Red Hat Enterprise Linux 7 and CentOS 7 Receive Important Kernel Security Update

Marked by Red Hat Product Security as having a security impact of “Important,” the new Linux kernel security update is here to patch two vulnerabilities, namely CVE-2019-14821, an out-of-bounds memory access issue via MMIO ring buffer discovered in Linux kernel’s KVM hypervisor, and CVE-2019-15239, a flaw that could allow a local attacker to trigger multiple use-after-free conditions, which may lead to a kernel crash or potentially in privilege escalation. Additionally, the kernel update also addresses several bugs, including missing SCSI VPD information for NVMe drives that breaks InfoScale, NULL pointer dereference at check_preempt_wakeup+0x109, panic in pick_next_task_rt, “Detected Tx Unit Hang” error with adapter reset, broken load balancing over VF LAG configuration, security issues on crypto vmx driver, XFS hangs on acquiring xfs_buf semaphore, single CPU VM hangs during open_posix_testsuite, and many others.