RHSA-2020:4286

Description

Red Hat Security Advisory: kernel security and bug fix update

CVSS Metrics

• v3.1•HIGH•Score: 8.8CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•bpftool-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-abi-whitelists

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-core

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-cross-headers

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debug

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debug-core

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debug-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debug-devel

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debug-modules

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debug-modules-extra

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debuginfo-common-aarch64

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debuginfo-common-ppc64le

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debuginfo-common-s390x

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-debuginfo-common-x86_64

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-devel

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-doc

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-modules

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-modules-extra

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-tools

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-tools-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-tools-libs

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-tools-libs-devel

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-zfcpdump

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-zfcpdump-core

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-zfcpdump-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-zfcpdump-devel

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-zfcpdump-modules

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•kernel-zfcpdump-modules-extra

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•perf

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•perf-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•python3-perf

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

• redhat•python3-perf-debuginfo

  < 0:4.18.0-193.28.1.el8_2 | < 0:4.18.0-193.28.1.el8_2

References (33)

• https://access.redhat.com/errata/RHSA-2020:4286
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/security/vulnerabilities/BleedingTooth
• https://bugzilla.redhat.com/show_bug.cgi?id=1858679
• https://bugzilla.redhat.com/show_bug.cgi?id=1874800
• https://bugzilla.redhat.com/show_bug.cgi?id=1875699
• https://bugzilla.redhat.com/show_bug.cgi?id=1886521
• https://bugzilla.redhat.com/show_bug.cgi?id=1886529
• https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4286.json
• https://access.redhat.com/security/cve/CVE-2020-12351
• https://www.cve.org/CVERecord?id=CVE-2020-12351
• https://nvd.nist.gov/vuln/detail/CVE-2020-12351
• https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
• https://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq
• https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-1-luiz.dentz@gmail.com/
• https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-2-luiz.dentz@gmail.com/
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
• https://www.zdnet.com/article/google-warns-of-severe-bleedingtooth-bluetooth-flaw-in-linux-kernel/
• https://access.redhat.com/security/cve/CVE-2020-12352
• https://www.cve.org/CVERecord?id=CVE-2020-12352
• https://nvd.nist.gov/vuln/detail/CVE-2020-12352
• https://access.redhat.com/security/cve/CVE-2020-14331
• https://www.cve.org/CVERecord?id=CVE-2020-14331
• https://nvd.nist.gov/vuln/detail/CVE-2020-14331
• https://access.redhat.com/security/cve/CVE-2020-14385
• https://www.cve.org/CVERecord?id=CVE-2020-14385
• https://nvd.nist.gov/vuln/detail/CVE-2020-14385
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4020438fab05364018c91f7e02ebdd192085933
• https://access.redhat.com/security/cve/CVE-2020-14386
• https://www.cve.org/CVERecord?id=CVE-2020-14386
• https://nvd.nist.gov/vuln/detail/CVE-2020-14386
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acf69c946233259ab4d64f8869d4037a198c7f06
• https://seclists.org/oss-sec/2020/q3/146