityImportant
    titleRHSA-2020:2428: kernel-rt security and bug fix update (Important)
rpms
  • bpftool-0:4.18.0-193.6.3.el8_2
  • bpftool-debuginfo-0:4.18.0-193.6.3.el8_2
  • kernel-0:4.18.0-193.6.3.el8_2
  • kernel-abi-whitelists-0:4.18.0-193.6.3.el8_2
  • kernel-core-0:4.18.0-193.6.3.el8_2
  • kernel-cross-headers-0:4.18.0-193.6.3.el8_2
  • kernel-debug-0:4.18.0-193.6.3.el8_2
  • kernel-debug-core-0:4.18.0-193.6.3.el8_2
  • kernel-debug-debuginfo-0:4.18.0-193.6.3.el8_2
  • kernel-debug-devel-0:4.18.0-193.6.3.el8_2
  • kernel-debug-modules-0:4.18.0-193.6.3.el8_2
  • kernel-debug-modules-extra-0:4.18.0-193.6.3.el8_2
  • kernel-debuginfo-0:4.18.0-193.6.3.el8_2
  • kernel-debuginfo-common-aarch64-0:4.18.0-193.6.3.el8_2
  • kernel-debuginfo-common-ppc64le-0:4.18.0-193.6.3.el8_2
  • kernel-debuginfo-common-s390x-0:4.18.0-193.6.3.el8_2
  • kernel-debuginfo-common-x86_64-0:4.18.0-193.6.3.el8_2
  • kernel-devel-0:4.18.0-193.6.3.el8_2
  • kernel-doc-0:4.18.0-193.6.3.el8_2
  • kernel-headers-0:4.18.0-193.6.3.el8_2
  • kernel-modules-0:4.18.0-193.6.3.el8_2
  • kernel-modules-extra-0:4.18.0-193.6.3.el8_2
  • kernel-tools-0:4.18.0-193.6.3.el8_2
  • kernel-tools-debuginfo-0:4.18.0-193.6.3.el8_2
  • kernel-tools-libs-0:4.18.0-193.6.3.el8_2
  • kernel-tools-libs-devel-0:4.18.0-193.6.3.el8_2
  • kernel-zfcpdump-0:4.18.0-193.6.3.el8_2
  • kernel-zfcpdump-core-0:4.18.0-193.6.3.el8_2
  • kernel-zfcpdump-debuginfo-0:4.18.0-193.6.3.el8_2
  • kernel-zfcpdump-devel-0:4.18.0-193.6.3.el8_2
  • kernel-zfcpdump-modules-0:4.18.0-193.6.3.el8_2
  • kernel-zfcpdump-modules-extra-0:4.18.0-193.6.3.el8_2
  • perf-0:4.18.0-193.6.3.el8_2
  • perf-debuginfo-0:4.18.0-193.6.3.el8_2
  • python3-perf-0:4.18.0-193.6.3.el8_2
  • python3-perf-debuginfo-0:4.18.0-193.6.3.el8_2
  • kernel-rt-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-core-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-core-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-debuginfo-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-devel-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-kvm-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-modules-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debug-modules-extra-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debuginfo-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-devel-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-kvm-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-modules-0:4.18.0-193.6.3.rt13.59.el8_2
  • kernel-rt-modules-extra-0:4.18.0-193.6.3.rt13.59.el8_2
  • bpftool-0:4.18.0-80.23.2.el8_0
  • bpftool-debuginfo-0:4.18.0-80.23.2.el8_0
  • kernel-0:4.18.0-80.23.2.el8_0
  • kernel-abi-whitelists-0:4.18.0-80.23.2.el8_0
  • kernel-core-0:4.18.0-80.23.2.el8_0
  • kernel-cross-headers-0:4.18.0-80.23.2.el8_0
  • kernel-debug-0:4.18.0-80.23.2.el8_0
  • kernel-debug-core-0:4.18.0-80.23.2.el8_0
  • kernel-debug-debuginfo-0:4.18.0-80.23.2.el8_0
  • kernel-debug-devel-0:4.18.0-80.23.2.el8_0
  • kernel-debug-modules-0:4.18.0-80.23.2.el8_0
  • kernel-debug-modules-extra-0:4.18.0-80.23.2.el8_0
  • kernel-debuginfo-0:4.18.0-80.23.2.el8_0
  • kernel-debuginfo-common-aarch64-0:4.18.0-80.23.2.el8_0
  • kernel-debuginfo-common-ppc64le-0:4.18.0-80.23.2.el8_0
  • kernel-debuginfo-common-s390x-0:4.18.0-80.23.2.el8_0
  • kernel-debuginfo-common-x86_64-0:4.18.0-80.23.2.el8_0
  • kernel-devel-0:4.18.0-80.23.2.el8_0
  • kernel-doc-0:4.18.0-80.23.2.el8_0
  • kernel-headers-0:4.18.0-80.23.2.el8_0
  • kernel-modules-0:4.18.0-80.23.2.el8_0
  • kernel-modules-extra-0:4.18.0-80.23.2.el8_0
  • kernel-tools-0:4.18.0-80.23.2.el8_0
  • kernel-tools-debuginfo-0:4.18.0-80.23.2.el8_0
  • kernel-tools-libs-0:4.18.0-80.23.2.el8_0
  • kernel-zfcpdump-0:4.18.0-80.23.2.el8_0
  • kernel-zfcpdump-core-0:4.18.0-80.23.2.el8_0
  • kernel-zfcpdump-debuginfo-0:4.18.0-80.23.2.el8_0
  • kernel-zfcpdump-devel-0:4.18.0-80.23.2.el8_0
  • kernel-zfcpdump-modules-0:4.18.0-80.23.2.el8_0
  • kernel-zfcpdump-modules-extra-0:4.18.0-80.23.2.el8_0
  • perf-0:4.18.0-80.23.2.el8_0
  • perf-debuginfo-0:4.18.0-80.23.2.el8_0
  • python3-perf-0:4.18.0-80.23.2.el8_0
  • python3-perf-debuginfo-0:4.18.0-80.23.2.el8_0

References