-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-34a75d7e61 2019-11-27 00:22:45.363644 --------------------------------------------------------------------------------
Name : kernel Product : Fedora 31 Version : 5.3.12 Release : 300.fc31 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package
-------------------------------------------------------------------------------- Update Information:
The 5.3.12 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 21 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.3.12-300 - Fix CVE-2019-19074 (rhbz 1774933 1774934) - Fix CVE-2019-19073 (rhbz 1774937 1774939) - Fix CVE-2019-19072 (rhbz 1774946 1774947) - Fix CVE-2019-19071 (rhbz 1774949 1774950) - Fix CVE-2019-19070 (rhbz 1774957 1774958) - Fix CVE-2019-19068 (rhbz 1774963 1774965) - Fix CVE-2019-19043 (rhbz 1774972 1774973) - Fix CVE-2019-19066 (rhbz 1774976 1774978) - Fix CVE-2019-19046 (rhbz 1774988 1774989) - Fix CVE-2019-19050 (rhbz 1774998 1775002) - Fix CVE-2019-19062 (rhbz 1775021 1775023) - Fix CVE-2019-19064 (rhbz 1775010 1775011) - Fix CVE-2019-19063 (rhbz 1775015 1775016) - Fix CVE-2019-19059 (rhbz 1775042 1775043) - Fix CVE-2019-19058 (rhbz 1775047 1775048) - Fix CVE-2019-19057 (rhbz 1775050 1775051) - Fix CVE-2019-19053 (rhbz 1775956 1775110) - Fix CVE-2019-19056 (rhbz 1775097 1775115) - Fix CVE-2019-19055 (rhbz 1775074 1775116) - Fix CVE-2019-19054 (rhbz 1775063 1775117) * Thu Nov 21 2019 Laura Abbott labbott@redhat.com - Linux v5.3.12 * Tue Nov 12 2019 Justin M. Forbes jforbes@fedoraproject.org - 5.3.11-300 - Linux v5.3.11 - Fixes CVE-2019-11135 (rhbz 1753062 1771649) - Fixes CVE-2018-12207 (rhbz 1646768 1771645) - Fixes CVE-2019-0154 (rhbz 1724393 1771642) - Fixes CVE-2019-0155 (rhbz 1724398 1771644) * Mon Nov 11 2019 Laura Abbott labbott@redhat.com - 5.3.10-300 - Linux v5.3.10 * Thu Nov 7 2019 Jeremy Cline jcline@redhat.com - Add support for a number of Macbook keyboards and touchpads (rhbz 1769465) * Wed Nov 6 2019 Laura Abbott labbott@redhat.com - 5.3.9-300 - Linux v5.3.9 * Tue Oct 29 2019 Laura Abbott labbott@redhat.com - 5.3.8-300 - Linux v5.3.8 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1774933 - CVE-2019-19074 kernel: a memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c allows DoS https://bugzilla.redhat.com/show_bug.cgi?id=1774933 [ 2 ] Bug #1774937 - CVE-2019-19073 kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) https://bugzilla.redhat.com/show_bug.cgi?id=1774937 [ 3 ] Bug #1774946 - CVE-2019-19072 kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1774946 [ 4 ] Bug #1774949 - CVE-2019-19071 kernel: A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1774949 [ 5 ] Bug #1774957 - CVE-2019-19070 kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1774957 [ 6 ] Bug #1774963 - CVE-2019-19068 kernel: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1774963 [ 7 ] Bug #1774972 - CVE-2019-19043 kernel: dos in i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c https://bugzilla.redhat.com/show_bug.cgi?id=1774972 [ 8 ] Bug #1774976 - CVE-2019-19066 kernel: A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1774976 [ 9 ] Bug #1774988 - CVE-2019-19046 kernel: dos in in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c https://bugzilla.redhat.com/show_bug.cgi?id=1774988 [ 10 ] Bug #1774998 - CVE-2019-19050 kernel: dos in crypto_reportstat() function in crypto/crypto_user_stat.c https://bugzilla.redhat.com/show_bug.cgi?id=1774998 [ 11 ] Bug #1775021 - CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775021 [ 12 ] Bug #1775010 - CVE-2019-19064 kernel: A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775010 [ 13 ] Bug #1775015 - CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775015 [ 14 ] Bug #1775042 - CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775042 [ 15 ] Bug #1775047 - CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775047 [ 16 ] Bug #1775050 - CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775050 [ 17 ] Bug #1775097 - CVE-2019-19056 kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775097 [ 18 ] Bug #1775074 - CVE-2019-19055 kernel: A memory leak in the nl80211_get_ftm_responder_stats() function innet/wireless/nl80211.c allows DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775074 [ 19 ] Bug #1775063 - CVE-2019-19054 kernel: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allows attackers to cause a DoS https://bugzilla.redhat.com/show_bug.cgi?id=1775063 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-34a75d7e61' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------