Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.2439
kernel, kernel-rt and kpatch-patch security updates
21 July 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
kernel-rt
kpatch-patch
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Increased Privileges -- Existing Account
Overwrite Arbitrary Files -- Existing Account
Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Reduced Security -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33909 CVE-2021-33034 CVE-2021-32399
CVE-2021-3347 CVE-2020-35508 CVE-2020-28374
CVE-2020-26541 CVE-2020-25704 CVE-2020-12362
Reference: ESB-2021.2322
ESB-2021.2272
ESB-2021.1152
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:2719
https://access.redhat.com/errata/RHSA-2021:2718
https://access.redhat.com/errata/RHSA-2021:2723
https://access.redhat.com/errata/RHSA-2021:2714
https://access.redhat.com/errata/RHSA-2021:2727
https://access.redhat.com/errata/RHSA-2021:2730
https://access.redhat.com/errata/RHSA-2021:2722
https://access.redhat.com/errata/RHSA-2021:2732
https://access.redhat.com/errata/RHSA-2021:2715
https://access.redhat.com/errata/RHSA-2021:2735
https://access.redhat.com/errata/RHSA-2021:2733
https://access.redhat.com/errata/RHSA-2021:2734
Comment: This bulletin contains twelve (12) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel-rt security and bug fix update
Advisory ID: RHSA-2021:2719-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2719
Issue date: 2021-07-20
CVE Names: CVE-2020-25704 CVE-2020-26541 CVE-2020-35508
CVE-2021-33034 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Real Time EUS (v. 8.2) - x86_64
Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2) - x86_64
3. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
* kernel: security bypass in certs/blacklist.c and certs/system_keyring.c
(CVE-2020-26541)
* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting
- - ->real_parent (CVE-2020-35508)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-8.2.z10 Batch source
tree (BZ#1968022)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1886285 - CVE-2020-26541 kernel: security bypass in certs/blacklist.c and certs/system_keyring.c
1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory
1902724 - CVE-2020-35508 kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1968022 - kernel-rt: update RT source tree to the latest RHEL-8.2.z10 Batch source tree
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2):
Source:
kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.src.rpm
x86_64:
kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-kvm-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
Red Hat Enterprise Linux Real Time EUS (v. 8.2):
Source:
kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.src.rpm
x86_64:
kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
kernel-rt-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-25704
https://access.redhat.com/security/cve/CVE-2020-26541
https://access.redhat.com/security/cve/CVE-2020-35508
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPdAHtzjgjWX9erEAQg96g/9Gt2fTKzt3bA7YBEe9+Zuf7YMKBhLcyXg
46/wxTGGQ+ilbzEoqtYe+iu9Znk5gMOmV2HJ/jiYuq8L0oVEnPjsHLtXiyP9Oyi4
UULHAZRs2dj6Yjm02mef7xulZwhgcdVA7LeO2Ni8F+V/p2zHrhmS3NXto7GWQ81C
n71gEFqc8PNSUGEE29TvDsSAvlyJDPfbS3sBQm1er5OoEZ5/3lHKugSqbqIbtgai
cnbBm++5NWm+OMJ5ChZrWxPKOxpbiKMZI6EtRzzuQ2amPkjisdend9XTzs21R3l/
AKPqVNU4ZH5BPglp8o/kVIX89xxoJkom7x+/i1nllt1lrhX37z2aVz1SJgFxGJd5
N+QREJmMOXKXDKz0AYn0ik44/OD9j34gp3bbLRjQdUMamZgH5IxcNCzDF2QtJV+c
C0/v+hHvOTrQslZShSD2T+sDZ7LZIxL1H9XeggrSCQtnySTpZIuhAPARivmqSwEy
oW5VEViILbBeQCwc+8xGIdev09QAAurJU4DuRhn2RMQe2FxWKsS52xzGyHs3xu1N
ZPDfxPzMfImDdyFfByA29fkPP55WMgW2JXIirDFSj4xbE86u6LvZHWOO52J4kiji
twlJWn2Zxg/nJrApmnJl1WXcYD0SD6iu7Yr+O7hwASyc6EaMWZUwJnhd+EfQN0be
ej3p59ymr7k=
=KFQU
- -----END PGP SIGNATURE-----
- ---------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:2718-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2718
Issue date: 2021-07-20
CVE Names: CVE-2020-25704 CVE-2020-26541 CVE-2020-35508
CVE-2021-33034 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
* kernel: security bypass in certs/blacklist.c and certs/system_keyring.c
(CVE-2020-26541)
* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting
- - ->real_parent (CVE-2020-35508)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* RHEL8.2 Snapshot2 - tpm: ibmvtpm: Wait for buffer to be set before
proceeding (BZ#1933986)
* fnic crash from invalid request pointer (BZ#1961707)
* [Azure][RHEL8.4] Two Patches Needed To Enable Azure Host Time-syncing in
VMs (BZ#1963051)
* RHEL kernel 8.2 and higher are affected by data corruption bug in raid1
arrays using bitmaps. (BZ#1969338)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1886285 - CVE-2020-26541 kernel: security bypass in certs/blacklist.c and certs/system_keyring.c
1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory
1902724 - CVE-2020-35508 kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux BaseOS EUS (v. 8.2):
Source:
kernel-4.18.0-193.60.2.el8_2.src.rpm
aarch64:
bpftool-4.18.0-193.60.2.el8_2.aarch64.rpm
bpftool-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-core-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-cross-headers-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-core-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-devel-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-modules-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-devel-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-headers-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-modules-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-modules-extra-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-tools-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-tools-libs-4.18.0-193.60.2.el8_2.aarch64.rpm
perf-4.18.0-193.60.2.el8_2.aarch64.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
python3-perf-4.18.0-193.60.2.el8_2.aarch64.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
noarch:
kernel-abi-whitelists-4.18.0-193.60.2.el8_2.noarch.rpm
kernel-doc-4.18.0-193.60.2.el8_2.noarch.rpm
ppc64le:
bpftool-4.18.0-193.60.2.el8_2.ppc64le.rpm
bpftool-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-core-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-cross-headers-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-core-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-devel-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-modules-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-devel-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-headers-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-modules-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-modules-extra-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-tools-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-tools-libs-4.18.0-193.60.2.el8_2.ppc64le.rpm
perf-4.18.0-193.60.2.el8_2.ppc64le.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
python3-perf-4.18.0-193.60.2.el8_2.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
s390x:
bpftool-4.18.0-193.60.2.el8_2.s390x.rpm
bpftool-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-core-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-cross-headers-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debug-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debug-core-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debug-devel-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debug-modules-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-devel-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-headers-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-modules-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-modules-extra-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-tools-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-zfcpdump-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-zfcpdump-core-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-zfcpdump-devel-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-zfcpdump-modules-4.18.0-193.60.2.el8_2.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-193.60.2.el8_2.s390x.rpm
perf-4.18.0-193.60.2.el8_2.s390x.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
python3-perf-4.18.0-193.60.2.el8_2.s390x.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm
x86_64:
bpftool-4.18.0-193.60.2.el8_2.x86_64.rpm
bpftool-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-core-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-cross-headers-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-core-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-devel-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-modules-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-devel-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-headers-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-modules-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-modules-extra-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-tools-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-tools-libs-4.18.0-193.60.2.el8_2.x86_64.rpm
perf-4.18.0-193.60.2.el8_2.x86_64.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
python3-perf-4.18.0-193.60.2.el8_2.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.2):
aarch64:
bpftool-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
kernel-tools-libs-devel-4.18.0-193.60.2.el8_2.aarch64.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm
ppc64le:
bpftool-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-193.60.2.el8_2.ppc64le.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm
x86_64:
bpftool-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
kernel-tools-libs-devel-4.18.0-193.60.2.el8_2.x86_64.rpm
perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-25704
https://access.redhat.com/security/cve/CVE-2020-26541
https://access.redhat.com/security/cve/CVE-2020-35508
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPdKddzjgjWX9erEAQhLHw/8CtsaptRIaXpqaAqj2dZCzmPJHC8iyNOj
5dmUgyNRCwyoUVIXRtGr4TBR+Bxi0Y37ofV1bAdK7igPDppxmbEANIR4NhOaktf3
w17HflEhh8us5fmTxYNlRa2++UIvuWBGfH4+kfODkSDCBgbb9Q2xIxPRXWQRvLjr
ide7SRs9zF31KYoat9kWWDhMSZDitVlU2wvWsx1j40UD6a1sUx9M2Q/cCbcu8NSO
9kyVxyOhDHs72sbOLsbiwfDAYKmUjdkDVBY+5Rl2DbtxIz0jZOWSbHvhsu6ndpN4
iKxbcHVrfpMjQAX4KnDYIKB8PPHXzRcbQLRGSZWpAdGmPc/H+3vGTAXZJSDIi/61
+9OXWRn9PSkAR3WFNOPo1rru5WI7cncykx8jm5sCwzcnBGsgz+E8Exwf+MObnOqx
OVMnSwU52kFdyDciwlXobjGtEdEMN/Jf/f+dM1KIJxj8YTgygzJQw/Z3fWeI/gvh
fcqSeFjAN3+A+aVXn8NcaBPIEjAqdwEA9kvT8JxGo8co1KzmHxCZVpxnECYSsQuW
qttiF50ohXwLbYklFG8Mt0pD04HmnsmLUvFZYK2m9MSfUsz4dFjgDnov8p7btGgu
yJ/6Aul7C6TjZZvQG9fz6Id+mh4uPPMvQrVSQLrl68bOWpphyoRqzcTTFNFj1g+w
gIkv6r9Alj4=
=hVNH
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kpatch-patch security update
Advisory ID: RHSA-2021:2723-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2723
Issue date: 2021-07-20
CVE Names: CVE-2021-33909
=====================================================================
1. Summary:
An update is now available for Red Hat Enterprise Linux 8.1 Extended Update
Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - ppc64le, x86_64
3. Description:
This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux BaseOS EUS (v. 8.1):
Source:
kpatch-patch-4_18_0-147_24_2-1-11.el8_1.src.rpm
kpatch-patch-4_18_0-147_27_1-1-11.el8_1.src.rpm
kpatch-patch-4_18_0-147_32_1-1-9.el8_1.src.rpm
kpatch-patch-4_18_0-147_34_1-1-9.el8_1.src.rpm
kpatch-patch-4_18_0-147_38_1-1-8.el8_1.src.rpm
kpatch-patch-4_18_0-147_43_1-1-6.el8_1.src.rpm
kpatch-patch-4_18_0-147_44_1-1-5.el8_1.src.rpm
kpatch-patch-4_18_0-147_48_1-1-2.el8_1.src.rpm
kpatch-patch-4_18_0-147_51_1-1-1.el8_1.src.rpm
ppc64le:
kpatch-patch-4_18_0-147_24_2-1-11.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_24_2-debuginfo-1-11.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_24_2-debugsource-1-11.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_27_1-1-11.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_27_1-debuginfo-1-11.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_27_1-debugsource-1-11.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_32_1-1-9.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_32_1-debuginfo-1-9.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_32_1-debugsource-1-9.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_34_1-1-9.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_34_1-debuginfo-1-9.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_34_1-debugsource-1-9.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_38_1-1-8.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_38_1-debuginfo-1-8.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_38_1-debugsource-1-8.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_43_1-1-6.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_43_1-debuginfo-1-6.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_43_1-debugsource-1-6.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_44_1-1-5.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_44_1-debuginfo-1-5.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_44_1-debugsource-1-5.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_48_1-1-2.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_48_1-debuginfo-1-2.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_48_1-debugsource-1-2.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_51_1-1-1.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_51_1-debuginfo-1-1.el8_1.ppc64le.rpm
kpatch-patch-4_18_0-147_51_1-debugsource-1-1.el8_1.ppc64le.rpm
x86_64:
kpatch-patch-4_18_0-147_24_2-1-11.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_24_2-debuginfo-1-11.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_24_2-debugsource-1-11.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_27_1-1-11.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_27_1-debuginfo-1-11.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_27_1-debugsource-1-11.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_32_1-1-9.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_32_1-debuginfo-1-9.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_32_1-debugsource-1-9.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_34_1-1-9.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_34_1-debuginfo-1-9.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_34_1-debugsource-1-9.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_38_1-1-8.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_38_1-debuginfo-1-8.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_38_1-debugsource-1-8.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_43_1-1-6.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_43_1-debuginfo-1-6.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_43_1-debugsource-1-6.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_44_1-1-5.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_44_1-debuginfo-1-5.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_44_1-debugsource-1-5.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_48_1-1-2.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_48_1-debuginfo-1-2.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_48_1-debugsource-1-2.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_51_1-1-1.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_51_1-debuginfo-1-1.el8_1.x86_64.rpm
kpatch-patch-4_18_0-147_51_1-debugsource-1-1.el8_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPdNe9zjgjWX9erEAQhDNQ/6A7waOZeXCyKYvgYCdT35PlgqS4oHaHj3
XHB5kvnyHSkxmDXX7sAX0hClkvFNJAE9Nk9JskV8yPl56GULiU0KLBcLLA/RO9Vy
PGP1Xm357o/MpVcnJWhWIM+bP7xyoWCZ+iCDKFtw+tN2icW650gbtiWe41eW9gUO
uwAMhhGq93T8T74sUzWs9cC3VBJMqij4F+UlJvLGDQtRKFHzXJz7W+a/pcksJzHl
FAHpz6ASmt45fpgT2RdfxSOXZ7bPWNkTil67sdII7sXuF4W53CNeQ62os9b4x4pt
7JzY5heKowNz+N62Qco01k+PshL86R2Q8BMuy4OYens0MF0wQuH0SYRv8FvjReX0
o4YptHCZGmtBKdWYyhMCobCCJNIjH9D2lYZBhADaE1DBgaczZbYx4jkPkT0boODX
GgHAP5iwBM+nsVvOXBuE90CXwF47mQeRktb6NMCPBiLUYzvwE4HgCcgTlLCEvmPx
g5dklLX7YsL6WL3KsA3JYuNuUUtHdnUfHAx7dY5YKITZzvl3Mgdoiza9ZltQlSuS
9rH3Tzd5HI8Wa3nR90mnRJkdLbJOOUTOcAYoJBbuH2U4srJuc3le6NJsSlL9xVAW
gVWjUC98CYvpIjF7A/yWG1BWLYA/k2xF1EqOkYXvrYmEWadVn/T5DYOj4X62mE/D
7xusI1Vc9jc=
=eG7S
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:2714-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2714
Issue date: 2021-07-20
CVE Names: CVE-2021-32399 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: race condition for removal of the HCI controller (CVE-2021-32399)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* pinctrl_emmitsburg: improper configuration (BZ#1963984)
* [Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath
(BZ#1964419)
* RHEL8.4 - [P10] [NPIV Multi queue Test kernel-
4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on
Denali (ibmvfc/dlpar/RHEL8.4) (BZ#1964697)
* Every server is displaying the same power levels for all of our i40e 25G
interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0
(BZ#1967099)
* backport fixes for Connection Tracking offload (BZ#1968679)
* fm10k: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969910)
* ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969911)
* ena: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969913)
* b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper
for y-stream release (BZ#1969914)
* e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream
release (BZ#1969915)
* ice: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969917)
* igb: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969919)
* igbvf: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969920)
* igc: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969921)
* ixgbe: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969922)
* i40e: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969923)
* iavf: removal of MODULE_VERSION deemed improper for y-stream release
(BZ#1969925)
* Backport netlink extack tracepoint (BZ#1972938)
* [RHEL8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
1970807 - CVE-2021-32399 kernel: race condition for removal of the HCI controller
6. Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
kernel-4.18.0-305.10.2.el8_4.src.rpm
aarch64:
bpftool-4.18.0-305.10.2.el8_4.aarch64.rpm
bpftool-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-core-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-cross-headers-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-core-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-devel-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-modules-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-devel-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-headers-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-modules-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-modules-extra-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-tools-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-tools-libs-4.18.0-305.10.2.el8_4.aarch64.rpm
perf-4.18.0-305.10.2.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
python3-perf-4.18.0-305.10.2.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
noarch:
kernel-abi-stablelists-4.18.0-305.10.2.el8_4.noarch.rpm
kernel-doc-4.18.0-305.10.2.el8_4.noarch.rpm
ppc64le:
bpftool-4.18.0-305.10.2.el8_4.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-core-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-cross-headers-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-core-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-devel-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-modules-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-devel-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-headers-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-modules-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-modules-extra-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-tools-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-tools-libs-4.18.0-305.10.2.el8_4.ppc64le.rpm
perf-4.18.0-305.10.2.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
python3-perf-4.18.0-305.10.2.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
s390x:
bpftool-4.18.0-305.10.2.el8_4.s390x.rpm
bpftool-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-core-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-cross-headers-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debug-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debug-core-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debug-devel-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debug-modules-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-devel-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-headers-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-modules-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-modules-extra-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-tools-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-zfcpdump-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.10.2.el8_4.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.10.2.el8_4.s390x.rpm
perf-4.18.0-305.10.2.el8_4.s390x.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
python3-perf-4.18.0-305.10.2.el8_4.s390x.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm
x86_64:
bpftool-4.18.0-305.10.2.el8_4.x86_64.rpm
bpftool-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-core-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-headers-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.10.2.el8_4.x86_64.rpm
perf-4.18.0-305.10.2.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
python3-perf-4.18.0-305.10.2.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64:
bpftool-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.10.2.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm
ppc64le:
bpftool-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.10.2.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm
x86_64:
bpftool-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.10.2.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-32399
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPdP09zjgjWX9erEAQjmYA/+KxY39SEeJUTxuOoY1S6FqIoHYelXzp+m
G1g/9kNN4XPx85abIMeCaQLRkM9KjVMeZbzqyw47jsnSMU5oKgsz1bD7LQb2wXNf
odUeNZURxdn27XPprRJkTuoFQ0p0tNIU+ZQ5bRFblNAvTp0dNQvhbVn+695Rw1CY
LcELcvrDsrP6vIOezMgZKy0khXcY3GUK+ZzgCuVAJ6m3jBHy6frv8fyOGdGW9I2A
aEQCp0BEQSsQULQ/wk4TUKaslrDWGh7RUq7z0NNeAJcRnJ1NJrUhGCpBJgiBAbjW
7+6ZtV2bMhxZ7ifVlRQ4k1cAVI3lEYE3lPqHI04q/qfNexszZeUdVKSFfnrOqfNd
vzg/Vg5GxUwTndbJqUGVtuN+Vu0LEakFXHzsjRRyfcwO+zF7xzZINzl4bsHuUFTP
lV+/b82xZ2H9k5cdJGNLOJVSqCVVZIlZySOWv3pP5AjChH+4QFp3hUcHZ6MFXeXK
sy/0y/B30ehGFI1a4lB/ENiaUHHNQdqJAtxPF9zz8+532mTXW+9BoGL00W8xTBBd
HklQgYISWUhtk/HIrx0VkI4lxP9UOPR8n4Tp5/ldS50dqLXQA/aNvpI6C6YMq+Cd
VmZEVHhBcycqfP0uJJ7P0FvQzwbXkzBZH/AQ5aEhcKSOWeq4VKzi2vRdraHbfo5M
i2QiXpLb7Ko=
=cADq
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kpatch-patch security update
Advisory ID: RHSA-2021:2727-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2727
Issue date: 2021-07-20
CVE Names: CVE-2021-33034 CVE-2021-33909
=====================================================================
1. Summary:
An update is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64
3. Description:
This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Server (v. 7):
Source:
kpatch-patch-3_10_0-1160-1-7.el7.src.rpm
kpatch-patch-3_10_0-1160_11_1-1-6.el7.src.rpm
kpatch-patch-3_10_0-1160_15_2-1-6.el7.src.rpm
kpatch-patch-3_10_0-1160_21_1-1-4.el7.src.rpm
kpatch-patch-3_10_0-1160_24_1-1-2.el7.src.rpm
kpatch-patch-3_10_0-1160_25_1-1-2.el7.src.rpm
kpatch-patch-3_10_0-1160_2_1-1-7.el7.src.rpm
kpatch-patch-3_10_0-1160_2_2-1-7.el7.src.rpm
kpatch-patch-3_10_0-1160_31_1-1-1.el7.src.rpm
kpatch-patch-3_10_0-1160_6_1-1-7.el7.src.rpm
ppc64le:
kpatch-patch-3_10_0-1160-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160-debuginfo-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_11_1-1-6.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_11_1-debuginfo-1-6.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_15_2-1-6.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_15_2-debuginfo-1-6.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_21_1-1-4.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_21_1-debuginfo-1-4.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_24_1-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_24_1-debuginfo-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_25_1-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_25_1-debuginfo-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_2_1-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_2_1-debuginfo-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_2_2-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_2_2-debuginfo-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_31_1-1-1.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_31_1-debuginfo-1-1.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_6_1-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_6_1-debuginfo-1-7.el7.ppc64le.rpm
x86_64:
kpatch-patch-3_10_0-1160-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160-debuginfo-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_11_1-1-6.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_11_1-debuginfo-1-6.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_15_2-1-6.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_15_2-debuginfo-1-6.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_21_1-1-4.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_21_1-debuginfo-1-4.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_24_1-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_24_1-debuginfo-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_25_1-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_25_1-debuginfo-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_2_1-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_2_1-debuginfo-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_2_2-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_2_2-debuginfo-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_31_1-1-1.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_31_1-debuginfo-1-1.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_6_1-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_6_1-debuginfo-1-7.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPdRtNzjgjWX9erEAQgitA/+Ji7rXfZaofQn63MZhvLoKL82sSM4H3Fw
PvIgCxOc3N3FDdVjkppWJKgNhUYenN6qE+zBWiJBk3wojFf+1X9Jqp6eWqSwM8sD
yz4IRnGT9tctlr39wURZRX/HfuJtTQwRTkOiSVXNUVlw6xe7J2FvwH/1oxhOYjqu
InP74qvTx6YM4061Nw8EgKKUnmNlVKopKWVS0S8XdCboFsVfqVic4QrEjiacWhkd
0EedSAKnY+GBw2KvScgKnjIO00mgcZLDrfwYUyg0TY5FglXi9GwcF8NGx+Q/E7iy
J5/r+/TtG2GzhhA61fJOip5l4ffJ6NlxXMfv3IxI+HllH47E3PgLic6tVqZ+vB7Y
mDQKgB++O6vbo9tk1v9V7W8+geC7JqHdwHXTkLprSPEOjvBNUIYpT+HGytpWWr2l
IoQcahDZDzp1cFzPFi9rFlsllyBMo9rcaI4CuyWJTZm3fB3c/QlrbZd5PdoOUoMp
Qllk/Td0EANyVvy2gIQn+K3z9UrY+p15ivy12HXt98EMlejYr2X+bT+m1LGFAwRb
CV0Xn2vY2LVOQ3dpXNR+YPASliTJxYTps66hurjKaLnpxJrA4Bw4YKoT1bmenA+h
ZSpILQTFt+RD3gUn1pcsUGLNbc2/QEDO2lREGzHg8dIqmIbIKp40lLwtJcf5qfaF
BahzWWxvD08=
=L259
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:2730-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2730
Issue date: 2021-07-20
CVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.6
Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update
Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP
Solutions.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64
Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64
Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64
Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: Use after free via PI futex state (CVE-2021-3347)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap
[7.9.z] (BZ#1975159)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1922249 - CVE-2021-3347 kernel: Use after free via PI futex state
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 7.6):
Source:
kernel-3.10.0-957.78.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm
kernel-doc-3.10.0-957.78.2.el7.noarch.rpm
x86_64:
bpftool-3.10.0-957.78.2.el7.x86_64.rpm
kernel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm
kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm
perf-3.10.0-957.78.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.6):
Source:
kernel-3.10.0-957.78.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm
kernel-doc-3.10.0-957.78.2.el7.noarch.rpm
ppc64le:
kernel-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debug-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-devel-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-headers-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-tools-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-957.78.2.el7.ppc64le.rpm
perf-3.10.0-957.78.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
python-perf-3.10.0-957.78.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
x86_64:
kernel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm
kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm
perf-3.10.0-957.78.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.6):
Source:
kernel-3.10.0-957.78.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm
kernel-doc-3.10.0-957.78.2.el7.noarch.rpm
x86_64:
bpftool-3.10.0-957.78.2.el7.x86_64.rpm
kernel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm
kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm
kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm
perf-3.10.0-957.78.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.6):
x86_64:
kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.6):
ppc64le:
kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-957.78.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm
x86_64:
kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.6):
x86_64:
kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-3347
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPc/p9zjgjWX9erEAQiGYQ/6Apfv6Vn+s1cJsOrv5bpIB+TZWR8Dw4w6
7q5tqmrA0W38qvq7EWqVwAZMtmF2YXIcuP8i8zELAPG/Y1oMax3Piy5nxc4OR55i
8H9pc0lGZn9UJtryWMPaJRqvWGF1WhE/vGPUkHhI3CmoSVDN3B3OqfC04oeVa/Gt
f9wikugrLvXoD+YsJk1LAn0tJ+xGrcbMRvwxvvtvwRsje2cGPU6OAEWQr1ZKyNZc
Fwi6jLUve8d3wxE6+C6IocTYMcZcw2e2U4KOwE/ONXjjNgbwV+deQU16HJk4BjcA
rDqtVUWzNGXzONh6Ua4yEisVe8LdhPNoZaciNx56lKpOs8Vbv58w29edfR1zf0fW
c1gH+0S19jDSwsESNSKJth5A/GY0zxsUeh5qDjoFUF1AH6IuZNmPb3VGcl5klKuo
outLUo2jeIRiBiZaNSVe32nbWCEkAoFF5WrvfHYmi+i9U45gLvUG2N58ZtOQiQkb
potW9xF7f15Mm1Xm9TOIaNy+ykh7TJRxKnQSaAk/jnzTLp3XeVNmPTztx7zA4Z50
bgM/MQWB9j7NMjwEopdbS4lxJsvaXerwXPT+1WDAzBZ5clOKyB5hTxTTBOrsErzs
O+wKRVu9eU4FMR6ULeL+pLCZPm0eVlu9jBuySEUI05/FkAVu/YUDrgXvMiy6XknI
ziN+XVubHjk=
=1ifB
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2021:2722-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2722
Issue date: 2021-07-20
CVE Names: CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.1
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder EUS (v. 8.1) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux BaseOS EUS (v. 8.1):
Source:
kernel-4.18.0-147.51.2.el8_1.src.rpm
aarch64:
bpftool-4.18.0-147.51.2.el8_1.aarch64.rpm
bpftool-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-core-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-cross-headers-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-core-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-devel-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-modules-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-devel-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-headers-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-modules-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-modules-extra-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-tools-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-tools-libs-4.18.0-147.51.2.el8_1.aarch64.rpm
perf-4.18.0-147.51.2.el8_1.aarch64.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
python3-perf-4.18.0-147.51.2.el8_1.aarch64.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
noarch:
kernel-abi-whitelists-4.18.0-147.51.2.el8_1.noarch.rpm
kernel-doc-4.18.0-147.51.2.el8_1.noarch.rpm
ppc64le:
bpftool-4.18.0-147.51.2.el8_1.ppc64le.rpm
bpftool-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-core-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-cross-headers-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-core-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-devel-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-modules-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-devel-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-headers-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-modules-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-modules-extra-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-tools-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-tools-libs-4.18.0-147.51.2.el8_1.ppc64le.rpm
perf-4.18.0-147.51.2.el8_1.ppc64le.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
python3-perf-4.18.0-147.51.2.el8_1.ppc64le.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
s390x:
bpftool-4.18.0-147.51.2.el8_1.s390x.rpm
bpftool-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-core-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-cross-headers-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debug-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debug-core-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debug-devel-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debug-modules-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-devel-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-headers-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-modules-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-modules-extra-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-tools-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-zfcpdump-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-zfcpdump-core-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-zfcpdump-devel-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-zfcpdump-modules-4.18.0-147.51.2.el8_1.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-147.51.2.el8_1.s390x.rpm
perf-4.18.0-147.51.2.el8_1.s390x.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
python3-perf-4.18.0-147.51.2.el8_1.s390x.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm
x86_64:
bpftool-4.18.0-147.51.2.el8_1.x86_64.rpm
bpftool-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-core-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-cross-headers-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-core-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-devel-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-modules-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-devel-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-headers-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-modules-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-modules-extra-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-tools-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-tools-libs-4.18.0-147.51.2.el8_1.x86_64.rpm
perf-4.18.0-147.51.2.el8_1.x86_64.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
python3-perf-4.18.0-147.51.2.el8_1.x86_64.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.1):
aarch64:
bpftool-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
kernel-tools-libs-devel-4.18.0-147.51.2.el8_1.aarch64.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm
ppc64le:
bpftool-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-147.51.2.el8_1.ppc64le.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm
x86_64:
bpftool-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
kernel-tools-libs-devel-4.18.0-147.51.2.el8_1.x86_64.rpm
perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
python3-perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPc+e9zjgjWX9erEAQicbw/9HNcm1GQvXQtvN22ZUZGZ1Dl/SB+L+gvL
sAwOoHM3FgHbykPi726tBmHC3+Y9rdRHivMob1GuGVd6mVqGVB7B5wxpeMpj9CVH
xHNYDtVSWQJsHFrE4ATvDlbQUoIhVGF65y9ZUgyt6ey+gZuqHBFh8IPe2aXq3IRm
81/h5/QMYvJ1+6Uqg6SIKZAWTrWpK2GjVr5TCq/gCH88z2dO5XEangBdHaqgts9O
IH6ma8mOcqMtF8uTWkE3kSK28T47UWO+fW0YnV968a69bjq6ZmD2CFYxxxPCAnWF
AjE+DELsrNmCXtICiqjx1nf9WNUyZf3Xk2ggnK/GbJ3LKauvgC/6gMRmZ9yHxTDI
zYr+FSAitoKe3JI1Dbe1TfZIFifKUnLbHzNahKbhvjOvsmkJGaLElnURl5JxORwK
uOVBi8rkI0h57Ra2ZA0H/NOtPa9jlkC6hiUHfr0Qu7AqPkqj6LrDUcVVKj69kmnh
ynC75c6WAGWwAUBt+7UrPQoh41USxy92yq0J8eF5UPuU4mMrGXoq8NUB8A1gDfvD
PMBFt9ppAd4CNwdl/CEK6V3lmL26R3obJgELpyEh656E6Cc62zPslVfwIFboIEla
ZM+7aQDjnmtt1gOnww3HXBmQ5+EIMhsa7VSVbAPUTvFowi5n+fKHTO1bFqKX1SgS
iOBYxGCLDak=
=GULM
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2021:2732-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2732
Issue date: 2021-07-20
CVE Names: CVE-2020-28374 CVE-2021-3347 CVE-2021-33034
CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4
Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update
Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP
Solutions.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64
Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64
Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64
Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: SCSI target (LIO) write to any block on ILO backstore
(CVE-2020-28374)
* kernel: Use after free via PI futex state (CVE-2021-3347)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore
1922249 - CVE-2021-3347 kernel: Use after free via PI futex state
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source:
kernel-3.10.0-693.90.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.90.2.el7.noarch.rpm
kernel-doc-3.10.0-693.90.2.el7.noarch.rpm
x86_64:
kernel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm
kernel-devel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-headers-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.90.2.el7.x86_64.rpm
perf-3.10.0-693.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source:
kernel-3.10.0-693.90.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.90.2.el7.noarch.rpm
kernel-doc-3.10.0-693.90.2.el7.noarch.rpm
ppc64le:
kernel-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debug-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-devel-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-headers-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-tools-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-693.90.2.el7.ppc64le.rpm
perf-3.10.0-693.90.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
python-perf-3.10.0-693.90.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
x86_64:
kernel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm
kernel-devel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-headers-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.90.2.el7.x86_64.rpm
perf-3.10.0-693.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source:
kernel-3.10.0-693.90.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-693.90.2.el7.noarch.rpm
kernel-doc-3.10.0-693.90.2.el7.noarch.rpm
x86_64:
kernel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm
kernel-devel-3.10.0-693.90.2.el7.x86_64.rpm
kernel-headers-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.90.2.el7.x86_64.rpm
perf-3.10.0-693.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64:
kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le:
kernel-debug-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-693.90.2.el7.ppc64le.rpm
perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm
x86_64:
kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64:
kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-28374
https://access.redhat.com/security/cve/CVE-2021-3347
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPc9TtzjgjWX9erEAQj74Q/+MYfqRjICnJdQu26bEvEI/DN5Jt6YNmyM
8nVqaOD0vMaTmdK45RrH7PtEO/S/pm8/jnsDVrGwzSlyTnd6u/MHWOTlqvZvccn0
RBZ2CT2hMAtFjVZxnbKEXoaQW1eM0LFjjyTFTCcp32LydxcZMpXxmn162mCjhVje
CtdLcO83TKFwQSE2n4h/DXS1Q11IOayaorc7W6y9V/d9ICEYl0L8hG46Zhui7T18
ylFKrvEwaPO1ZXDJajXlQRGoRgAbtUh1JD40u+R7XGM8dew+dk9hjV8FfdbKY1qv
+SUBWlvPUahF3ZHsGFSIUO8442tijsUT3q4WY5xDkWDX4e1iQkLV0xPP2909xA5A
noKv+jYhhkOnc7IrTUZDUhnu7qVl5oFhsXqmnHrhSb8/ntDfqwbKIknRmw4NEnIT
hrvrSH3jR+gxlPGm7G4pnSujZ3H6pA14z7y6Dwv6BJg4IKkOvTO7SmmYZng9Jm5s
efyzvRO3dBaoeFTcIaswmrxgWiCjs5lmj4SWl005uwuMSaeVvYG3EP1/mgDDgh0S
PcnBoQqLot7C8U7QJquxUQ/PrxoAOcRcFCxbGG3MaAKq0xda1Rh/cAQhMsgBgQSq
uBs6cFVvoQ5ObbGuiHGME39S2Va3T3c6Z3zz6QlBFPkaoxQHDrg5R3eJ8FMuW42m
eDqZcy0vJHI=
=DoiN
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel-rt security and bug fix update
Advisory ID: RHSA-2021:2715-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2715
Issue date: 2021-07-20
CVE Names: CVE-2021-32399 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Real Time (v. 8) - x86_64
Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64
3. Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: race condition for removal of the HCI controller (CVE-2021-32399)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* kernel-rt: update RT source tree to the RHEL-8.4.z2 source tree
(BZ#1975405)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
1970807 - CVE-2021-32399 kernel: race condition for removal of the HCI controller
6. Package List:
Red Hat Enterprise Linux Real Time for NFV (v. 8):
Source:
kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.src.rpm
x86_64:
kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-kvm-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
Red Hat Enterprise Linux Real Time (v. 8):
Source:
kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.src.rpm
x86_64:
kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-32399
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPc4adzjgjWX9erEAQgRwA/+LutSbLPn+s/M6E8ELdreACeopQbG6S1s
YXZpHy+48TnC1vD5hEsI4fufZMga3/rwgkdQwhlI51ah4wUioB203jTtjLe/uxo8
ReVlvYpFC4V5tIASy9ELX8AXCYEqNIRvKlWNQOiB/b3E52qGxJKXA45r/XVT/x6O
z/zZ8bnpVgWeI0alTr/MYUJeha54F6VAsCRJwVxfSSTUePJKjMtpjkrUHuoXk5Fj
V9Ml9fHXp42pIhYhGzPfM/GCdfyigmXNqUImzNXqd1inpMAQTFIDjLrVEp1h24Fo
SKSkvieJrmXhlJuYJ7AY2qQJOPg3nO/xH66WszglOt3K3oLzxzQYRftRfw7E0fRJ
+FP+er1bAqP2cjtxBExCe1ust7SStlZEuYmakWZKk0q9s7PKsXXZ1IihZXhNmqqj
o00Zu8fQrXI5M4MloaW/Ibf4og8Nt7hKRkH40pY+D1nKPTiqSywgGhKOr8DwIMGg
GU18ytPWnGmd4UPZ66fdjV35njdugmU1VaglRj5j796E6UzVenYJ8T3CIFadfqfV
pU39VBDIPSJbX8GHulVALQOqSmj5xDC9L+eWUWQY/fdpMcCm3Ka08HIAZLiPBIFO
V5/18rxnBEraEclPCDsHtRTFjDdqcV32H900+lB170aYRe/XJf7V97dZCCqkHa15
rz64oObnlFI=
=7Aqp
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2021:2735-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2735
Issue date: 2021-07-20
CVE Names: CVE-2020-12362 CVE-2021-3347 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 6
Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server (v. 6 ELS) - i386, noarch, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
* kernel: Use after free via PI futex state (CVE-2021-3347)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1922249 - CVE-2021-3347 kernel: Use after free via PI futex state
1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Server (v. 6 ELS):
Source:
kernel-2.6.32-754.41.2.el6.src.rpm
i386:
kernel-2.6.32-754.41.2.el6.i686.rpm
kernel-debug-2.6.32-754.41.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm
kernel-debug-devel-2.6.32-754.41.2.el6.i686.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm
kernel-devel-2.6.32-754.41.2.el6.i686.rpm
kernel-headers-2.6.32-754.41.2.el6.i686.rpm
perf-2.6.32-754.41.2.el6.i686.rpm
perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-754.41.2.el6.noarch.rpm
kernel-doc-2.6.32-754.41.2.el6.noarch.rpm
kernel-firmware-2.6.32-754.41.2.el6.noarch.rpm
s390x:
kernel-2.6.32-754.41.2.el6.s390x.rpm
kernel-debug-2.6.32-754.41.2.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
kernel-debug-devel-2.6.32-754.41.2.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.41.2.el6.s390x.rpm
kernel-devel-2.6.32-754.41.2.el6.s390x.rpm
kernel-headers-2.6.32-754.41.2.el6.s390x.rpm
kernel-kdump-2.6.32-754.41.2.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
kernel-kdump-devel-2.6.32-754.41.2.el6.s390x.rpm
perf-2.6.32-754.41.2.el6.s390x.rpm
perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
x86_64:
kernel-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debug-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.41.2.el6.i686.rpm
kernel-debug-devel-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.41.2.el6.x86_64.rpm
kernel-devel-2.6.32-754.41.2.el6.x86_64.rpm
kernel-headers-2.6.32-754.41.2.el6.x86_64.rpm
perf-2.6.32-754.41.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm
perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6 ELS):
i386:
kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm
perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm
python-perf-2.6.32-754.41.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm
s390x:
kernel-debug-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-754.41.2.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
python-perf-2.6.32-754.41.2.el6.s390x.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-754.41.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
python-perf-2.6.32-754.41.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-12362
https://access.redhat.com/security/cve/CVE-2021-3347
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPc4YtzjgjWX9erEAQgIaA//UYu+fLneuZ2zgqYYAam/u9hDvf3bHK+6
gXrL3MWGN58w+npoNVJZAJ25ooUhUbvIE+YjHeU/wJIts7ctHmRLkRudgulnM8dv
G6xTdD1UB5Qywd83jOTGO8wFx0q1QpRABVFfjiIrDoa4O9dwacYVTKWkxHBQO4Z2
IKXLje41BXYI3WDHU81EgwdiDlTDPOwDh/JQMOSmHap9fz++WgsJjvdvqyYIS6tT
OkUBydCD5S+ZZ5p0YDXQK5Z/sgnFne/0bsJqAwpMtImkM1M8r1b7/Ryldy/gR/rb
Er40G1kRYr7zo7MT+oF3Sn0rNaGuPbMGyJx/hREm/E9tJrH0CHoSmIKEWfx1u+Lu
xtyjVTAqGsAEBzng+WFNozeKNr6t9fFmhxXXqnOj79zzjakRbcKCmTtGsDCoc0U5
gZZA8T7IEYiKzncDzSVEQvSvsw/pjTB5apUDj3vn7u/k8lFm57QDg8Bk+3Br7uWK
1KKrscvMWmvTXZqKRx5Dfp85cNIfZ3gt5pPedLW4UCGEktbIsnMKiCSDLVl+q6Pi
F4FlPrVCYZmj/3zK8EfAnJxueI4WwNFmNiLyxi1wP7JQNvIFhQoD5gKezF8OfoEc
4U1migkGTZOtlrQvhC0vSjnCIyg00zzJJGruldkXR3GjLxJjIzWdIPBd+OIp5uGa
/bKTbrpVGhQ=
=vVgJ
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update
Advisory ID: RHSA-2021:2733-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2733
Issue date: 2021-07-20
CVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.3
Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.3) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: Use after free via PI futex state (CVE-2021-3347)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1922249 - CVE-2021-3347 kernel: Use after free via PI futex state
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 7.3):
Source:
kernel-3.10.0-514.90.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-514.90.2.el7.noarch.rpm
kernel-doc-3.10.0-514.90.2.el7.noarch.rpm
x86_64:
kernel-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debug-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-514.90.2.el7.x86_64.rpm
kernel-devel-3.10.0-514.90.2.el7.x86_64.rpm
kernel-headers-3.10.0-514.90.2.el7.x86_64.rpm
kernel-tools-3.10.0-514.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-514.90.2.el7.x86_64.rpm
perf-3.10.0-514.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
python-perf-3.10.0-514.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.3):
x86_64:
kernel-debug-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-514.90.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-514.90.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-3347
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPcwatzjgjWX9erEAQjWzhAAijHT7e7zGbcretwX4KN+oRxirv/jvO4b
sn+5iq+x+tEZpHScK7N8J+1hdbiHC8mWf0uhk4YdK8Z/a4MoZzV2FW0XVEXlDard
L1ZACwjSOOmDZgFBzd3ZTFbam1QaDb52I62BuvA41IIEBGRgGHgzSC8WK8pZcmnf
7cn5REiworfM5oojqKX6VjTaThvwlYnqHHlAHPnx35E2I4OCBUrR11l2yhrThTGd
ZhRSlexm0UpqRxp93MdEgAR8Eedi8WMuTC4zkvd347SyyvXufxUk9lKVhIL1AGwl
mqFqzbalHhIG6cewVq6HK/mD/M+Fz31cj8aPFpSJspu9Ida5qO+94PH5lFWTWkTS
HjjgMxZK243DZ1golWwkVldRcXDZOGDqUfIWZMomA4Gz2owdVIEmJAsXcVSgZGgV
i3Ji5InbmFQ5Y4OzgKejC+S3hAdptXaQ3ey6jwAWkBjqfiNZTR3Fwy/m1X6VddJ8
TQHbwol+bkAFOm/ZvTzqphC/EqaOlza/zjDweZBNMVTB1WOX22QtMwORLqpdvYwb
uvNPhadHXj5ugBdcGKEKLtPf2ZmrjDlvOHoMRcBnVQG0EmyyYD4IFVhYEtfOED/I
PSu5aMVKJDl/2u9PsbhdgRnODBRZkC+Ys7utna8CulWBFbojolWJhopJ2H44YZ34
GB1/8qmQsBo=
=sfft
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2021:2734-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2734
Issue date: 2021-07-20
CVE Names: CVE-2021-33034 CVE-2021-33909
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.2
Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: size_t-to-int conversion vulnerability in the filesystem layer
(CVE-2021-33909)
* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an
hci_chan (CVE-2021-33034)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* xfs umount hangs in xfs_wait_buftarg() due to negative bt_io_count
(BZ#1949916)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer
6. Package List:
Red Hat Enterprise Linux Server AUS (v. 7.2):
Source:
kernel-3.10.0-327.98.2.el7.src.rpm
noarch:
kernel-abi-whitelists-3.10.0-327.98.2.el7.noarch.rpm
kernel-doc-3.10.0-327.98.2.el7.noarch.rpm
x86_64:
kernel-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debug-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.98.2.el7.x86_64.rpm
kernel-devel-3.10.0-327.98.2.el7.x86_64.rpm
kernel-headers-3.10.0-327.98.2.el7.x86_64.rpm
kernel-tools-3.10.0-327.98.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-327.98.2.el7.x86_64.rpm
perf-3.10.0-327.98.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
python-perf-3.10.0-327.98.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.2):
x86_64:
kernel-debug-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-327.98.2.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-327.98.2.el7.x86_64.rpm
perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2021-33034
https://access.redhat.com/security/cve/CVE-2021-33909
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2021-006
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYPcsbtzjgjWX9erEAQgpThAAkywxsthX4/MyOZzOd+dS2mKMUSYFUPwZ
TIw3n8CzqqHqeO38+DwYoCX5rgo19DjcDy+RTDdUlrItvJS8ghktBEasisXYynzF
8v2Q9f4mSEcUwK/faOtwIOun/K/k0El1iamdml/pqT9b7xJrmQkHUfczNt9jJK/W
GAC7lyFOkHkuVtV1Xv6NIiBA4u4YlWx6d2qLp/v7I/ro+AQ18w3u+LmoHUcnHabJ
DZqeWBCgsHh9YVSGXgKOlM6aiPyyKHtCgHxWYb4ocwWRRY1NTlttRwtfKxxS5Dhu
hl3zhZHMSGB02JrUQfrKTz6vX5gGIa4gSwLLoqlA3p+4EeW96wlBKNBVHPVzU6a2
nvfavp0MXByt+/9SsSZRoi/d6BZUG04EyM6ENVTucSstX8PtXWLdbCVy0qOlgiWj
y4v02s5ePssN79pEpHgRDyYGeVhCJqKbhJtITxYQQRIfIVtNWhXsKmSuD5+vIlT2
q+13nyDv5Ito/mPr+KgLwOfI8d1kbiegRI5VSASUUorBB4y67yVsKOi79xTi0B0w
cdSrngBn//RL0apyb/fnmX4cTAq1i5ltV7asVv9T3qQMW1AjbEmCe31dbj4O3h3F
KrSuAwHa3/7rkCA17erzk86QnoO8xgqgYPwjrQHeIIoBnVJW4UZ6zrGe1rEw8jGO
MAT+j1/ExhI=
=Piu5
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYPdgJeNLKJtyKPYoAQg/XBAAhHPZlMgCPJhMXRe8nuCMbAvMtNNWQnl4
T5ECf2az1szR/wtB1U+pgySDcaarCgxV87X+e75uNWBdoYfyDrwg26Yzq9BjQc/i
7h3+iuEk3c2U3Ly2CQ6nKz/t63zpS5yWL7X2Q53cIz/eH5JS0KYKRZm0j+neHxzn
dGVs+bflInCjdRjLCIBs5qlJeRKZaPXB07x19rc4pIRiRKhLqxH5DDX3+Hc16utm
doX6HJJ9Bk3xyZUifAjvvVISbMwvoVXCTg6XSI3NAYGMwH/4M59Fj/yFmi2RrE+Y
c4hQO/nA2sYDsqeSn62zPdjpLnVhZxfZUXmgKWJLYaPWLEMrC/S4q0lafXTeUdqA
tPQp0aYTbE/PKFptvZ7Z5NTOcnjFi/xOkD8W56x++tgu1JmwiwU32jlBbQysYo6d
CM9mFv9x+9a5ygig36DdktnPIdbz05XJ3Ao4X5ow2fWz1ux7AFhMovEbwxxI1TSK
vlnO3UzSIZWMkbc4DqV9hsSC+v6/DBdSmlMzidHK7jT1LVEyxq1pcw0etdiyHVqX
GpKzKiYEukqZ+wG2U3u0apZMUnqFr6Bb1qm/arGMnTGpSSlPJYFpSRjRwCFByEUJ
Vn1+DifyJ2CFq5YHEYF8hndnuJn5wzaaWewYmt3rw4uTnIb2Se6zcc0BBdG7OLK6
LB4GvJfTh0M=
=0DOV
-----END PGP SIGNATURE-----