---

RHEL 6 and CentOS 6 Get Important Kernel Security Update

Red Hat Product Security team informs of a new, important Linux kernel security update for all supported Red Hat Enterprise Linux 6 products to address a buffer overflow issue (CVE-2019-17133) found in the generic WiFi ESSID handling implementation. This could allow a system to join a wireless network with an ESSID longer than 32 characters, which could crash the machine. The second vulnerability (CVE-2019-17055) patched in this kernel update was found in Linux kernel’s AF_ISDN protocol implementation, which could allow unprivileged users to create a raw socket to control the availability of an existing ISDN circuit. The only mitigation for this flaw is blacklisting the kernel module from being loaded.