Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.3796
kernel security, bug fix, and enhancement update
10 November 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Increased Privileges -- Existing Account
Create Arbitrary Files -- Existing Account
Provide Misleading Information -- Remote/Unauthenticated
Denial of Service -- Existing Account
Access Confidential Data -- Remote/Unauthenticated
Unauthorised Access -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33909 CVE-2021-33200 CVE-2021-31916
CVE-2021-31829 CVE-2021-31440 CVE-2021-29650
CVE-2021-29646 CVE-2021-29155 CVE-2021-28971
CVE-2021-28950 CVE-2021-23133 CVE-2021-20239
CVE-2021-20194 CVE-2021-3732 CVE-2021-3679
CVE-2021-3659 CVE-2021-3635 CVE-2021-3600
CVE-2021-3573 CVE-2021-3564 CVE-2021-3489
CVE-2021-3348 CVE-2021-0129 CVE-2020-36386
CVE-2020-36158 CVE-2020-29660 CVE-2020-29368
CVE-2020-27777 CVE-2020-26147 CVE-2020-26146
CVE-2020-26145 CVE-2020-26144 CVE-2020-26143
CVE-2020-26141 CVE-2020-26140 CVE-2020-26139
CVE-2020-24588 CVE-2020-24587 CVE-2020-24586
CVE-2020-24504 CVE-2020-24503 CVE-2020-24502
CVE-2020-0427
Reference: ESB-2021.2876
ESB-2021.2860
ESB-2021.2691
ESB-2021.2511
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:4356
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2021:4356-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4356
Issue date: 2021-11-09
CVE Names: CVE-2020-0427 CVE-2020-24502 CVE-2020-24503
CVE-2020-24504 CVE-2020-24586 CVE-2020-24587
CVE-2020-24588 CVE-2020-26139 CVE-2020-26140
CVE-2020-26141 CVE-2020-26143 CVE-2020-26144
CVE-2020-26145 CVE-2020-26146 CVE-2020-26147
CVE-2020-27777 CVE-2020-29368 CVE-2020-29660
CVE-2020-36158 CVE-2020-36386 CVE-2021-0129
CVE-2021-3348 CVE-2021-3489 CVE-2021-3564
CVE-2021-3573 CVE-2021-3600 CVE-2021-3635
CVE-2021-3659 CVE-2021-3679 CVE-2021-3732
CVE-2021-20194 CVE-2021-20239 CVE-2021-23133
CVE-2021-28950 CVE-2021-28971 CVE-2021-29155
CVE-2021-29646 CVE-2021-29650 CVE-2021-31440
CVE-2021-31829 CVE-2021-31916 CVE-2021-33200
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: out-of-bounds reads in pinctrl subsystem (CVE-2020-0427)
* kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter
drivers (CVE-2020-24502)
* kernel: Insufficient access control in some Intel(R) Ethernet E810
Adapter drivers (CVE-2020-24503)
* kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810
Adapter drivers (CVE-2020-24504)
* kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)
* kernel: Reassembling fragments encrypted under different keys
(CVE-2020-24587)
* kernel: wifi frame payload being parsed incorrectly as an L2 frame
(CVE-2020-24588)
* kernel: Forwarding EAPOL from unauthenticated wifi client
(CVE-2020-26139)
* kernel: accepting plaintext data frames in protected networks
(CVE-2020-26140)
* kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)
* kernel: accepting fragmented plaintext frames in protected networks
(CVE-2020-26143)
* kernel: accepting unencrypted A-MSDU frames that start with RFC1042
header (CVE-2020-26144)
* kernel: accepting plaintext broadcast fragments as full frames
(CVE-2020-26145)
* kernel: powerpc: RTAS calls can be used to compromise kernel integrity
(CVE-2020-27777)
* kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a
read-after-free (CVE-2020-29660)
* kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a
long SSID value (CVE-2020-36158)
* kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt()
(CVE-2020-36386)
* kernel: Improper access control in BlueZ may allow information disclosure
vulnerability. (CVE-2021-0129)
* kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
(CVE-2021-3348)
* kernel: Linux kernel eBPF RINGBUF map oversized allocation
(CVE-2021-3489)
* kernel: double free in bluetooth subsystem when the HCI device
initialization fails (CVE-2021-3564)
* kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)
* kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)
* kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)
* kernel: Mounting overlayfs inside an unprivileged user namespace can
reveal files (CVE-2021-3732)
* kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
(CVE-2021-20194)
* kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)
* kernel: fuse: stall on CPU can occur because a retry loop continually
finds the same bad inode (CVE-2021-28950)
* kernel: System crash in intel_pmu_drain_pebs_nhm in
arch/x86/events/intel/ds.c (CVE-2021-28971)
* kernel: protection can be bypassed to leak content of kernel memory
(CVE-2021-29155)
* kernel: improper input validation in tipc_nl_retrieve_key function in
net/tipc/node.c (CVE-2021-29646)
* kernel: lack a full memory barrier may lead to DoS (CVE-2021-29650)
* kernel: local escalation of privileges in handling of eBPF programs
(CVE-2021-31440)
* kernel: protection of stack pointer against speculative pointer
arithmetic can be bypassed to leak content of kernel memory
(CVE-2021-31829)
* kernel: out-of-bounds reads and writes due to enforcing incorrect limits
for pointer arithmetic operations by BPF verifier (CVE-2021-33200)
* kernel: reassembling encrypted fragments with non-consecutive packet
numbers (CVE-2020-26146)
* kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)
* kernel: the copy-on-write implementation can grant unintended write
access because of a race condition in a THP mapcount check (CVE-2020-29368)
* kernel: flowtable list del corruption with kernel BUG at
lib/list_debug.c:50 (CVE-2021-3635)
* kernel: NULL pointer dereference in llsec_key_alloc() in
net/mac802154/llsec.c (CVE-2021-3659)
* kernel: setsockopt System Call Untrusted Pointer Dereference Information
Disclosure (CVE-2021-20239)
* kernel: out of bounds array access in drivers/md/dm-ioctl.c
(CVE-2021-31916)
4. Solution:
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1509204 - dlm: Add ability to set SO_MARK on DLM sockets
1793880 - Unreliable RTC synchronization (11-minute mode)
1816493 - [RHEL 8.3] Discard request from mkfs.xfs takes too much time on raid10
1900844 - CVE-2020-27777 kernel: powerpc: RTAS calls can be used to compromise kernel integrity
1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check
1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value
1915825 - Allow falling back to genfscon labeling when the FS doesn't support xattrs and there is a fs_use_xattr rule for it
1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem.
1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure
1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers
1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers
1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers
1933527 - Files on cifs mount can get mixed contents when underlying file is removed but inode number is reused, when mounted with 'serverino' and 'cache=strict '
1939341 - CNB: net: add inline function skb_csum_is_sctp
1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode
1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c
1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c
1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c
1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del
1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
1953847 - [ethtool] The `NLM_F_MULTI` should be used for `NLM_F_DUMP`
1954588 - RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps.
1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory
1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation
1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection
1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys
1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame
1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client
1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks
1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames
1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks
1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header
1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames
1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers
1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments
1960708 - please add CAP_CHECKPOINT_RESTORE to capability.h
1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs
1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails
1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability.
1965360 - kernel: get_timespec64 does not ignore padding in compat syscalls
1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier
1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl()
1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
1971101 - ceph: potential data corruption in cephfs write_begin codepath
1972278 - libceph: allow addrvecs with a single NONE/blank address
1974627 - [TIPC] kernel BUG at lib/list_debug.c:31!
1975182 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer [rhel-8.5.0]
1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
1976679 - blk-mq: fix/improve io scheduler batching dispatch
1976699 - [SCTP]WARNING: CPU: 29 PID: 3165 at mm/page_alloc.c:4579 __alloc_pages_slowpath+0xb74/0xd00
1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
1976969 - XFS: followup to XFS sync to upstream v5.10 (re BZ1937116)
1977162 - [XDP] test program warning: libbpf: elf: skipping unrecognized data section(16) .eh_frame
1977422 - Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel
1977537 - RHEL8.5: Update the kernel workqueue code to v5.12 level
1977850 - geneve virtual devices lack the NETIF_F_FRAGLIST feature
1978369 - dm writecache: sync with upstream 5.14
1979070 - Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?)
1979680 - Backport openvswitch tracepoints
1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod
1986138 - Lockd invalid cast to nlm_lockowner
1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty()
1989999 - ceph omnibus backport for RHEL-8.5.0
1991976 - block: fix New warning in nvme_setup_discard
1992700 - blk-mq: fix kernel panic when iterating over flush request
1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
1996854 - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
6. Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
kernel-4.18.0-348.el8.src.rpm
aarch64:
bpftool-4.18.0-348.el8.aarch64.rpm
bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-4.18.0-348.el8.aarch64.rpm
kernel-core-4.18.0-348.el8.aarch64.rpm
kernel-cross-headers-4.18.0-348.el8.aarch64.rpm
kernel-debug-4.18.0-348.el8.aarch64.rpm
kernel-debug-core-4.18.0-348.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-debug-devel-4.18.0-348.el8.aarch64.rpm
kernel-debug-modules-4.18.0-348.el8.aarch64.rpm
kernel-debug-modules-extra-4.18.0-348.el8.aarch64.rpm
kernel-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm
kernel-devel-4.18.0-348.el8.aarch64.rpm
kernel-headers-4.18.0-348.el8.aarch64.rpm
kernel-modules-4.18.0-348.el8.aarch64.rpm
kernel-modules-extra-4.18.0-348.el8.aarch64.rpm
kernel-tools-4.18.0-348.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-tools-libs-4.18.0-348.el8.aarch64.rpm
perf-4.18.0-348.el8.aarch64.rpm
perf-debuginfo-4.18.0-348.el8.aarch64.rpm
python3-perf-4.18.0-348.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm
noarch:
kernel-abi-stablelists-4.18.0-348.el8.noarch.rpm
kernel-doc-4.18.0-348.el8.noarch.rpm
ppc64le:
bpftool-4.18.0-348.el8.ppc64le.rpm
bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-4.18.0-348.el8.ppc64le.rpm
kernel-core-4.18.0-348.el8.ppc64le.rpm
kernel-cross-headers-4.18.0-348.el8.ppc64le.rpm
kernel-debug-4.18.0-348.el8.ppc64le.rpm
kernel-debug-core-4.18.0-348.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-debug-devel-4.18.0-348.el8.ppc64le.rpm
kernel-debug-modules-4.18.0-348.el8.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-348.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm
kernel-devel-4.18.0-348.el8.ppc64le.rpm
kernel-headers-4.18.0-348.el8.ppc64le.rpm
kernel-modules-4.18.0-348.el8.ppc64le.rpm
kernel-modules-extra-4.18.0-348.el8.ppc64le.rpm
kernel-tools-4.18.0-348.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-tools-libs-4.18.0-348.el8.ppc64le.rpm
perf-4.18.0-348.el8.ppc64le.rpm
perf-debuginfo-4.18.0-348.el8.ppc64le.rpm
python3-perf-4.18.0-348.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm
s390x:
bpftool-4.18.0-348.el8.s390x.rpm
bpftool-debuginfo-4.18.0-348.el8.s390x.rpm
kernel-4.18.0-348.el8.s390x.rpm
kernel-core-4.18.0-348.el8.s390x.rpm
kernel-cross-headers-4.18.0-348.el8.s390x.rpm
kernel-debug-4.18.0-348.el8.s390x.rpm
kernel-debug-core-4.18.0-348.el8.s390x.rpm
kernel-debug-debuginfo-4.18.0-348.el8.s390x.rpm
kernel-debug-devel-4.18.0-348.el8.s390x.rpm
kernel-debug-modules-4.18.0-348.el8.s390x.rpm
kernel-debug-modules-extra-4.18.0-348.el8.s390x.rpm
kernel-debuginfo-4.18.0-348.el8.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-348.el8.s390x.rpm
kernel-devel-4.18.0-348.el8.s390x.rpm
kernel-headers-4.18.0-348.el8.s390x.rpm
kernel-modules-4.18.0-348.el8.s390x.rpm
kernel-modules-extra-4.18.0-348.el8.s390x.rpm
kernel-tools-4.18.0-348.el8.s390x.rpm
kernel-tools-debuginfo-4.18.0-348.el8.s390x.rpm
kernel-zfcpdump-4.18.0-348.el8.s390x.rpm
kernel-zfcpdump-core-4.18.0-348.el8.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-348.el8.s390x.rpm
kernel-zfcpdump-devel-4.18.0-348.el8.s390x.rpm
kernel-zfcpdump-modules-4.18.0-348.el8.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-348.el8.s390x.rpm
perf-4.18.0-348.el8.s390x.rpm
perf-debuginfo-4.18.0-348.el8.s390x.rpm
python3-perf-4.18.0-348.el8.s390x.rpm
python3-perf-debuginfo-4.18.0-348.el8.s390x.rpm
x86_64:
bpftool-4.18.0-348.el8.x86_64.rpm
bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-4.18.0-348.el8.x86_64.rpm
kernel-core-4.18.0-348.el8.x86_64.rpm
kernel-cross-headers-4.18.0-348.el8.x86_64.rpm
kernel-debug-4.18.0-348.el8.x86_64.rpm
kernel-debug-core-4.18.0-348.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-debug-devel-4.18.0-348.el8.x86_64.rpm
kernel-debug-modules-4.18.0-348.el8.x86_64.rpm
kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm
kernel-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm
kernel-devel-4.18.0-348.el8.x86_64.rpm
kernel-headers-4.18.0-348.el8.x86_64.rpm
kernel-modules-4.18.0-348.el8.x86_64.rpm
kernel-modules-extra-4.18.0-348.el8.x86_64.rpm
kernel-tools-4.18.0-348.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-tools-libs-4.18.0-348.el8.x86_64.rpm
perf-4.18.0-348.el8.x86_64.rpm
perf-debuginfo-4.18.0-348.el8.x86_64.rpm
python3-perf-4.18.0-348.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm
Red Hat Enterprise Linux CRB (v. 8):
aarch64:
bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm
kernel-tools-libs-devel-4.18.0-348.el8.aarch64.rpm
perf-debuginfo-4.18.0-348.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm
ppc64le:
bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-348.el8.ppc64le.rpm
perf-debuginfo-4.18.0-348.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm
x86_64:
bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm
kernel-tools-libs-devel-4.18.0-348.el8.x86_64.rpm
perf-debuginfo-4.18.0-348.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-0427
https://access.redhat.com/security/cve/CVE-2020-24502
https://access.redhat.com/security/cve/CVE-2020-24503
https://access.redhat.com/security/cve/CVE-2020-24504
https://access.redhat.com/security/cve/CVE-2020-24586
https://access.redhat.com/security/cve/CVE-2020-24587
https://access.redhat.com/security/cve/CVE-2020-24588
https://access.redhat.com/security/cve/CVE-2020-26139
https://access.redhat.com/security/cve/CVE-2020-26140
https://access.redhat.com/security/cve/CVE-2020-26141
https://access.redhat.com/security/cve/CVE-2020-26143
https://access.redhat.com/security/cve/CVE-2020-26144
https://access.redhat.com/security/cve/CVE-2020-26145
https://access.redhat.com/security/cve/CVE-2020-26146
https://access.redhat.com/security/cve/CVE-2020-26147
https://access.redhat.com/security/cve/CVE-2020-27777
https://access.redhat.com/security/cve/CVE-2020-29368
https://access.redhat.com/security/cve/CVE-2020-29660
https://access.redhat.com/security/cve/CVE-2020-36158
https://access.redhat.com/security/cve/CVE-2020-36386
https://access.redhat.com/security/cve/CVE-2021-0129
https://access.redhat.com/security/cve/CVE-2021-3348
https://access.redhat.com/security/cve/CVE-2021-3489
https://access.redhat.com/security/cve/CVE-2021-3564
https://access.redhat.com/security/cve/CVE-2021-3573
https://access.redhat.com/security/cve/CVE-2021-3600
https://access.redhat.com/security/cve/CVE-2021-3635
https://access.redhat.com/security/cve/CVE-2021-3659
https://access.redhat.com/security/cve/CVE-2021-3679
https://access.redhat.com/security/cve/CVE-2021-3732
https://access.redhat.com/security/cve/CVE-2021-20194
https://access.redhat.com/security/cve/CVE-2021-20239
https://access.redhat.com/security/cve/CVE-2021-23133
https://access.redhat.com/security/cve/CVE-2021-28950
https://access.redhat.com/security/cve/CVE-2021-28971
https://access.redhat.com/security/cve/CVE-2021-29155
https://access.redhat.com/security/cve/CVE-2021-29646
https://access.redhat.com/security/cve/CVE-2021-29650
https://access.redhat.com/security/cve/CVE-2021-31440
https://access.redhat.com/security/cve/CVE-2021-31829
https://access.redhat.com/security/cve/CVE-2021-31916
https://access.redhat.com/security/cve/CVE-2021-33200
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYYrdRdzjgjWX9erEAQhs0w//as9X4T+FCf3TAbcNIStxlOK6fbJoAlST
FrgNJnRH3RmT+VxRSLWZcsJQf78kudeJWtMezbGSVREfhCMBCGhKZ7mvVp5P7J8l
bobmdaap3hqkPqq66VuKxGuS+6j0rXXgGQH034yzoX+L/lx6KV9qdAnZZO+7kWcy
SfX0GkLg0ARDMfsoUKwVmeUeNLhPlJ4ZH2rBdZ4FhjyEAG/5yL9JwU/VNReWHjhW
HgarTuSnFR3vLQDKyjMIEEiBPOI162hS2j3Ba/A/1hJ70HOjloJnd0eWYGxSuIfC
DRrzlacFNAzBPZsbRFi1plXrHh5LtNoBBWjl+xyb6jRsB8eXgS+WhzUhOXGUv01E
lJTwFy5Kz71d+cAhRXgmz5gVgWuoNJw8AEImefWcy4n0EEK55vdFe0Sl7BfZiwpD
Jhx97He6OurNnLrYyJJ0+TsU1L33794Ag2AJZnN1PLFUyrKKNlD1ZWtdsJg99klK
dQteUTnnUhgDG5Tqulf0wX19BEkLd/O6CRyGueJcV4h4PFpSoWOh5Yy/BlokFzc8
zf14PjuVueIodaIUXtK+70Zmw7tg09Dx5Asyfuk5hWFPYv856nHlDn7PT724CU8v
1cp96h1IjLR6cF17NO2JCcbU0XZEW+aCkGkPcsY8DhBmaZqxUxXObvTD80Mm7EvN
+PuV5cms0sE=
=2UUA
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYYtUguNLKJtyKPYoAQgojA//a9LG5ZRt+8ExV5JCzSOm9QC0Y88dKbGA
/b0x2ZQ/QblBFtjfKgU/1CnFQUs2mAhm9NFMhrtCxfDFRXaB2ItCisS9gE8vgVze
oYnCUZGidC9fFMrlNdB3GqISyP+xZ+tjG7v6JP6KKwqSS8lvGbeduz6AF33RzRfp
jPXbSRHTZtJPWdmtF8vjHdbsLmPmf8Ko2H5CZAmrNsY/wJ7a64er5ZEoILFopW8t
Sm2ijpJ05AmMUL83I0uwOFu4rNPApEy9FDdjRJRutM6xlDC2VRzzsb/TSbsJjjfD
anClDGWqcumMttZUjHYDvjB96c5mPehenmYZpHJgTUSKl/n2nJo7GbglKbMXcnpK
sZSVTvK6czIsF+aF9RwFRswh7cCJoMGxvGwnztNu/dwZ659LvQC5/iiPLgjw5yuE
tW6FMZVMbqI+OH1kBKAuMO5HWz5mSdoOsmxXdM/r4Pykb7PtrYTCSEDYfS20/Pfh
wb2dPg6BN9f3THD0ofS5RiQ3x+BpOmDzh9Fg7axrAE1lqfluNTnQRkM7ZoNriA66
DS3ATEQXzK/Wc9pZeEVbWO2RcgsBaaK/NxA8F4PLRsav1fxfY4dlsfr2i9CyKHDd
0Bp/RCPT54csVZKGecVaozCcxL6f2nEy3QtOhXW+ONe6sVGX6hX42AhVEmz73K9N
uuIPQ6qAMWI=
=/bbc
-----END PGP SIGNATURE-----