-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.3304
                    kernel security and bug fix update
                              6 October 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Increased Privileges -- Existing Account
                   Denial of Service    -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-37576 CVE-2021-32399 CVE-2021-22555
                   CVE-2021-22543  

Reference:         ESB-2021.3249
                   ESB-2021.3211

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:3725

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2021:3725-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:3725
Issue date:        2021-10-05
CVE Names:         CVE-2021-22543 CVE-2021-22555 CVE-2021-32399 
                   CVE-2021-37576 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.4
Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64
Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO
checks (CVE-2021-22543)

* kernel: out-of-bounds write in xt_compat_target_from_user() in
net/netfilter/x_tables.c (CVE-2021-22555)

* kernel: race condition for removal of the HCI controller (CVE-2021-32399)

* kernel: powerpc: KVM guest OS users can cause host OS memory corruption
(CVE-2021-37576)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap
[7.9.z] (BZ#1975161)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1965461 - CVE-2021-22543 kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks
1970807 - CVE-2021-32399 kernel: race condition for removal of the HCI controller
1980101 - CVE-2021-22555 kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
1986506 - CVE-2021-37576 kernel: powerpc: KVM guest OS users can cause host OS memory corruption

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.4):

Source:
kernel-3.10.0-693.94.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-693.94.1.el7.noarch.rpm
kernel-doc-3.10.0-693.94.1.el7.noarch.rpm

x86_64:
kernel-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debug-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.94.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.94.1.el7.x86_64.rpm
kernel-headers-3.10.0-693.94.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.94.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.94.1.el7.x86_64.rpm
perf-3.10.0-693.94.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
python-perf-3.10.0-693.94.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 7.4):

x86_64:
kernel-debug-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-693.94.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.94.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-22543
https://access.redhat.com/security/cve/CVE-2021-22555
https://access.redhat.com/security/cve/CVE-2021-32399
https://access.redhat.com/security/cve/CVE-2021-37576
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYVwEltzjgjWX9erEAQjQYg/8CX6zmfukV5LjGsjGya+kOYfqW75pDasS
jpoAC6rtd6n5Y4THU37cTSkHtSk2ycGkUhcnac3FwfOhRp5rR9ToPTVwTwcyQAgQ
4d/bb96Fa11h7duD0KUNXnF2lfvd3u4BRYCcRx43btRhueR4JeAK/7e5BDg3cfHx
qMDzoK2ZQsqzzVEqDhmH8Gg97OZoghTYWXIPVZUh4SyGRF/YaqRqRFIUQkHNMdai
JWTbgO8wGSs/qnhsWeewUEMr9sXLU80BpbSJl87xE2WvSuN4SWkCLELRUVmIkIv7
cIiyxCY2fpjXkWI1h233pKuGhqnphKP6r7Izjv0XuPSFe8GmJz95iRRLK666kDVh
N8OfEAoVNYme6fQaOkUOIq6BAnAdXdK/Q3re5j4Das3kcIgL5X+7cIW4KR6wQlqq
FSnYpKTG3s64xLanXQoY4gyWbPmbhPuv4LZDoNSkoNw9e2jSSPz1mX7O0KhooApM
OY8+qrRVolk6CvoIQiwTC98R3WLlJ5NM+5SoccPZeqaLSy/dC8i4ZnUwtsppwOiA
kuDRQ3s+6XKcdV+o9TesrTwp8KvoiAYHpV8u6GrAmwJyeAUa2ViLfKxhA1E2eogP
xnZlC2FuX9ehFhfZxJHBl9s3Vv7KdSJEkGU4aJB1LU/OpVl3zywpz0Zr8vgkuofY
ays5ZRJK5SQ=
=R/fp
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYV0O0+NLKJtyKPYoAQgJ4w//UWi9D6YGrMb7wmxdhfknXlckGFOHd1ai
8v6HeKZTwoceiuZT+N6V/CLrYvR2wi7nBOMJ8GKIYvh7Fs98g1FMNieQr5U8Iovr
usDJYSuLmOaDPmgME5Q1eMhYL4NG04q5iiVykiHDk9w5aLGqKWN1O9LafmSCUxpi
4Vou9ANiYOnT2kO8SieupJvp5TuIDSUZaClOzoCPBWKSyNcRVakunCiM5vtOc3tL
yErNMUi9xAEKN8ELidElqIjPHYhFqWXakaC+Lt7TMIK2MkBaRdErcTeYTt+DXdvW
V3MGdTkyvtFLEusXF6XLK+q+oKwBSM5oV3LlidQdtHsKa3OepcR8q5vqsYEr5Msv
brBVPWOFpYN5PFaxVi97Ffr3/hj0nsvCIGI5hmMfcSSU7msHCn32lvjMTBqjpkdB
K0sNC4clk95u7TLN0/Qi9trO7rSoSZQEBjlT7ioPzmfrOuhL9JwejdjPX4Ni/8xI
XA0vFPMb8dhgzKRD482zrsuhSM86POIkUadbpUD7dMNlrJogHBi9vVQeyfqr26jA
HMUy9FVc6i9cc/nRrccqN9zQSEIC3mFcZSdnSKwg66FnOTYTTw0Y13Dclu4MnQFh
FeK3rvWM4q1f3zCsoeaGi1qUN2aCvTLiZjHJ/cCHxlf93zJajKdjWA19rNBy327n
TUYBEcu6rMk=
=D4wG
-----END PGP SIGNATURE-----