Executive Summary

Titlekernel-rt security and bug fix update
NameRHSA-2019:0188First vendor Publication2019-01-29
VendorRedHatLast vendor Modification2019-01-29
Severity (Vendor) N/ARevision01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores


Problem Description:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* The kernel-rt packages have been upgraded to the 3.10.0-957.5.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1653822)

* Under certain circumstances, the following warning message, which indicated a SCHED_DEADLINE bandwidth tracking mechanism error, occurred:

WARNING: CPU: 8 PID: 19536 at kernel/sched/deadline.c:64 dequeue_task_dl+0x121/0x140

This update fixes the sched_setscheduler() core kernel function, and backports multiple upstream patches to the SCHED_DEADLINE scheduler. As a result, the SCHED_DEADLINE bandwidth tracking mechanism is prevented from error conditions, and the warning message no longer occurs. (BZ#1655439)

4. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:


The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1641878 - CVE-2018-18559 kernel: Use-after-free due to race condition in AF_PACKET implementation

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2019-0188.html

CWE : Common Weakness Enumeration

50 %CWE-416Use After Free
50 %CWE-362Race Condition

CPE : Common Platform Enumeration


Nessus® Vulnerability Scanner

2019-01-11Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZA-2018-077.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
2019-01-29 21:18:38
  • First insertion