CentOS Security Enhancements/Kernel Upgrade
Feature Summary and Revision History
Applicable Product(s) or Functional Area |
CPS |
Applicable Platform(s) |
Not Applicable |
Default Setting |
Not Applicable |
Related Changes in This Release |
Not Applicable |
Related Documentation |
Not Applicable |
Revision Details |
Release |
---|---|
Kernel upgraded to 4.18.0-193.14.2.el8_2 |
21.1.0 |
CentOS upgraded to 8.1 Kernel upgraded to 4.18.0-147.5.1.el8_1 Grafana upgraded to 6.7.1-1 |
20.2.0 |
Kernel upgraded to 3.10.0-957. 21.3.el7 |
19.5.0 |
Kernel upgraded to 3.10.0-957.12.2.el7 Grafana upgraded to 6.2.2-1 |
19.4.0 |
CentOS upgraded to 7.6 (1810) Kernel upgraded to 3.10.0-957.10.1.el7 |
19.3.0 |
Kernel upgraded to 3.10.0-957.5.1.el7 |
19.2.0 |
Kernel upgraded to 3.10.0-957.e17 |
19.1.0 |
First introduced: kernel upgraded to 3.10.0-862.14.4.el7.x86_64 |
18.5.0 |
Feature Description
In this release, Kernel is upgraded from 4.18.0-147.5.1.el8_1 to 4.18.0-193.14.2.el8_2 to fix the vulnerabilities.
The following changes are displayed in the latest Kernel version.
# rpm -qa | grep kernel-[0-9]
kernel-4.18.0-193.14.2.el8_2.x86_64
## cat /etc/redhat-release
CentOS Linux release 8.1.1911 (Core)
# uname -a
Linux lab 4.18.0-193.14.2.el8_2.x86_64 #1 SMP Sun Jul 26 03:54:29 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
For service-related issues, you can use journactl
to get systemctl logs.
The following tables list the vulnerabilities that have been fixed as a part of this release:
CVE |
Name |
RPM Upgraded to |
---|---|---|
CVE-2019-5481 |
CentOS 8 : curl (RHSA-2020:1792) |
7.61.1-12.el8 |
CVE-2020-12049 | CentOS 8 : dbus (RHSA-2020:3014) | 1.12.8-10.el8_2 |
CVE-2020-11501 | CentOS 8 : gnutls (RHSA-2020:1998) | 3.6.8-11.el8_2 |
CVE-2020-13777 | CentOS 8 : gnutls (RHSA-2020:2637) | 3.6.8-11.el8_2 |
CVE-2019-10166 | CentOS 8 : virt:rhel (RHSA-2019:1580) | 4.5.0-42.module_el8.2.0 |
CVE-2019-10167 | CentOS 8 : virt:rhel (RHSA-2019:1580) | 4.5.0-42.module_el8.2.0 |
CVE-2019-10168 | CentOS 8 : virt:rhel (RHSA-2019:1580) | 4.5.0-42.module_el8.2.0 |
CVE-2020-10757 | CentOS 8 : kernel (RHSA-2020:3010) | 4.18.0-193.14.2.el8_2 |
CVE-2019-3882 | CentOS 8 : kernel (RHSA-2019:3517) | 4.18.0-193.14.2.el8_2 |
CVE-2019-3887 | CentOS 8 : kernel (RHSA-2019:2703) | 4.18.0-193.14.2.el8_2 |
CVE-2019-10639 | CentOS 8 : kernel (RHSA-2020:1769) | 4.18.0-193.14.2.el8_2 |
CVE-2019-18282 | CentOS 8 : kernel (RHSA-2020:1769) | 4.18.0-193.14.2.el8_2 |
CVE-2019-3016 | CentOS 8 : kernel (RHSA-2020:3010) | 4.18.0-193.14.2.el8_2 |
CVE-2020-10754 | CentOS 8 : NetworkManager (RHSA-2020:3011) | 1.22.8-5.el8_2 |
CVE-2020-11080 | CentOS 8 : nghttp2 (RHSA-2020:2755) | 1.33.0-3.el8_2.1 |
CVE-2019-1549 | CentOS 8 : openssl (RHSA-2020:1840) | 1.1.1g-11.el8 |
CVE-2019-11034 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11035 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11036 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11039 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11040 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-9640 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11041 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11042 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-11043 | CentOS 8 : php:7.2 (RHSA-2019:3735) | 7.2.24-1.module_el8.2.0 |
CVE-2019-9022 | CentOS 8 : php:7.2 (RHSA-2020:1624) | 7.2.24-1.module_el8.2.0 |
CVE-2019-18934 | CentOS 8 : unbound (RHSA-2020:1716) | 1.7.3-11.el8_2 |
CVE-2020-12663 | CentOS 8 : unbound (RHSA-2020:2416) | 1.7.3-11.el8_2 |
CVE-2020-12662 | CentOS 8 : unbound (RHSA-2020:2416) | 1.7.3-11.el8_2 |
CVE-2020-10713 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-14308 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-14309 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-14310 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-14311 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-15705 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-15706 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2020-15707 | CentOS 8 : grub2 (RHSA-2020:3216) | 2.02-87.el8_2 |
CVE-2019-8457 | CentOS 8 : sqlite (RHSA-2020:1810) | 3.26.0-11.el8 |
CVE-2020-8616 | CentOS 8 : bind (RHSA-2020:2338) | 9.11.20-5.el8 |
CVE-2020-8617 | CentOS 8 : bind (RHSA-2020:2338) | 9.11.20-5.el8 |
CVE-2020-11008 | CentOS 8 : git (RHSA-2020:1980) | 2.27.0-1.el8 |
CVE-2020-5260 | CentOS 8 : git (RHSA-2020:1513) | 2.27.0-1.el8 |
CVE-2019-19330 | CentOS 8 : haproxy (RHSA-2020:1725) | 1.8.23-5.el8 |
CVE-2019-18277 | CentOS 8 : haproxy (RHSA-2020:1725) | 1.8.23-5.el8 |
CVE-2020-11100 | CentOS 8 : haproxy (RHSA-2020:1288) | 1.8.23-5.el8 |
CVE-2018-14404 | CentOS 8 : libxml2 (RHSA-2020:1827) | 2.9.7-8.el8 |
CVE-2019-11596 | CentOS 8 : memcached (RHSA-2020:1576) | 1.5.22-2.el8 |
CVE-2019-10164 | CentOS 8 : postgresql:10 (RHSA-2020:3669) | postgresql-0:10.14-1.module_el8.2.0 |
CVE-2019-10208 | CentOS 8 : postgresql:10 (RHSA-2020:3669) | postgresql-0:10.14-1.module_el8.2.0 |
CVE-2020-14349 | CentOS 8 : postgresql:10 (RHSA-2020:3669) | postgresql-0:10.14-1.module_el8.2.0 |
CVE-2020-14350 | CentOS 8 : postgresql:10 (RHSA-2020:3669) | postgresql-0:10.14-1.module_el8.2.0 |
CVE-2019-10192 | CentOS 8 : redis:5 (RHSA-2019:2002) | 0:5.0.3-2.module_el8.2.0 |
CVE-2019-10193 | CentOS 8 : redis:5 (RHSA-2019:2002) | 0:5.0.3-2.module_el8.2.0 |
CVE-2019-10197 | CentOS 8 : samba (RHSA-2020:1878) | 4.12.3-12.el8.3 |
CVE-2019-14907 | CentOS 8 : samba (RHSA-2020:1878) | 4.12.3-12.el8.3 |
CVE-2019-18634 | CentOS 8 : sudo (RHSA-2020:0487) | 1.8.29-6.el8_3.1 |
CVE-2019-3843 | CentOS 8 : systemd (RHSA-2020:1794) | 239-41.el8_3 |
CVE-2019-3844 | CentOS 8 : systemd (RHSA-2020:1794) | 239-41.el8_3 |
CVE-2019-13232 | CentOS 8 : unzip (RHSA-2020:1787) | 6.0-43.el8 |
CVE-2020-8631 | CentOS 8 : cloud-init (RHSA-2020:4650) | 19.4-11.el8 |
CVE-2020-8632 | CentOS 8 : cloud-init (RHSA-2020:4650) | 19.4-11.el8 |
CVE-2021-3156 | CentOS 8 : sudo (RHSA-2021:0218) | 1.8.29-6.el8_3.1 |
CVE-2019-17006 | CentOS 8 : nss, nspr (RHSA-2020:3280) |
nspr:4.25.0-2.el8_2 nss:3.53.1-11.el8_2 |