Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3304 kernel security and bug fix update 6 October 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Impact/Access: Increased Privileges -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-37576 CVE-2021-32399 CVE-2021-22555 CVE-2021-22543 Reference: ESB-2021.3249 ESB-2021.3211 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:3725 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:3725-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3725 Issue date: 2021-10-05 CVE Names: CVE-2021-22543 CVE-2021-22555 CVE-2021-32399 CVE-2021-37576 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555) * kernel: race condition for removal of the HCI controller (CVE-2021-32399) * kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] (BZ#1975161) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1965461 - CVE-2021-22543 kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks 1970807 - CVE-2021-32399 kernel: race condition for removal of the HCI controller 1980101 - CVE-2021-22555 kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c 1986506 - CVE-2021-37576 kernel: powerpc: KVM guest OS users can cause host OS memory corruption 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: kernel-3.10.0-693.94.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-693.94.1.el7.noarch.rpm kernel-doc-3.10.0-693.94.1.el7.noarch.rpm x86_64: kernel-3.10.0-693.94.1.el7.x86_64.rpm kernel-debug-3.10.0-693.94.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.94.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.94.1.el7.x86_64.rpm kernel-devel-3.10.0-693.94.1.el7.x86_64.rpm kernel-headers-3.10.0-693.94.1.el7.x86_64.rpm kernel-tools-3.10.0-693.94.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.94.1.el7.x86_64.rpm perf-3.10.0-693.94.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm python-perf-3.10.0-693.94.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.4): x86_64: kernel-debug-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.94.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.94.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.94.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-22543 https://access.redhat.com/security/cve/CVE-2021-22555 https://access.redhat.com/security/cve/CVE-2021-32399 https://access.redhat.com/security/cve/CVE-2021-37576 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYVwEltzjgjWX9erEAQjQYg/8CX6zmfukV5LjGsjGya+kOYfqW75pDasS jpoAC6rtd6n5Y4THU37cTSkHtSk2ycGkUhcnac3FwfOhRp5rR9ToPTVwTwcyQAgQ 4d/bb96Fa11h7duD0KUNXnF2lfvd3u4BRYCcRx43btRhueR4JeAK/7e5BDg3cfHx qMDzoK2ZQsqzzVEqDhmH8Gg97OZoghTYWXIPVZUh4SyGRF/YaqRqRFIUQkHNMdai JWTbgO8wGSs/qnhsWeewUEMr9sXLU80BpbSJl87xE2WvSuN4SWkCLELRUVmIkIv7 cIiyxCY2fpjXkWI1h233pKuGhqnphKP6r7Izjv0XuPSFe8GmJz95iRRLK666kDVh N8OfEAoVNYme6fQaOkUOIq6BAnAdXdK/Q3re5j4Das3kcIgL5X+7cIW4KR6wQlqq FSnYpKTG3s64xLanXQoY4gyWbPmbhPuv4LZDoNSkoNw9e2jSSPz1mX7O0KhooApM OY8+qrRVolk6CvoIQiwTC98R3WLlJ5NM+5SoccPZeqaLSy/dC8i4ZnUwtsppwOiA kuDRQ3s+6XKcdV+o9TesrTwp8KvoiAYHpV8u6GrAmwJyeAUa2ViLfKxhA1E2eogP xnZlC2FuX9ehFhfZxJHBl9s3Vv7KdSJEkGU4aJB1LU/OpVl3zywpz0Zr8vgkuofY ays5ZRJK5SQ= =R/fp - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYV0O0+NLKJtyKPYoAQgJ4w//UWi9D6YGrMb7wmxdhfknXlckGFOHd1ai 8v6HeKZTwoceiuZT+N6V/CLrYvR2wi7nBOMJ8GKIYvh7Fs98g1FMNieQr5U8Iovr usDJYSuLmOaDPmgME5Q1eMhYL4NG04q5iiVykiHDk9w5aLGqKWN1O9LafmSCUxpi 4Vou9ANiYOnT2kO8SieupJvp5TuIDSUZaClOzoCPBWKSyNcRVakunCiM5vtOc3tL yErNMUi9xAEKN8ELidElqIjPHYhFqWXakaC+Lt7TMIK2MkBaRdErcTeYTt+DXdvW V3MGdTkyvtFLEusXF6XLK+q+oKwBSM5oV3LlidQdtHsKa3OepcR8q5vqsYEr5Msv brBVPWOFpYN5PFaxVi97Ffr3/hj0nsvCIGI5hmMfcSSU7msHCn32lvjMTBqjpkdB K0sNC4clk95u7TLN0/Qi9trO7rSoSZQEBjlT7ioPzmfrOuhL9JwejdjPX4Ni/8xI XA0vFPMb8dhgzKRD482zrsuhSM86POIkUadbpUD7dMNlrJogHBi9vVQeyfqr26jA HMUy9FVc6i9cc/nRrccqN9zQSEIC3mFcZSdnSKwg66FnOTYTTw0Y13Dclu4MnQFh FeK3rvWM4q1f3zCsoeaGi1qUN2aCvTLiZjHJ/cCHxlf93zJajKdjWA19rNBy327n TUYBEcu6rMk= =D4wG -----END PGP SIGNATURE-----