Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2439 kernel, kernel-rt and kpatch-patch security updates 21 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel kernel-rt kpatch-patch Publisher: Red Hat Operating System: Red Hat Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Increased Privileges -- Existing Account Overwrite Arbitrary Files -- Existing Account Denial of Service -- Existing Account Access Confidential Data -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-33909 CVE-2021-33034 CVE-2021-32399 CVE-2021-3347 CVE-2020-35508 CVE-2020-28374 CVE-2020-26541 CVE-2020-25704 CVE-2020-12362 Reference: ESB-2021.2322 ESB-2021.2272 ESB-2021.1152 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:2719 https://access.redhat.com/errata/RHSA-2021:2718 https://access.redhat.com/errata/RHSA-2021:2723 https://access.redhat.com/errata/RHSA-2021:2714 https://access.redhat.com/errata/RHSA-2021:2727 https://access.redhat.com/errata/RHSA-2021:2730 https://access.redhat.com/errata/RHSA-2021:2722 https://access.redhat.com/errata/RHSA-2021:2732 https://access.redhat.com/errata/RHSA-2021:2715 https://access.redhat.com/errata/RHSA-2021:2735 https://access.redhat.com/errata/RHSA-2021:2733 https://access.redhat.com/errata/RHSA-2021:2734 Comment: This bulletin contains twelve (12) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2021:2719-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2719 Issue date: 2021-07-20 CVE Names: CVE-2020-25704 CVE-2020-26541 CVE-2020-35508 CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Real Time EUS (v. 8.2) - x86_64 Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) * kernel: perf_event_parse_addr_filter memory (CVE-2020-25704) * kernel: security bypass in certs/blacklist.c and certs/system_keyring.c (CVE-2020-26541) * kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting - - ->real_parent (CVE-2020-35508) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest RHEL-8.2.z10 Batch source tree (BZ#1968022) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1886285 - CVE-2020-26541 kernel: security bypass in certs/blacklist.c and certs/system_keyring.c 1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory 1902724 - CVE-2020-35508 kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1968022 - kernel-rt: update RT source tree to the latest RHEL-8.2.z10 Batch source tree 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2): Source: kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.src.rpm x86_64: kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-kvm-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-kvm-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm Red Hat Enterprise Linux Real Time EUS (v. 8.2): Source: kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.src.rpm x86_64: kernel-rt-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-core-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debuginfo-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-devel-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-modules-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm kernel-rt-modules-extra-4.18.0-193.60.2.rt13.112.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-26541 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPdAHtzjgjWX9erEAQg96g/9Gt2fTKzt3bA7YBEe9+Zuf7YMKBhLcyXg 46/wxTGGQ+ilbzEoqtYe+iu9Znk5gMOmV2HJ/jiYuq8L0oVEnPjsHLtXiyP9Oyi4 UULHAZRs2dj6Yjm02mef7xulZwhgcdVA7LeO2Ni8F+V/p2zHrhmS3NXto7GWQ81C n71gEFqc8PNSUGEE29TvDsSAvlyJDPfbS3sBQm1er5OoEZ5/3lHKugSqbqIbtgai cnbBm++5NWm+OMJ5ChZrWxPKOxpbiKMZI6EtRzzuQ2amPkjisdend9XTzs21R3l/ AKPqVNU4ZH5BPglp8o/kVIX89xxoJkom7x+/i1nllt1lrhX37z2aVz1SJgFxGJd5 N+QREJmMOXKXDKz0AYn0ik44/OD9j34gp3bbLRjQdUMamZgH5IxcNCzDF2QtJV+c C0/v+hHvOTrQslZShSD2T+sDZ7LZIxL1H9XeggrSCQtnySTpZIuhAPARivmqSwEy oW5VEViILbBeQCwc+8xGIdev09QAAurJU4DuRhn2RMQe2FxWKsS52xzGyHs3xu1N ZPDfxPzMfImDdyFfByA29fkPP55WMgW2JXIirDFSj4xbE86u6LvZHWOO52J4kiji twlJWn2Zxg/nJrApmnJl1WXcYD0SD6iu7Yr+O7hwASyc6EaMWZUwJnhd+EfQN0be ej3p59ymr7k= =KFQU - -----END PGP SIGNATURE----- - --------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2718-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2718 Issue date: 2021-07-20 CVE Names: CVE-2020-25704 CVE-2020-26541 CVE-2020-35508 CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) * kernel: perf_event_parse_addr_filter memory (CVE-2020-25704) * kernel: security bypass in certs/blacklist.c and certs/system_keyring.c (CVE-2020-26541) * kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting - - ->real_parent (CVE-2020-35508) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RHEL8.2 Snapshot2 - tpm: ibmvtpm: Wait for buffer to be set before proceeding (BZ#1933986) * fnic crash from invalid request pointer (BZ#1961707) * [Azure][RHEL8.4] Two Patches Needed To Enable Azure Host Time-syncing in VMs (BZ#1963051) * RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. (BZ#1969338) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1886285 - CVE-2020-26541 kernel: security bypass in certs/blacklist.c and certs/system_keyring.c 1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory 1902724 - CVE-2020-35508 kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.2): Source: kernel-4.18.0-193.60.2.el8_2.src.rpm aarch64: bpftool-4.18.0-193.60.2.el8_2.aarch64.rpm bpftool-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-core-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-cross-headers-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-core-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-devel-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-modules-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-devel-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-headers-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-modules-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-modules-extra-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-tools-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-tools-libs-4.18.0-193.60.2.el8_2.aarch64.rpm perf-4.18.0-193.60.2.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm python3-perf-4.18.0-193.60.2.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.60.2.el8_2.noarch.rpm kernel-doc-4.18.0-193.60.2.el8_2.noarch.rpm ppc64le: bpftool-4.18.0-193.60.2.el8_2.ppc64le.rpm bpftool-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-core-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-cross-headers-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-core-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-devel-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-modules-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-devel-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-headers-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-modules-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-modules-extra-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-tools-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-tools-libs-4.18.0-193.60.2.el8_2.ppc64le.rpm perf-4.18.0-193.60.2.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm python3-perf-4.18.0-193.60.2.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm s390x: bpftool-4.18.0-193.60.2.el8_2.s390x.rpm bpftool-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm kernel-4.18.0-193.60.2.el8_2.s390x.rpm kernel-core-4.18.0-193.60.2.el8_2.s390x.rpm kernel-cross-headers-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debug-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debug-core-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debug-devel-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debug-modules-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.60.2.el8_2.s390x.rpm kernel-devel-4.18.0-193.60.2.el8_2.s390x.rpm kernel-headers-4.18.0-193.60.2.el8_2.s390x.rpm kernel-modules-4.18.0-193.60.2.el8_2.s390x.rpm kernel-modules-extra-4.18.0-193.60.2.el8_2.s390x.rpm kernel-tools-4.18.0-193.60.2.el8_2.s390x.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm kernel-zfcpdump-4.18.0-193.60.2.el8_2.s390x.rpm kernel-zfcpdump-core-4.18.0-193.60.2.el8_2.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.60.2.el8_2.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.60.2.el8_2.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.60.2.el8_2.s390x.rpm perf-4.18.0-193.60.2.el8_2.s390x.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm python3-perf-4.18.0-193.60.2.el8_2.s390x.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.s390x.rpm x86_64: bpftool-4.18.0-193.60.2.el8_2.x86_64.rpm bpftool-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-core-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-cross-headers-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-core-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-devel-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-modules-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-devel-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-headers-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-modules-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-modules-extra-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-tools-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-tools-libs-4.18.0-193.60.2.el8_2.x86_64.rpm perf-4.18.0-193.60.2.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm python3-perf-4.18.0-193.60.2.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.2): aarch64: bpftool-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm kernel-tools-libs-devel-4.18.0-193.60.2.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm kernel-tools-libs-devel-4.18.0-193.60.2.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm kernel-tools-libs-devel-4.18.0-193.60.2.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.60.2.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-26541 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPdKddzjgjWX9erEAQhLHw/8CtsaptRIaXpqaAqj2dZCzmPJHC8iyNOj 5dmUgyNRCwyoUVIXRtGr4TBR+Bxi0Y37ofV1bAdK7igPDppxmbEANIR4NhOaktf3 w17HflEhh8us5fmTxYNlRa2++UIvuWBGfH4+kfODkSDCBgbb9Q2xIxPRXWQRvLjr ide7SRs9zF31KYoat9kWWDhMSZDitVlU2wvWsx1j40UD6a1sUx9M2Q/cCbcu8NSO 9kyVxyOhDHs72sbOLsbiwfDAYKmUjdkDVBY+5Rl2DbtxIz0jZOWSbHvhsu6ndpN4 iKxbcHVrfpMjQAX4KnDYIKB8PPHXzRcbQLRGSZWpAdGmPc/H+3vGTAXZJSDIi/61 +9OXWRn9PSkAR3WFNOPo1rru5WI7cncykx8jm5sCwzcnBGsgz+E8Exwf+MObnOqx OVMnSwU52kFdyDciwlXobjGtEdEMN/Jf/f+dM1KIJxj8YTgygzJQw/Z3fWeI/gvh fcqSeFjAN3+A+aVXn8NcaBPIEjAqdwEA9kvT8JxGo8co1KzmHxCZVpxnECYSsQuW qttiF50ohXwLbYklFG8Mt0pD04HmnsmLUvFZYK2m9MSfUsz4dFjgDnov8p7btGgu yJ/6Aul7C6TjZZvQG9fz6Id+mh4uPPMvQrVSQLrl68bOWpphyoRqzcTTFNFj1g+w gIkv6r9Alj4= =hVNH - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2021:2723-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2723 Issue date: 2021-07-20 CVE Names: CVE-2021-33909 ===================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.1): Source: kpatch-patch-4_18_0-147_24_2-1-11.el8_1.src.rpm kpatch-patch-4_18_0-147_27_1-1-11.el8_1.src.rpm kpatch-patch-4_18_0-147_32_1-1-9.el8_1.src.rpm kpatch-patch-4_18_0-147_34_1-1-9.el8_1.src.rpm kpatch-patch-4_18_0-147_38_1-1-8.el8_1.src.rpm kpatch-patch-4_18_0-147_43_1-1-6.el8_1.src.rpm kpatch-patch-4_18_0-147_44_1-1-5.el8_1.src.rpm kpatch-patch-4_18_0-147_48_1-1-2.el8_1.src.rpm kpatch-patch-4_18_0-147_51_1-1-1.el8_1.src.rpm ppc64le: kpatch-patch-4_18_0-147_24_2-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_24_2-debuginfo-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_24_2-debugsource-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_27_1-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_27_1-debuginfo-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_27_1-debugsource-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_32_1-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_32_1-debuginfo-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_32_1-debugsource-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_34_1-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_34_1-debuginfo-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_34_1-debugsource-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_38_1-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_38_1-debuginfo-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_38_1-debugsource-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_43_1-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_43_1-debuginfo-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_43_1-debugsource-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_44_1-1-5.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_44_1-debuginfo-1-5.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_44_1-debugsource-1-5.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_48_1-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_48_1-debuginfo-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_48_1-debugsource-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_1-1-1.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_1-debuginfo-1-1.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_1-debugsource-1-1.el8_1.ppc64le.rpm x86_64: kpatch-patch-4_18_0-147_24_2-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_24_2-debuginfo-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_24_2-debugsource-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_27_1-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_27_1-debuginfo-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_27_1-debugsource-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_32_1-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_32_1-debuginfo-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_32_1-debugsource-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_34_1-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_34_1-debuginfo-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_34_1-debugsource-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_38_1-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_38_1-debuginfo-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_38_1-debugsource-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_43_1-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_43_1-debuginfo-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_43_1-debugsource-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_44_1-1-5.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_44_1-debuginfo-1-5.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_44_1-debugsource-1-5.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_48_1-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_48_1-debuginfo-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_48_1-debugsource-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_1-1-1.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_1-debuginfo-1-1.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_1-debugsource-1-1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPdNe9zjgjWX9erEAQhDNQ/6A7waOZeXCyKYvgYCdT35PlgqS4oHaHj3 XHB5kvnyHSkxmDXX7sAX0hClkvFNJAE9Nk9JskV8yPl56GULiU0KLBcLLA/RO9Vy PGP1Xm357o/MpVcnJWhWIM+bP7xyoWCZ+iCDKFtw+tN2icW650gbtiWe41eW9gUO uwAMhhGq93T8T74sUzWs9cC3VBJMqij4F+UlJvLGDQtRKFHzXJz7W+a/pcksJzHl FAHpz6ASmt45fpgT2RdfxSOXZ7bPWNkTil67sdII7sXuF4W53CNeQ62os9b4x4pt 7JzY5heKowNz+N62Qco01k+PshL86R2Q8BMuy4OYens0MF0wQuH0SYRv8FvjReX0 o4YptHCZGmtBKdWYyhMCobCCJNIjH9D2lYZBhADaE1DBgaczZbYx4jkPkT0boODX GgHAP5iwBM+nsVvOXBuE90CXwF47mQeRktb6NMCPBiLUYzvwE4HgCcgTlLCEvmPx g5dklLX7YsL6WL3KsA3JYuNuUUtHdnUfHAx7dY5YKITZzvl3Mgdoiza9ZltQlSuS 9rH3Tzd5HI8Wa3nR90mnRJkdLbJOOUTOcAYoJBbuH2U4srJuc3le6NJsSlL9xVAW gVWjUC98CYvpIjF7A/yWG1BWLYA/k2xF1EqOkYXvrYmEWadVn/T5DYOj4X62mE/D 7xusI1Vc9jc= =eG7S - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2714-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2714 Issue date: 2021-07-20 CVE Names: CVE-2021-32399 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: race condition for removal of the HCI controller (CVE-2021-32399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * pinctrl_emmitsburg: improper configuration (BZ#1963984) * [Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath (BZ#1964419) * RHEL8.4 - [P10] [NPIV Multi queue Test kernel- 4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on Denali (ibmvfc/dlpar/RHEL8.4) (BZ#1964697) * Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967099) * backport fixes for Connection Tracking offload (BZ#1968679) * fm10k: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969910) * ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969911) * ena: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969913) * b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969914) * e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969915) * ice: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969917) * igb: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969919) * igbvf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969920) * igc: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969921) * ixgbe: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969922) * i40e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969923) * iavf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969925) * Backport netlink extack tracepoint (BZ#1972938) * [RHEL8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 1970807 - CVE-2021-32399 kernel: race condition for removal of the HCI controller 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: kernel-4.18.0-305.10.2.el8_4.src.rpm aarch64: bpftool-4.18.0-305.10.2.el8_4.aarch64.rpm bpftool-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-core-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-cross-headers-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-core-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-devel-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-modules-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-devel-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-headers-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-modules-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-modules-extra-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-tools-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-tools-libs-4.18.0-305.10.2.el8_4.aarch64.rpm perf-4.18.0-305.10.2.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm python3-perf-4.18.0-305.10.2.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm noarch: kernel-abi-stablelists-4.18.0-305.10.2.el8_4.noarch.rpm kernel-doc-4.18.0-305.10.2.el8_4.noarch.rpm ppc64le: bpftool-4.18.0-305.10.2.el8_4.ppc64le.rpm bpftool-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-core-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-cross-headers-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-core-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-devel-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-modules-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-devel-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-headers-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-modules-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-modules-extra-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-tools-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-tools-libs-4.18.0-305.10.2.el8_4.ppc64le.rpm perf-4.18.0-305.10.2.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm python3-perf-4.18.0-305.10.2.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm s390x: bpftool-4.18.0-305.10.2.el8_4.s390x.rpm bpftool-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm kernel-4.18.0-305.10.2.el8_4.s390x.rpm kernel-core-4.18.0-305.10.2.el8_4.s390x.rpm kernel-cross-headers-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debug-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debug-core-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debug-devel-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debug-modules-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-305.10.2.el8_4.s390x.rpm kernel-devel-4.18.0-305.10.2.el8_4.s390x.rpm kernel-headers-4.18.0-305.10.2.el8_4.s390x.rpm kernel-modules-4.18.0-305.10.2.el8_4.s390x.rpm kernel-modules-extra-4.18.0-305.10.2.el8_4.s390x.rpm kernel-tools-4.18.0-305.10.2.el8_4.s390x.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm kernel-zfcpdump-4.18.0-305.10.2.el8_4.s390x.rpm kernel-zfcpdump-core-4.18.0-305.10.2.el8_4.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm kernel-zfcpdump-devel-4.18.0-305.10.2.el8_4.s390x.rpm kernel-zfcpdump-modules-4.18.0-305.10.2.el8_4.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-305.10.2.el8_4.s390x.rpm perf-4.18.0-305.10.2.el8_4.s390x.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm python3-perf-4.18.0-305.10.2.el8_4.s390x.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.s390x.rpm x86_64: bpftool-4.18.0-305.10.2.el8_4.x86_64.rpm bpftool-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-core-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-cross-headers-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-core-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-devel-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-modules-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-devel-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-headers-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-modules-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-modules-extra-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-tools-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-tools-libs-4.18.0-305.10.2.el8_4.x86_64.rpm perf-4.18.0-305.10.2.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm python3-perf-4.18.0-305.10.2.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: bpftool-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm kernel-tools-libs-devel-4.18.0-305.10.2.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm kernel-tools-libs-devel-4.18.0-305.10.2.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.10.2.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.10.2.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-32399 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPdP09zjgjWX9erEAQjmYA/+KxY39SEeJUTxuOoY1S6FqIoHYelXzp+m G1g/9kNN4XPx85abIMeCaQLRkM9KjVMeZbzqyw47jsnSMU5oKgsz1bD7LQb2wXNf odUeNZURxdn27XPprRJkTuoFQ0p0tNIU+ZQ5bRFblNAvTp0dNQvhbVn+695Rw1CY LcELcvrDsrP6vIOezMgZKy0khXcY3GUK+ZzgCuVAJ6m3jBHy6frv8fyOGdGW9I2A aEQCp0BEQSsQULQ/wk4TUKaslrDWGh7RUq7z0NNeAJcRnJ1NJrUhGCpBJgiBAbjW 7+6ZtV2bMhxZ7ifVlRQ4k1cAVI3lEYE3lPqHI04q/qfNexszZeUdVKSFfnrOqfNd vzg/Vg5GxUwTndbJqUGVtuN+Vu0LEakFXHzsjRRyfcwO+zF7xzZINzl4bsHuUFTP lV+/b82xZ2H9k5cdJGNLOJVSqCVVZIlZySOWv3pP5AjChH+4QFp3hUcHZ6MFXeXK sy/0y/B30ehGFI1a4lB/ENiaUHHNQdqJAtxPF9zz8+532mTXW+9BoGL00W8xTBBd HklQgYISWUhtk/HIrx0VkI4lxP9UOPR8n4Tp5/ldS50dqLXQA/aNvpI6C6YMq+Cd VmZEVHhBcycqfP0uJJ7P0FvQzwbXkzBZH/AQ5aEhcKSOWeq4VKzi2vRdraHbfo5M i2QiXpLb7Ko= =cADq - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2021:2727-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2727 Issue date: 2021-07-20 CVE Names: CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server (v. 7): Source: kpatch-patch-3_10_0-1160-1-7.el7.src.rpm kpatch-patch-3_10_0-1160_11_1-1-6.el7.src.rpm kpatch-patch-3_10_0-1160_15_2-1-6.el7.src.rpm kpatch-patch-3_10_0-1160_21_1-1-4.el7.src.rpm kpatch-patch-3_10_0-1160_24_1-1-2.el7.src.rpm kpatch-patch-3_10_0-1160_25_1-1-2.el7.src.rpm kpatch-patch-3_10_0-1160_2_1-1-7.el7.src.rpm kpatch-patch-3_10_0-1160_2_2-1-7.el7.src.rpm kpatch-patch-3_10_0-1160_31_1-1-1.el7.src.rpm kpatch-patch-3_10_0-1160_6_1-1-7.el7.src.rpm ppc64le: kpatch-patch-3_10_0-1160-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160-debuginfo-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_11_1-1-6.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_11_1-debuginfo-1-6.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_15_2-1-6.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_15_2-debuginfo-1-6.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_21_1-1-4.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_21_1-debuginfo-1-4.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_24_1-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_24_1-debuginfo-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_25_1-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_25_1-debuginfo-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_2_1-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_2_1-debuginfo-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_2_2-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_2_2-debuginfo-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_31_1-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_31_1-debuginfo-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_6_1-1-7.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_6_1-debuginfo-1-7.el7.ppc64le.rpm x86_64: kpatch-patch-3_10_0-1160-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160-debuginfo-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160_11_1-1-6.el7.x86_64.rpm kpatch-patch-3_10_0-1160_11_1-debuginfo-1-6.el7.x86_64.rpm kpatch-patch-3_10_0-1160_15_2-1-6.el7.x86_64.rpm kpatch-patch-3_10_0-1160_15_2-debuginfo-1-6.el7.x86_64.rpm kpatch-patch-3_10_0-1160_21_1-1-4.el7.x86_64.rpm kpatch-patch-3_10_0-1160_21_1-debuginfo-1-4.el7.x86_64.rpm kpatch-patch-3_10_0-1160_24_1-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_24_1-debuginfo-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_25_1-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_25_1-debuginfo-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_2_1-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160_2_1-debuginfo-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160_2_2-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160_2_2-debuginfo-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160_31_1-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_31_1-debuginfo-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_6_1-1-7.el7.x86_64.rpm kpatch-patch-3_10_0-1160_6_1-debuginfo-1-7.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPdRtNzjgjWX9erEAQgitA/+Ji7rXfZaofQn63MZhvLoKL82sSM4H3Fw PvIgCxOc3N3FDdVjkppWJKgNhUYenN6qE+zBWiJBk3wojFf+1X9Jqp6eWqSwM8sD yz4IRnGT9tctlr39wURZRX/HfuJtTQwRTkOiSVXNUVlw6xe7J2FvwH/1oxhOYjqu InP74qvTx6YM4061Nw8EgKKUnmNlVKopKWVS0S8XdCboFsVfqVic4QrEjiacWhkd 0EedSAKnY+GBw2KvScgKnjIO00mgcZLDrfwYUyg0TY5FglXi9GwcF8NGx+Q/E7iy J5/r+/TtG2GzhhA61fJOip5l4ffJ6NlxXMfv3IxI+HllH47E3PgLic6tVqZ+vB7Y mDQKgB++O6vbo9tk1v9V7W8+geC7JqHdwHXTkLprSPEOjvBNUIYpT+HGytpWWr2l IoQcahDZDzp1cFzPFi9rFlsllyBMo9rcaI4CuyWJTZm3fB3c/QlrbZd5PdoOUoMp Qllk/Td0EANyVvy2gIQn+K3z9UrY+p15ivy12HXt98EMlejYr2X+bT+m1LGFAwRb CV0Xn2vY2LVOQ3dpXNR+YPASliTJxYTps66hurjKaLnpxJrA4Bw4YKoT1bmenA+h ZSpILQTFt+RD3gUn1pcsUGLNbc2/QEDO2lREGzHg8dIqmIbIKp40lLwtJcf5qfaF BahzWWxvD08= =L259 - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2730-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2730 Issue date: 2021-07-20 CVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: Use after free via PI futex state (CVE-2021-3347) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] (BZ#1975159) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.6): Source: kernel-3.10.0-957.78.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm x86_64: bpftool-3.10.0-957.78.2.el7.x86_64.rpm kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.6): Source: kernel-3.10.0-957.78.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm ppc64le: kernel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm kernel-devel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-headers-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-957.78.2.el7.ppc64le.rpm perf-3.10.0-957.78.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm x86_64: kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.6): Source: kernel-3.10.0-957.78.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-957.78.2.el7.noarch.rpm kernel-doc-3.10.0-957.78.2.el7.noarch.rpm x86_64: bpftool-3.10.0-957.78.2.el7.x86_64.rpm kernel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-devel-3.10.0-957.78.2.el7.x86_64.rpm kernel-headers-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.78.2.el7.x86_64.rpm perf-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.6): x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.6): ppc64le: kernel-debug-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.6): x86_64: kernel-debug-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.78.2.el7.x86_64.rpm perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.78.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc/p9zjgjWX9erEAQiGYQ/6Apfv6Vn+s1cJsOrv5bpIB+TZWR8Dw4w6 7q5tqmrA0W38qvq7EWqVwAZMtmF2YXIcuP8i8zELAPG/Y1oMax3Piy5nxc4OR55i 8H9pc0lGZn9UJtryWMPaJRqvWGF1WhE/vGPUkHhI3CmoSVDN3B3OqfC04oeVa/Gt f9wikugrLvXoD+YsJk1LAn0tJ+xGrcbMRvwxvvtvwRsje2cGPU6OAEWQr1ZKyNZc Fwi6jLUve8d3wxE6+C6IocTYMcZcw2e2U4KOwE/ONXjjNgbwV+deQU16HJk4BjcA rDqtVUWzNGXzONh6Ua4yEisVe8LdhPNoZaciNx56lKpOs8Vbv58w29edfR1zf0fW c1gH+0S19jDSwsESNSKJth5A/GY0zxsUeh5qDjoFUF1AH6IuZNmPb3VGcl5klKuo outLUo2jeIRiBiZaNSVe32nbWCEkAoFF5WrvfHYmi+i9U45gLvUG2N58ZtOQiQkb potW9xF7f15Mm1Xm9TOIaNy+ykh7TJRxKnQSaAk/jnzTLp3XeVNmPTztx7zA4Z50 bgM/MQWB9j7NMjwEopdbS4lxJsvaXerwXPT+1WDAzBZ5clOKyB5hTxTTBOrsErzs O+wKRVu9eU4FMR6ULeL+pLCZPm0eVlu9jBuySEUI05/FkAVu/YUDrgXvMiy6XknI ziN+XVubHjk= =1ifB - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2021:2722-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2722 Issue date: 2021-07-20 CVE Names: CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.1) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.1): Source: kernel-4.18.0-147.51.2.el8_1.src.rpm aarch64: bpftool-4.18.0-147.51.2.el8_1.aarch64.rpm bpftool-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-core-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-cross-headers-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-core-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-devel-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-modules-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-devel-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-headers-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-modules-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-modules-extra-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-tools-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-tools-libs-4.18.0-147.51.2.el8_1.aarch64.rpm perf-4.18.0-147.51.2.el8_1.aarch64.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm python3-perf-4.18.0-147.51.2.el8_1.aarch64.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-147.51.2.el8_1.noarch.rpm kernel-doc-4.18.0-147.51.2.el8_1.noarch.rpm ppc64le: bpftool-4.18.0-147.51.2.el8_1.ppc64le.rpm bpftool-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-core-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-cross-headers-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-core-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-devel-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-modules-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-devel-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-headers-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-modules-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-modules-extra-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-tools-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-tools-libs-4.18.0-147.51.2.el8_1.ppc64le.rpm perf-4.18.0-147.51.2.el8_1.ppc64le.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm python3-perf-4.18.0-147.51.2.el8_1.ppc64le.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm s390x: bpftool-4.18.0-147.51.2.el8_1.s390x.rpm bpftool-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm kernel-4.18.0-147.51.2.el8_1.s390x.rpm kernel-core-4.18.0-147.51.2.el8_1.s390x.rpm kernel-cross-headers-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debug-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debug-core-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debug-devel-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debug-modules-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-147.51.2.el8_1.s390x.rpm kernel-devel-4.18.0-147.51.2.el8_1.s390x.rpm kernel-headers-4.18.0-147.51.2.el8_1.s390x.rpm kernel-modules-4.18.0-147.51.2.el8_1.s390x.rpm kernel-modules-extra-4.18.0-147.51.2.el8_1.s390x.rpm kernel-tools-4.18.0-147.51.2.el8_1.s390x.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm kernel-zfcpdump-4.18.0-147.51.2.el8_1.s390x.rpm kernel-zfcpdump-core-4.18.0-147.51.2.el8_1.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm kernel-zfcpdump-devel-4.18.0-147.51.2.el8_1.s390x.rpm kernel-zfcpdump-modules-4.18.0-147.51.2.el8_1.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-147.51.2.el8_1.s390x.rpm perf-4.18.0-147.51.2.el8_1.s390x.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm python3-perf-4.18.0-147.51.2.el8_1.s390x.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.s390x.rpm x86_64: bpftool-4.18.0-147.51.2.el8_1.x86_64.rpm bpftool-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-core-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-cross-headers-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-core-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-devel-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-modules-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-modules-extra-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-devel-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-headers-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-modules-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-modules-extra-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-tools-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-tools-libs-4.18.0-147.51.2.el8_1.x86_64.rpm perf-4.18.0-147.51.2.el8_1.x86_64.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm python3-perf-4.18.0-147.51.2.el8_1.x86_64.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.1): aarch64: bpftool-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm kernel-tools-libs-devel-4.18.0-147.51.2.el8_1.aarch64.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm kernel-tools-libs-devel-4.18.0-147.51.2.el8_1.ppc64le.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debug-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-tools-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm kernel-tools-libs-devel-4.18.0-147.51.2.el8_1.x86_64.rpm perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm python3-perf-debuginfo-4.18.0-147.51.2.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc+e9zjgjWX9erEAQicbw/9HNcm1GQvXQtvN22ZUZGZ1Dl/SB+L+gvL sAwOoHM3FgHbykPi726tBmHC3+Y9rdRHivMob1GuGVd6mVqGVB7B5wxpeMpj9CVH xHNYDtVSWQJsHFrE4ATvDlbQUoIhVGF65y9ZUgyt6ey+gZuqHBFh8IPe2aXq3IRm 81/h5/QMYvJ1+6Uqg6SIKZAWTrWpK2GjVr5TCq/gCH88z2dO5XEangBdHaqgts9O IH6ma8mOcqMtF8uTWkE3kSK28T47UWO+fW0YnV968a69bjq6ZmD2CFYxxxPCAnWF AjE+DELsrNmCXtICiqjx1nf9WNUyZf3Xk2ggnK/GbJ3LKauvgC/6gMRmZ9yHxTDI zYr+FSAitoKe3JI1Dbe1TfZIFifKUnLbHzNahKbhvjOvsmkJGaLElnURl5JxORwK uOVBi8rkI0h57Ra2ZA0H/NOtPa9jlkC6hiUHfr0Qu7AqPkqj6LrDUcVVKj69kmnh ynC75c6WAGWwAUBt+7UrPQoh41USxy92yq0J8eF5UPuU4mMrGXoq8NUB8A1gDfvD PMBFt9ppAd4CNwdl/CEK6V3lmL26R3obJgELpyEh656E6Cc62zPslVfwIFboIEla ZM+7aQDjnmtt1gOnww3HXBmQ5+EIMhsa7VSVbAPUTvFowi5n+fKHTO1bFqKX1SgS iOBYxGCLDak= =GULM - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2021:2732-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2732 Issue date: 2021-07-20 CVE Names: CVE-2020-28374 CVE-2021-3347 CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: Use after free via PI futex state (CVE-2021-3347) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: kernel-3.10.0-693.90.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.90.2.el7.noarch.rpm kernel-doc-3.10.0-693.90.2.el7.noarch.rpm x86_64: kernel-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm kernel-devel-3.10.0-693.90.2.el7.x86_64.rpm kernel-headers-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.90.2.el7.x86_64.rpm perf-3.10.0-693.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm python-perf-3.10.0-693.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.4): Source: kernel-3.10.0-693.90.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.90.2.el7.noarch.rpm kernel-doc-3.10.0-693.90.2.el7.noarch.rpm ppc64le: kernel-3.10.0-693.90.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debug-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.90.2.el7.ppc64le.rpm kernel-devel-3.10.0-693.90.2.el7.ppc64le.rpm kernel-headers-3.10.0-693.90.2.el7.ppc64le.rpm kernel-tools-3.10.0-693.90.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.90.2.el7.ppc64le.rpm perf-3.10.0-693.90.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm python-perf-3.10.0-693.90.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm x86_64: kernel-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm kernel-devel-3.10.0-693.90.2.el7.x86_64.rpm kernel-headers-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.90.2.el7.x86_64.rpm perf-3.10.0-693.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm python-perf-3.10.0-693.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.4): Source: kernel-3.10.0-693.90.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.90.2.el7.noarch.rpm kernel-doc-3.10.0-693.90.2.el7.noarch.rpm x86_64: kernel-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm kernel-devel-3.10.0-693.90.2.el7.x86_64.rpm kernel-headers-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.90.2.el7.x86_64.rpm perf-3.10.0-693.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm python-perf-3.10.0-693.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.4): x86_64: kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.4): ppc64le: kernel-debug-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.90.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.90.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.4): x86_64: kernel-debug-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.90.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-28374 https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc9TtzjgjWX9erEAQj74Q/+MYfqRjICnJdQu26bEvEI/DN5Jt6YNmyM 8nVqaOD0vMaTmdK45RrH7PtEO/S/pm8/jnsDVrGwzSlyTnd6u/MHWOTlqvZvccn0 RBZ2CT2hMAtFjVZxnbKEXoaQW1eM0LFjjyTFTCcp32LydxcZMpXxmn162mCjhVje CtdLcO83TKFwQSE2n4h/DXS1Q11IOayaorc7W6y9V/d9ICEYl0L8hG46Zhui7T18 ylFKrvEwaPO1ZXDJajXlQRGoRgAbtUh1JD40u+R7XGM8dew+dk9hjV8FfdbKY1qv +SUBWlvPUahF3ZHsGFSIUO8442tijsUT3q4WY5xDkWDX4e1iQkLV0xPP2909xA5A noKv+jYhhkOnc7IrTUZDUhnu7qVl5oFhsXqmnHrhSb8/ntDfqwbKIknRmw4NEnIT hrvrSH3jR+gxlPGm7G4pnSujZ3H6pA14z7y6Dwv6BJg4IKkOvTO7SmmYZng9Jm5s efyzvRO3dBaoeFTcIaswmrxgWiCjs5lmj4SWl005uwuMSaeVvYG3EP1/mgDDgh0S PcnBoQqLot7C8U7QJquxUQ/PrxoAOcRcFCxbGG3MaAKq0xda1Rh/cAQhMsgBgQSq uBs6cFVvoQ5ObbGuiHGME39S2Va3T3c6Z3zz6QlBFPkaoxQHDrg5R3eJ8FMuW42m eDqZcy0vJHI= =DoiN - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2021:2715-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2715 Issue date: 2021-07-20 CVE Names: CVE-2021-32399 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Real Time (v. 8) - x86_64 Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: race condition for removal of the HCI controller (CVE-2021-32399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.4.z2 source tree (BZ#1975405) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 1970807 - CVE-2021-32399 kernel: race condition for removal of the HCI controller 6. Package List: Red Hat Enterprise Linux Real Time for NFV (v. 8): Source: kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.src.rpm x86_64: kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-kvm-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-kvm-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm Red Hat Enterprise Linux Real Time (v. 8): Source: kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.src.rpm x86_64: kernel-rt-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-core-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debuginfo-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-devel-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-modules-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm kernel-rt-modules-extra-4.18.0-305.10.2.rt7.83.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-32399 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc4adzjgjWX9erEAQgRwA/+LutSbLPn+s/M6E8ELdreACeopQbG6S1s YXZpHy+48TnC1vD5hEsI4fufZMga3/rwgkdQwhlI51ah4wUioB203jTtjLe/uxo8 ReVlvYpFC4V5tIASy9ELX8AXCYEqNIRvKlWNQOiB/b3E52qGxJKXA45r/XVT/x6O z/zZ8bnpVgWeI0alTr/MYUJeha54F6VAsCRJwVxfSSTUePJKjMtpjkrUHuoXk5Fj V9Ml9fHXp42pIhYhGzPfM/GCdfyigmXNqUImzNXqd1inpMAQTFIDjLrVEp1h24Fo SKSkvieJrmXhlJuYJ7AY2qQJOPg3nO/xH66WszglOt3K3oLzxzQYRftRfw7E0fRJ +FP+er1bAqP2cjtxBExCe1ust7SStlZEuYmakWZKk0q9s7PKsXXZ1IihZXhNmqqj o00Zu8fQrXI5M4MloaW/Ibf4og8Nt7hKRkH40pY+D1nKPTiqSywgGhKOr8DwIMGg GU18ytPWnGmd4UPZ66fdjV35njdugmU1VaglRj5j796E6UzVenYJ8T3CIFadfqfV pU39VBDIPSJbX8GHulVALQOqSmj5xDC9L+eWUWQY/fdpMcCm3Ka08HIAZLiPBIFO V5/18rxnBEraEclPCDsHtRTFjDdqcV32H900+lB170aYRe/XJf7V97dZCCqkHa15 rz64oObnlFI= =7Aqp - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2021:2735-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2735 Issue date: 2021-07-20 CVE Names: CVE-2020-12362 CVE-2021-3347 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6 ELS) - i386, noarch, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6 ELS) - i386, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) * kernel: Use after free via PI futex state (CVE-2021-3347) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server (v. 6 ELS): Source: kernel-2.6.32-754.41.2.el6.src.rpm i386: kernel-2.6.32-754.41.2.el6.i686.rpm kernel-debug-2.6.32-754.41.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm kernel-devel-2.6.32-754.41.2.el6.i686.rpm kernel-headers-2.6.32-754.41.2.el6.i686.rpm perf-2.6.32-754.41.2.el6.i686.rpm perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.41.2.el6.noarch.rpm kernel-doc-2.6.32-754.41.2.el6.noarch.rpm kernel-firmware-2.6.32-754.41.2.el6.noarch.rpm s390x: kernel-2.6.32-754.41.2.el6.s390x.rpm kernel-debug-2.6.32-754.41.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debug-devel-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.41.2.el6.s390x.rpm kernel-devel-2.6.32-754.41.2.el6.s390x.rpm kernel-headers-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.41.2.el6.s390x.rpm perf-2.6.32-754.41.2.el6.s390x.rpm perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm x86_64: kernel-2.6.32-754.41.2.el6.x86_64.rpm kernel-debug-2.6.32-754.41.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.41.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.41.2.el6.x86_64.rpm kernel-devel-2.6.32-754.41.2.el6.x86_64.rpm kernel-headers-2.6.32-754.41.2.el6.x86_64.rpm perf-2.6.32-754.41.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6 ELS): i386: kernel-debug-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-2.6.32-754.41.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.41.2.el6.i686.rpm perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm python-perf-2.6.32-754.41.2.el6.i686.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.i686.rpm s390x: kernel-debug-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-2.6.32-754.41.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.41.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.41.2.el6.s390x.rpm perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm python-perf-2.6.32-754.41.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.41.2.el6.x86_64.rpm perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm python-perf-2.6.32-754.41.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.41.2.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPc4YtzjgjWX9erEAQgIaA//UYu+fLneuZ2zgqYYAam/u9hDvf3bHK+6 gXrL3MWGN58w+npoNVJZAJ25ooUhUbvIE+YjHeU/wJIts7ctHmRLkRudgulnM8dv G6xTdD1UB5Qywd83jOTGO8wFx0q1QpRABVFfjiIrDoa4O9dwacYVTKWkxHBQO4Z2 IKXLje41BXYI3WDHU81EgwdiDlTDPOwDh/JQMOSmHap9fz++WgsJjvdvqyYIS6tT OkUBydCD5S+ZZ5p0YDXQK5Z/sgnFne/0bsJqAwpMtImkM1M8r1b7/Ryldy/gR/rb Er40G1kRYr7zo7MT+oF3Sn0rNaGuPbMGyJx/hREm/E9tJrH0CHoSmIKEWfx1u+Lu xtyjVTAqGsAEBzng+WFNozeKNr6t9fFmhxXXqnOj79zzjakRbcKCmTtGsDCoc0U5 gZZA8T7IEYiKzncDzSVEQvSvsw/pjTB5apUDj3vn7u/k8lFm57QDg8Bk+3Br7uWK 1KKrscvMWmvTXZqKRx5Dfp85cNIfZ3gt5pPedLW4UCGEktbIsnMKiCSDLVl+q6Pi F4FlPrVCYZmj/3zK8EfAnJxueI4WwNFmNiLyxi1wP7JQNvIFhQoD5gKezF8OfoEc 4U1migkGTZOtlrQvhC0vSjnCIyg00zzJJGruldkXR3GjLxJjIzWdIPBd+OIp5uGa /bKTbrpVGhQ= =vVgJ - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2021:2733-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2733 Issue date: 2021-07-20 CVE Names: CVE-2021-3347 CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: Use after free via PI futex state (CVE-2021-3347) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: kernel-3.10.0-514.90.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.90.2.el7.noarch.rpm kernel-doc-3.10.0-514.90.2.el7.noarch.rpm x86_64: kernel-3.10.0-514.90.2.el7.x86_64.rpm kernel-debug-3.10.0-514.90.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.90.2.el7.x86_64.rpm kernel-devel-3.10.0-514.90.2.el7.x86_64.rpm kernel-headers-3.10.0-514.90.2.el7.x86_64.rpm kernel-tools-3.10.0-514.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.90.2.el7.x86_64.rpm perf-3.10.0-514.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm python-perf-3.10.0-514.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.3): x86_64: kernel-debug-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.90.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.90.2.el7.x86_64.rpm perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.90.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPcwatzjgjWX9erEAQjWzhAAijHT7e7zGbcretwX4KN+oRxirv/jvO4b sn+5iq+x+tEZpHScK7N8J+1hdbiHC8mWf0uhk4YdK8Z/a4MoZzV2FW0XVEXlDard L1ZACwjSOOmDZgFBzd3ZTFbam1QaDb52I62BuvA41IIEBGRgGHgzSC8WK8pZcmnf 7cn5REiworfM5oojqKX6VjTaThvwlYnqHHlAHPnx35E2I4OCBUrR11l2yhrThTGd ZhRSlexm0UpqRxp93MdEgAR8Eedi8WMuTC4zkvd347SyyvXufxUk9lKVhIL1AGwl mqFqzbalHhIG6cewVq6HK/mD/M+Fz31cj8aPFpSJspu9Ida5qO+94PH5lFWTWkTS HjjgMxZK243DZ1golWwkVldRcXDZOGDqUfIWZMomA4Gz2owdVIEmJAsXcVSgZGgV i3Ji5InbmFQ5Y4OzgKejC+S3hAdptXaQ3ey6jwAWkBjqfiNZTR3Fwy/m1X6VddJ8 TQHbwol+bkAFOm/ZvTzqphC/EqaOlza/zjDweZBNMVTB1WOX22QtMwORLqpdvYwb uvNPhadHXj5ugBdcGKEKLtPf2ZmrjDlvOHoMRcBnVQG0EmyyYD4IFVhYEtfOED/I PSu5aMVKJDl/2u9PsbhdgRnODBRZkC+Ys7utna8CulWBFbojolWJhopJ2H44YZ34 GB1/8qmQsBo= =sfft - -----END PGP SIGNATURE----- - -------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:2734-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2734 Issue date: 2021-07-20 CVE Names: CVE-2021-33034 CVE-2021-33909 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * xfs umount hangs in xfs_wait_buftarg() due to negative bt_io_count (BZ#1949916) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1961305 - CVE-2021-33034 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan 1970273 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.2): Source: kernel-3.10.0-327.98.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.98.2.el7.noarch.rpm kernel-doc-3.10.0-327.98.2.el7.noarch.rpm x86_64: kernel-3.10.0-327.98.2.el7.x86_64.rpm kernel-debug-3.10.0-327.98.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.98.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.98.2.el7.x86_64.rpm kernel-devel-3.10.0-327.98.2.el7.x86_64.rpm kernel-headers-3.10.0-327.98.2.el7.x86_64.rpm kernel-tools-3.10.0-327.98.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.98.2.el7.x86_64.rpm perf-3.10.0-327.98.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm python-perf-3.10.0-327.98.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.98.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.98.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.98.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33034 https://access.redhat.com/security/cve/CVE-2021-33909 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPcsbtzjgjWX9erEAQgpThAAkywxsthX4/MyOZzOd+dS2mKMUSYFUPwZ TIw3n8CzqqHqeO38+DwYoCX5rgo19DjcDy+RTDdUlrItvJS8ghktBEasisXYynzF 8v2Q9f4mSEcUwK/faOtwIOun/K/k0El1iamdml/pqT9b7xJrmQkHUfczNt9jJK/W GAC7lyFOkHkuVtV1Xv6NIiBA4u4YlWx6d2qLp/v7I/ro+AQ18w3u+LmoHUcnHabJ DZqeWBCgsHh9YVSGXgKOlM6aiPyyKHtCgHxWYb4ocwWRRY1NTlttRwtfKxxS5Dhu hl3zhZHMSGB02JrUQfrKTz6vX5gGIa4gSwLLoqlA3p+4EeW96wlBKNBVHPVzU6a2 nvfavp0MXByt+/9SsSZRoi/d6BZUG04EyM6ENVTucSstX8PtXWLdbCVy0qOlgiWj y4v02s5ePssN79pEpHgRDyYGeVhCJqKbhJtITxYQQRIfIVtNWhXsKmSuD5+vIlT2 q+13nyDv5Ito/mPr+KgLwOfI8d1kbiegRI5VSASUUorBB4y67yVsKOi79xTi0B0w cdSrngBn//RL0apyb/fnmX4cTAq1i5ltV7asVv9T3qQMW1AjbEmCe31dbj4O3h3F KrSuAwHa3/7rkCA17erzk86QnoO8xgqgYPwjrQHeIIoBnVJW4UZ6zrGe1rEw8jGO MAT+j1/ExhI= =Piu5 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYPdgJeNLKJtyKPYoAQg/XBAAhHPZlMgCPJhMXRe8nuCMbAvMtNNWQnl4 T5ECf2az1szR/wtB1U+pgySDcaarCgxV87X+e75uNWBdoYfyDrwg26Yzq9BjQc/i 7h3+iuEk3c2U3Ly2CQ6nKz/t63zpS5yWL7X2Q53cIz/eH5JS0KYKRZm0j+neHxzn dGVs+bflInCjdRjLCIBs5qlJeRKZaPXB07x19rc4pIRiRKhLqxH5DDX3+Hc16utm doX6HJJ9Bk3xyZUifAjvvVISbMwvoVXCTg6XSI3NAYGMwH/4M59Fj/yFmi2RrE+Y c4hQO/nA2sYDsqeSn62zPdjpLnVhZxfZUXmgKWJLYaPWLEMrC/S4q0lafXTeUdqA tPQp0aYTbE/PKFptvZ7Z5NTOcnjFi/xOkD8W56x++tgu1JmwiwU32jlBbQysYo6d CM9mFv9x+9a5ygig36DdktnPIdbz05XJ3Ao4X5ow2fWz1ux7AFhMovEbwxxI1TSK vlnO3UzSIZWMkbc4DqV9hsSC+v6/DBdSmlMzidHK7jT1LVEyxq1pcw0etdiyHVqX GpKzKiYEukqZ+wG2U3u0apZMUnqFr6Bb1qm/arGMnTGpSSlPJYFpSRjRwCFByEUJ Vn1+DifyJ2CFq5YHEYF8hndnuJn5wzaaWewYmt3rw4uTnIb2Se6zcc0BBdG7OLK6 LB4GvJfTh0M= =0DOV -----END PGP SIGNATURE-----