1. Home
  2. Security Advisories
  3. AlmaLinux OS
  4. ALSA-2022:1988

[ALSA-2022:1988] kernel security, bug fix, and enhancement update

Severity Important
Affected Packages 38
CVEs 38
Info Packages References Vulnerabilities

An update for kernel is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)

  • kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)

  • kernel: speculation on incompletely validated data on IBM Power9 (CVE-2020-4788)

  • kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)

  • kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)

  • kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)

  • kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)

  • kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)

  • kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)

  • kernel: possible use-after-free in bluetooth module (CVE-2021-3752)

  • kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)

  • kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)

  • kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)

  • kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)

  • kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)

  • kernel: security regression for CVE-2018-13405 (CVE-2021-4037)

  • kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)

  • kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)

  • kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)

  • kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)

  • kernel: arm: SIGPAGE information disclosure vulnerability (CVE-2021-21781)

  • hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)

  • kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)

  • kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)

  • kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)

  • kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)

  • kernel: ppc: kvm: allows a malicious KVM guest to crash the host (CVE-2021-43056)

  • kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)

  • kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)

  • kernel: use-after-free in the TEE subsystem (CVE-2021-44733)

  • kernel: information leak in the IPv6 implementation (CVE-2021-45485)

  • kernel: information leak in the IPv4 implementation (CVE-2021-45486)

  • hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)

  • hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)

  • kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)

  • kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)

  • kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)

  • kernel: use-after-free in nouveau kernel module (CVE-2020-27820)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Package Affected Version
pkg:rpm/almalinux/python3-perf?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/python3-perf?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/perf?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/perf?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-tools?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-tools?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-tools-libs?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-tools-libs?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-tools-libs-devel?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-tools-libs-devel?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-modules?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-modules?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-modules-extra?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-modules-extra?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-headers?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-headers?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-doc?arch=noarch&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-devel?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-devel?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-modules?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-modules?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-modules-extra?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-modules-extra?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-devel?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-devel?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-core?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-debug-core?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-cross-headers?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-cross-headers?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-core?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-core?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/kernel-abi-stablelists?arch=noarch&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/bpftool?arch=x86_64&distro=almalinux-8 < 4.18.0-372.9.1.el8
pkg:rpm/almalinux/bpftool?arch=aarch64&distro=almalinux-8 < 4.18.0-372.9.1.el8
ID
ALSA-2022:1988
Severity
important
URL
https://errata.almalinux.org/ALSA-2022:1988.html
Published
2022-05-10T08:11:36
(2 years ago)
Modified
2022-05-10T08:11:35
(2 years ago)
Rights
Copyright 2022 AlmaLinux OS
Other Advisories
Source # ID Name URL
Self ALSA-2022-1988 https://errata.almalinux.org/8/ALSA-2022-1988.html
CVE CVE-2020-0404 https://vulners.com/cve/CVE-2020-0404
CVE CVE-2020-13974 https://vulners.com/cve/CVE-2020-13974
CVE CVE-2020-27820 https://vulners.com/cve/CVE-2020-27820
CVE CVE-2020-4788 https://vulners.com/cve/CVE-2020-4788
CVE CVE-2021-0941 https://vulners.com/cve/CVE-2021-0941
CVE CVE-2021-20322 https://vulners.com/cve/CVE-2021-20322
CVE CVE-2021-21781 https://vulners.com/cve/CVE-2021-21781
CVE CVE-2021-26401 https://vulners.com/cve/CVE-2021-26401
CVE CVE-2021-29154 https://vulners.com/cve/CVE-2021-29154
CVE CVE-2021-3612 https://vulners.com/cve/CVE-2021-3612
CVE CVE-2021-3669 https://vulners.com/cve/CVE-2021-3669
CVE CVE-2021-37159 https://vulners.com/cve/CVE-2021-37159
CVE CVE-2021-3743 https://vulners.com/cve/CVE-2021-3743
CVE CVE-2021-3744 https://vulners.com/cve/CVE-2021-3744
CVE CVE-2021-3752 https://vulners.com/cve/CVE-2021-3752
CVE CVE-2021-3759 https://vulners.com/cve/CVE-2021-3759
CVE CVE-2021-3764 https://vulners.com/cve/CVE-2021-3764
CVE CVE-2021-3772 https://vulners.com/cve/CVE-2021-3772
CVE CVE-2021-3773 https://vulners.com/cve/CVE-2021-3773
CVE CVE-2021-4002 https://vulners.com/cve/CVE-2021-4002
CVE CVE-2021-4037 https://vulners.com/cve/CVE-2021-4037
CVE CVE-2021-4083 https://vulners.com/cve/CVE-2021-4083
CVE CVE-2021-4157 https://vulners.com/cve/CVE-2021-4157
CVE CVE-2021-41864 https://vulners.com/cve/CVE-2021-41864
CVE CVE-2021-4197 https://vulners.com/cve/CVE-2021-4197
CVE CVE-2021-4203 https://vulners.com/cve/CVE-2021-4203
CVE CVE-2021-42739 https://vulners.com/cve/CVE-2021-42739
CVE CVE-2021-43056 https://vulners.com/cve/CVE-2021-43056
CVE CVE-2021-43389 https://vulners.com/cve/CVE-2021-43389
CVE CVE-2021-43976 https://vulners.com/cve/CVE-2021-43976
CVE CVE-2021-44733 https://vulners.com/cve/CVE-2021-44733
CVE CVE-2021-45485 https://vulners.com/cve/CVE-2021-45485
CVE CVE-2021-45486 https://vulners.com/cve/CVE-2021-45486
CVE CVE-2022-0001 https://vulners.com/cve/CVE-2022-0001
CVE CVE-2022-0002 https://vulners.com/cve/CVE-2022-0002
CVE CVE-2022-0286 https://vulners.com/cve/CVE-2022-0286
CVE CVE-2022-0322 https://vulners.com/cve/CVE-2022-0322
CVE CVE-2022-1011 https://vulners.com/cve/CVE-2022-1011
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/almalinux/python3-perf?arch=x86_64&distro=almalinux-8 almalinux python3-perf < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/python3-perf?arch=aarch64&distro=almalinux-8 almalinux python3-perf < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/perf?arch=x86_64&distro=almalinux-8 almalinux perf < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/perf?arch=aarch64&distro=almalinux-8 almalinux perf < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel?arch=x86_64&distro=almalinux-8 almalinux kernel < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel?arch=aarch64&distro=almalinux-8 almalinux kernel < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-tools?arch=x86_64&distro=almalinux-8 almalinux kernel-tools < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-tools?arch=aarch64&distro=almalinux-8 almalinux kernel-tools < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-tools-libs?arch=x86_64&distro=almalinux-8 almalinux kernel-tools-libs < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-tools-libs?arch=aarch64&distro=almalinux-8 almalinux kernel-tools-libs < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-tools-libs-devel?arch=x86_64&distro=almalinux-8 almalinux kernel-tools-libs-devel < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-tools-libs-devel?arch=aarch64&distro=almalinux-8 almalinux kernel-tools-libs-devel < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-modules?arch=x86_64&distro=almalinux-8 almalinux kernel-modules < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-modules?arch=aarch64&distro=almalinux-8 almalinux kernel-modules < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-modules-extra?arch=x86_64&distro=almalinux-8 almalinux kernel-modules-extra < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-modules-extra?arch=aarch64&distro=almalinux-8 almalinux kernel-modules-extra < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-headers?arch=x86_64&distro=almalinux-8 almalinux kernel-headers < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-headers?arch=aarch64&distro=almalinux-8 almalinux kernel-headers < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-doc?arch=noarch&distro=almalinux-8 almalinux kernel-doc < 4.18.0-372.9.1.el8 almalinux-8 noarch
Affected pkg:rpm/almalinux/kernel-devel?arch=x86_64&distro=almalinux-8 almalinux kernel-devel < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-devel?arch=aarch64&distro=almalinux-8 almalinux kernel-devel < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-debug?arch=x86_64&distro=almalinux-8 almalinux kernel-debug < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-debug?arch=aarch64&distro=almalinux-8 almalinux kernel-debug < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-debug-modules?arch=x86_64&distro=almalinux-8 almalinux kernel-debug-modules < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-debug-modules?arch=aarch64&distro=almalinux-8 almalinux kernel-debug-modules < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-debug-modules-extra?arch=x86_64&distro=almalinux-8 almalinux kernel-debug-modules-extra < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-debug-modules-extra?arch=aarch64&distro=almalinux-8 almalinux kernel-debug-modules-extra < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-debug-devel?arch=x86_64&distro=almalinux-8 almalinux kernel-debug-devel < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-debug-devel?arch=aarch64&distro=almalinux-8 almalinux kernel-debug-devel < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-debug-core?arch=x86_64&distro=almalinux-8 almalinux kernel-debug-core < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-debug-core?arch=aarch64&distro=almalinux-8 almalinux kernel-debug-core < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-cross-headers?arch=x86_64&distro=almalinux-8 almalinux kernel-cross-headers < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-cross-headers?arch=aarch64&distro=almalinux-8 almalinux kernel-cross-headers < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-core?arch=x86_64&distro=almalinux-8 almalinux kernel-core < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/kernel-core?arch=aarch64&distro=almalinux-8 almalinux kernel-core < 4.18.0-372.9.1.el8 almalinux-8 aarch64
Affected pkg:rpm/almalinux/kernel-abi-stablelists?arch=noarch&distro=almalinux-8 almalinux kernel-abi-stablelists < 4.18.0-372.9.1.el8 almalinux-8 noarch
Affected pkg:rpm/almalinux/bpftool?arch=x86_64&distro=almalinux-8 almalinux bpftool < 4.18.0-372.9.1.el8 almalinux-8 x86_64
Affected pkg:rpm/almalinux/bpftool?arch=aarch64&distro=almalinux-8 almalinux bpftool < 4.18.0-372.9.1.el8 almalinux-8 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date