Red Hat Enterprise Linux 6 and CentOS 6 GNU / Linux operating system is an important Linux kernel security update that addresses several critical vulnerabilities and bug fixes. Including the impact of x86 processors Spectre SWAPGS gadgets Vulnerability ( CVE-2019-1125 ).
Also fixes lead to page cache side channel attack security vulnerabilities ( CVE-2019-5489 ), which is a problem Salsa 20 encryption algorithm, the algorithm allows a local attacker to cause a denial of service ( CVE-2017-17805 ), and a allow non-privileged users to check any of the task stack vulnerability ( CVE-2018-17972 ).
Repair bug:
In addition to addressing security vulnerabilities listed above outside, the new kernel security patch also fixes a kernel crash occurred after the run, including user-space scripts, as well as a 32-bit kernel pageable problem.
Further, when the repaired second argument is NULL, V4L2_ctrl_query_Menu Null pointer exception of the problem of OOPS; another congestion_wait () function is pending; a bug fs / binfmt_misc.c file and results in Linux head break third-party packages compile error Spectre backport.
Last but not least, the kernel patch fixes a problem that prevents using RETOPOINE relieve branch target injection attacks, according to reports, Intel Skylake processor is vulnerable on Red Hat Enterprise Linux 6.10 system.
The new Linux kernel security updates are available for Red Hat Enterprise Linux Server 6, Red Hat Enterprise Linux WorkStation 6, Red Hat Enterprise Linux Desktop 6, Red Hat Enterprise Linux 6 for IBM z Systems, Red Hat Enterprise Linux 6 for Power, BigEndian, Red Hat Enterprise Linux for Science Computing6 and CentOS Linux 6 and so on.
Source: Softpedia