Operating System:

[RedHat]

Published:

03 February 2021

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2021.0365 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0365
             kernel security, bug fix, and enhancement update
                              3 February 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
                   kernel-rt
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Increased Privileges -- Existing Account
                   Denial of Service    -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-35513 CVE-2020-15436 

Reference:         ESB-2021.0166
                   ESB-2020.4410
                   ESB-2020.4406
                   ESB-2020.4391

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:0336
   https://access.redhat.com/errata/RHSA-2021:0338

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2021:0336-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0336
Issue date:        2021-02-02
CVE Names:         CVE-2020-15436 CVE-2020-35513 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: use-after-free in fs/block_dev.c (CVE-2020-15436)

* kernel: Nfsd failure to clear umask after processing an open or create
(CVE-2020-35513)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* double free issue in filelayout_alloc_commit_info (BZ#1679980)

* Regression: Plantronics Device SHS2355-11 PTT button does not work after
update to 7.7 (BZ#1769502)

* Openstack network node reports unregister_netdevice: waiting for
qr-3cec0c92-9a to become free. Usage count = 1 (BZ#1809519)

* dlm: add ability to interrupt waiting for acquire POSIX lock (BZ#1826858)

* [Azure][RHEL7] soft lockups and performance loss occurring during final
fsync with parallel dd writes to xfs filesystem in azure instance
(BZ#1859364)

* Guest crashed when hotplug vcpus on booting kernel stage (BZ#1866138)

* soft lockup occurs while a thread group leader is waiting on
tasklist_waiters in mm_update_next_owner() where a huge number of the
thread group members are exiting and trying to take the tasklist_lock.
(BZ#1872110)

* [DELL EMC 7.6 BUG] Kioxia CM6 NVMe drive fails to enumerate (BZ#1883403)

* [Hyper-V][RHEL7] Request to included a commit that adds a timeout to
vmbus_wait_for_unload (BZ#1888979)

* Unable to discover the LUNs from new storage port (BZ#1889311)

* RHEL 7.9 Kernel panic at ceph_put_snap_realm+0x21 (BZ#1890386)

* A hard lockup occurrs where one task is looping in an sk_lock spinlock
that has been taken by another task running timespec64_add_ns().
(BZ#1890911)

* ethtool/mlx5_core provides incorrect SFP module info (BZ#1896756)

* RHEL7.7 - zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (BZ#1896826)

* RHEL7.7 - s390/dasd: Fix zero write for FBA devices (BZ#1896839)

* [Azure]IP forwarding issue in netvsc[7.9.z] (BZ#1898280)

* Security patch for CVE-2020-25212 breaks directory listings via 'ls' on
NFS V4.2 shares mounted with selinux enabled labels (BZ#1917504)

Enhancement(s):

* RFE : handle better ERRbaduid on SMB1 (BZ#1847041)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c
1905208 - CVE-2020-35513 kernel: fix nfsd failure to clear umask after processing an open or create [rhel-7]
1911309 - CVE-2020-35513 kernel: Nfsd failure to clear umask after processing an open or create
1917504 - Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1160.15.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm
kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.15.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm
perf-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1160.15.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm
kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.15.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm
perf-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-1160.15.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm
kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1160.15.2.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debug-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-devel-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-headers-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-tools-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1160.15.2.el7.ppc64.rpm
perf-3.10.0-1160.15.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
python-perf-3.10.0-1160.15.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1160.15.2.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debug-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-devel-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-headers-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-tools-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1160.15.2.el7.ppc64le.rpm
perf-3.10.0-1160.15.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
python-perf-3.10.0-1160.15.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1160.15.2.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm
kernel-3.10.0-1160.15.2.el7.s390x.rpm
kernel-debug-3.10.0-1160.15.2.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.s390x.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1160.15.2.el7.s390x.rpm
kernel-devel-3.10.0-1160.15.2.el7.s390x.rpm
kernel-headers-3.10.0-1160.15.2.el7.s390x.rpm
kernel-kdump-3.10.0-1160.15.2.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1160.15.2.el7.s390x.rpm
perf-3.10.0-1160.15.2.el7.s390x.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm
python-perf-3.10.0-1160.15.2.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1160.15.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm
perf-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1160.15.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-1160.15.2.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm
kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.15.2.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm
perf-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-15436
https://access.redhat.com/security/cve/CVE-2020-35513
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYBlBsdzjgjWX9erEAQhTZhAAmSFzEZeB0CWYNaJ2PVwoFm4PA9rdYDyg
G1j/plxrO6bczNEz+XDnAzRPrCbJRPPt6VJxjpLkb25ph0f5tQ+Q7Ph7sAefSbDX
BLDjjvl+Wd1g2FEfIQ43wDp8UWuFCVVMF3ajJHFz9ROqrA/1hs0gj7ht9gXRlttT
LSI67A08tEWRPtaf5c1M8h/IJtZiF4sfYDrfhp4mFRTZYybTvVjML+xf69Qq7o2D
AsxbyKRVNQKC0Epm6C+Tzbw6SxhonrAQyjADWenQ8bCS2TF8WY2OZA7sNs7nddZu
Ha/mCB2vSR2WCWLGxCLXTtsK3y52qPIyUn4mBmatJUIBcbJMnQbgZgWrEcTobsoD
N5MWdqE6xGjct0KMz0fV6J9D5JWQjUN4O8K0vVQP4aoAX25jMWCq14RLLRUvusJm
dLI59E5nN1pLMlADiAAh2Iceac/daIF9fvWn2XoF16/ZQNffa0yCiNFaDg+AW4Tg
Z/b82VoOiz7uJWyv06TMcljafEaIxjpnjGmpKQ2qz8UYoxYYsnRyKpHJxLeiB53A
TKbkiQJoFutNeUcbBSA6F6sqLlaJ7CtoyzxsVVwM+LtYF1iUXqC+Hp6Gs5NB8WXr
JQSrrv0X0H7sAu7FHCyL/ygMQK/IiZKiPxiRBZJH6pJz5OL8GVKxR1CSZmHXvgKo
QPLPtfMOGPs=
=Hdxh
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel-rt security and bug fix update
Advisory ID:       RHSA-2021:0338-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0338
Issue date:        2021-02-02
CVE Names:         CVE-2020-15436 CVE-2020-35513 
=====================================================================

1. Summary:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for Real Time (v. 7) - noarch, x86_64
Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: use-after-free in fs/block_dev.c (CVE-2020-15436)

* kernel: Nfsd failure to clear umask after processing an open or create
(CVE-2020-35513)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* kernel-rt: update to the latest RHEL7.9.z3 source tree (BZ#1906133)

* [kernel-rt] WARNING: CPU: 8 PID: 586 at kernel/sched/core.c:3644
migrate_enable+0x15f/0x210 (BZ#1916123)

* [kernel-rt-debug] [ BUG: bad unlock balance detected! ] [RHEL-7.9.z]
(BZ#1916130)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c
1906133 - kernel-rt: update to the latest RHEL7.9.z3 source tree
1911309 - CVE-2020-35513 kernel: Nfsd failure to clear umask after processing an open or create

6. Package List:

Red Hat Enterprise Linux for Real Time for NFV (v. 7):

Source:
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1160.15.2.rt56.1152.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-kvm-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-kvm-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-kvm-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-kvm-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm

Red Hat Enterprise Linux for Real Time (v. 7):

Source:
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.src.rpm

noarch:
kernel-rt-doc-3.10.0-1160.15.2.rt56.1152.el7.noarch.rpm

x86_64:
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debug-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm
kernel-rt-trace-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-15436
https://access.redhat.com/security/cve/CVE-2020-35513
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYBlBedzjgjWX9erEAQhKChAAhI19BtKklv31X56n6gEK4Kd1ujHpqZ8i
zzVHdgYe+/ovvAc3FSSg9yL+1N5gmilAJmQE63USg/FRn70QChpH1zzFJHpepOZ1
bY6zJGqXWJfb7ppZGrOJgRJsGtyez5r9Ft6aJl33ioY/4J1NVJfSnnnLDTaosAFi
tl6No/faGvI1OZS6inA7wnQ+JVLeTUiopA5FpMKwb+5nsxVqZ5GAjsP9CS51nEYz
vs3VMjci93UTPgA41ywHAc1Q0F3JIKq0sjBo8ewzWlzKyz5wVy4ssa1gI0im2PCI
BYSn0wgO74h6IVDULWcp74WYmO8g/tM5sUDN7uKIaTSlK9jh0STnsdka3Jqk9ztg
dKzy1BYhACZHd4/2LFwzpiatVVUMFjYUPO9eYZCmzcvgec+AJtedcY8Qwn1e/n7I
DD045q2cQj2/ERlpd92iVbwHD7dYQ+pcpgm26Ja5w2PKi74lONPs2gzzOG1uOyHx
fkKtlTCGWAr9/S82EVOmofW7RJKr7o2EhU0WrfmRpoUCtmHWjKI9Z761+BapNUJB
r7BgqNS4wGCwXlW5h/3QIClRS+fmDu2XnVBmv147nn7gTKTw6Y00wgg3EMiRUdyt
uuYvkj0vXqZK2srC34FxL5shK75AUTlCelonB04f1kRjl3W+JtxW8as0joYOt7gv
ea/5t+FYR/s=
=fKGg
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYBntNONLKJtyKPYoAQierg/+LjVZWpHmZmBW958ZkofykbTd+8hcDizz
7QEY433JrVHMArW4x0WJd7N19uGld6W39JiUE5zbAfHRC3SFLeqtahNQalLM7vi0
3gbSEA8cTCD9L00Slfh4mYty8k697DH5YGkHE+E1e2MvTuIMV/bynZNVioXGeCwj
9WFYMkyJaX0TmwqSeiT+Tq6GwSF5xsB4NLH1nD5cfDOYlcQi/i6qbRs8PTBBPw0E
gX9L8M2W0qLhh/LG0vnhzcOpS90R6nO9pfcA4MRlZiPQEtPZkEZTYz+U4nffr042
kZbrXLmigAgN9h3Eh2XzMyOjbVCfeuLTg1RjLiBzYdWVWcEqrm2Wnv2+VRRKPMUt
WxsewidZ8+e/S+pBAPxinxC7HeEo9hlBUQBjHYyLJ9PtAeijXVCJIpFPafJbzOPU
3d/MFidSWnXF3CqbcaGZ/xWgIFSVyV4EDDDOvrN3abzCVAUi72iCJ2ROELpX+ntd
3rzHXjjeYv4Gllwm194vqz8OWGUWweBtbdmQNWWH2a6PPIiCMPm4hSOj+qOjnjq1
UkZBYXLTVaVEfpWqRS2N62KQFW75micnThN4ttqEcNavoO7VUBcaFoPEQ8xgLqLA
zucBDwvL81DdO8pfA43JFUCDiTVaqaUeAfxXChoLN4pqUwXHKga0bJ83dWXfkF0P
YrZdleld514=
=x8cs
-----END PGP SIGNATURE-----