[ALSA-2021:2714] kernel security and bug fix update

Severity Important

Affected Packages 20

CVEs 2

An update for kernel is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)
kernel: race condition for removal of the HCI controller (CVE-2021-32399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

pinctrl_emmitsburg: improper configuration (BZ#1963984)
[Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath (BZ#1964419)
AlmaLinux8.4 - [P10] [NPIV Multi queue Test kernel- 4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on Denali (ibmvfc/dlpar/AlmaLinux8.4) (BZ#1964697)
Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967099)
backport fixes for Connection Tracking offload (BZ#1968679)
fm10k: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969910)
ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969911)
ena: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969913)
b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969914)
e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969915)
ice: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969917)
igb: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969919)
igbvf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969920)
igc: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969921)
ixgbe: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969922)
i40e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969923)
iavf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969925)
Backport netlink extack tracepoint (BZ#1972938)
[AlmaLinux8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968)

Package	Affected Version
pkg:rpm/almalinux/python3-perf?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/perf?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-tools?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-tools-libs?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-tools-libs-devel?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-modules?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-modules-extra?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-headers?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-doc?arch=noarch&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-devel?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-debug?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-debug-modules?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-debug-modules-extra?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-debug-devel?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-debug-core?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-cross-headers?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-core?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/kernel-abi-stablelists?arch=noarch&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4
pkg:rpm/almalinux/bpftool?arch=x86_64&distro=almalinux-8.4	< 4.18.0-305.10.2.el8_4

ID

ALSA-2021:2714

Severity

important

URL

https://errata.almalinux.org/ALSA-2021:2714.html

Published

2021-07-20T13:30:15
(3 years ago)

Modified

2021-08-11T08:54:00
(3 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
CVE	CVE-2021-32399		https://vulners.com/cve/CVE-2021-32399
CVE	CVE-2021-33909		https://vulners.com/cve/CVE-2021-33909

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/almalinux/python3-perf?arch=x86_64&distro=almalinux-8.4	almalinux	python3-perf	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/perf?arch=x86_64&distro=almalinux-8.4	almalinux	perf	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel?arch=x86_64&distro=almalinux-8.4	almalinux	kernel	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-tools?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-tools	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-tools-libs?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-tools-libs	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-tools-libs-devel?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-tools-libs-devel	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-modules?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-modules	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-modules-extra?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-modules-extra	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-headers?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-headers	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-doc?arch=noarch&distro=almalinux-8.4	almalinux	kernel-doc	< 4.18.0-305.10.2.el8_4	almalinux-8.4	noarch
Affected	pkg:rpm/almalinux/kernel-devel?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-devel	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-debug?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-debug	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-debug-modules?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-debug-modules	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-debug-modules-extra?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-debug-modules-extra	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-debug-devel?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-debug-devel	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-debug-core?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-debug-core	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-cross-headers?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-cross-headers	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-core?arch=x86_64&distro=almalinux-8.4	almalinux	kernel-core	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64
Affected	pkg:rpm/almalinux/kernel-abi-stablelists?arch=noarch&distro=almalinux-8.4	almalinux	kernel-abi-stablelists	< 4.18.0-305.10.2.el8_4	almalinux-8.4	noarch
Affected	pkg:rpm/almalinux/bpftool?arch=x86_64&distro=almalinux-8.4	almalinux	bpftool	< 4.18.0-305.10.2.el8_4	almalinux-8.4	x86_64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date