Welcome to Centmin Mod Community
Become a Member

CentOS 7.x Security October 2019: CentOS 7 & RedHat 7 Linux Kernel Security Updates

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Oct 28, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    May 24, 2014
    Brisbane, Australia
    Local Time:
    7:49 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    RedHat has released a new Linux Kernel security update for both CentOS 7 and RedHat Enterprise Linux 7 systems to address the following security vulnerabilities:

    Security Fixes:
    • kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)
    • kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
    • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
    • kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)

    Linux Kernel Updates

    For CentOS 7 / RedHat 7 Red Hat Customer Portal, the relevant updated Linux Kernel version is:
    • kernel-3.10.0-1062.4.1.el7
    Check existing Linux Kernel version
    Code (Text):
    uname -r

    You will need to regularly check when the Kernel updates land via the commands
    Code (Text):
    yum clean all
    yum list updates

    To update when you see the newer Linux Kernels show up in above check
    Code (Text):
    yum -y update

    Then reboot your server
    Code (Text):

    Check Linux Kernel version after reboot
    Code (Text):
    uname -r