[RHSA-2021:0856] kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)
kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374)
kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661)
kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532)
kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)
kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c (CVE-2020-7053)
kernel: performance counters race condition use-after-free (CVE-2020-14351)
kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645)
kernel: use-after-free in read in vt_do_kdgkb_ioctl (CVE-2020-25656)
kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705)
kernel: increase slab leak leads to DoS (CVE-2021-20265)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
BUG: scheduling while atomic: memory allocation under spinlock in scsi_register_device_handler() (BZ#1619147)
WARNING in __iscsit_free_cmd during recovery Abort (BZ#1784540)
lpfc does not issue adisc to fcp-2 devices, does not respond to nvme targer that send an adisc. (BZ#1875961)
Panic in semctl_nolock.constprop.15+0x25b (BZ#1877264)
[RHEL 7.7][md]Crash due to invalid pool workqueue pointer, work queue race (BZ#1889372)
Guest crash on intel CPU with -cpu host,-spec-ctrl,+ibpb (BZ#1890669)
RHEL7.9 - kernel/uv: handle length extension properly (BZ#1899172)
Commit b144f013fc16a06d7a4b9a4be668a3583fafeda2 'i40e: don't report link up for a VF who hasn't enabled queues' introducing issues with VM using DPDK (BZ#1901064)
writing to /sys/devices/(...)/net/eno49/queues/tx-16/xps_cpus triggers kernel panic (BZ#1903819)
[Hyper-V][RHEL-7.9]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit (BZ#1908896)
kvm-rhel7.9 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces. (BZ#1909036)
kernel: nvme nvme7: Connect command failed, error wo/DNR bit: 2 (BZ#1910817)
dm-mirror crashes from assuming underlying storage will have a non-NULL merge_bvec_fn (BZ#1916407)
watchdog: use nmi registers snapshot in hardlockup handler (BZ#1916589)
[DELL EMC 7.9 BUG] - Intel E810 NIC interfaces are not functional in RHEL 7.9 on system with AMD Rome CPUs (BZ#1918273)
[DELL EMC BUG] RHEL system log shows AMD-Vi error when system connected with Gen 4 NVMe drives. (BZ#1921187)
- ID
- RHSA-2021:0856
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2021:0856
- Published
-
2021-03-16T00:00:00
(3 years ago) - Modified
-
2021-03-16T00:00:00
(3 years ago) - Rights
- Copyright 2021 Red Hat, Inc.
- Other Advisories
-
- ALAS-2020-1437
- ALAS-2020-1446
- ALAS-2021-1461
- ALAS-2021-1477
- ALAS-2021-1480
- ALAS2-2020-1495
- ALAS2-2020-1520
- ALAS2-2020-1556
- ALAS2-2020-1566
- ALAS2-2021-1588
- ALAS2-2021-1600
- ALSA-2021:0558
- ALSA-2021:1093
- ALSA-2021:4356
- ALSA-2024:3138
- ASA-202101-30
- ASA-202101-31
- ASA-202101-32
- ASA-202101-33
- ASB-A-174737972
- ASB-A-175451802
- DSA-4774-1
- DSA-4843-1
- ELSA-2020-5569
- ELSA-2020-5670
- ELSA-2020-5671
- ELSA-2020-5676
- ELSA-2020-5709
- ELSA-2020-5912
- ELSA-2020-5913
- ELSA-2020-5995
- ELSA-2020-5996
- ELSA-2021-0003
- ELSA-2021-0558
- ELSA-2021-0856
- ELSA-2021-1093
- ELSA-2021-4356
- ELSA-2021-9002
- ELSA-2021-9005
- ELSA-2021-9006
- ELSA-2021-9007
- ELSA-2021-9008
- ELSA-2021-9009
- ELSA-2021-9023
- ELSA-2021-9024
- ELSA-2021-9025
- ELSA-2021-9035
- ELSA-2021-9037
- ELSA-2021-9038
- ELSA-2021-9039
- ELSA-2021-9212
- ELSA-2021-9306
- ELSA-2021-9307
- ELSA-2024-3138
- FEDORA-2020-3c6fedeb83
- FEDORA-2020-5920a7a0b2
- FEDORA-2020-98ccae320c
- FEDORA-2020-b732958765
- FEDORA-2020-bc0cc81a7a
- FEDORA-2020-e211716d08
- FEDORA-2021-082e638d02
- FEDORA-2021-4a91649cf3
- FEDORA-2021-620fb40359
- MS:CVE-2020-14351
- MS:CVE-2020-25211
- MS:CVE-2020-25645
- MS:CVE-2020-25656
- MS:CVE-2020-25705
- MS:CVE-2020-28374
- MS:CVE-2020-29661
- openSUSE-SU-2020:0336-1
- openSUSE-SU-2020:1586-1
- openSUSE-SU-2020:1655-1
- openSUSE-SU-2020:1682-1
- openSUSE-SU-2020:1698-1
- openSUSE-SU-2020:1906-1
- openSUSE-SU-2020:2034-1
- openSUSE-SU-2020:2112-1
- openSUSE-SU-2020:2161-1
- openSUSE-SU-2021:0060-1
- openSUSE-SU-2021:0075-1
- openSUSE-SU-2021:0241-1
- openSUSE-SU-2021:0242-1
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2021:0003
- RHSA-2021:0004
- RHSA-2021:0537
- RHSA-2021:0558
- RHSA-2021:0857
- RHSA-2021:0862
- RHSA-2021:1081
- RHSA-2021:1093
- RHSA-2021:4140
- RHSA-2021:4356
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2020-295-01
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3379-1
- SUSE-SU-2019:3381-1
- SUSE-SU-2019:3389-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0511-1
- SUSE-SU-2020:0558-1
- SUSE-SU-2020:0559-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0580-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0599-1
- SUSE-SU-2020:0605-1
- SUSE-SU-2020:0613-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:2879-1
- SUSE-SU-2020:2904-1
- SUSE-SU-2020:2905-1
- SUSE-SU-2020:2906-1
- SUSE-SU-2020:2907-1
- SUSE-SU-2020:2908-1
- SUSE-SU-2020:2972-1
- SUSE-SU-2020:2980-1
- SUSE-SU-2020:2981-1
- SUSE-SU-2020:2999-1
- SUSE-SU-2020:3014-1
- SUSE-SU-2020:3122-1
- SUSE-SU-2020:3230-1
- SUSE-SU-2020:3272-1
- SUSE-SU-2020:3273-1
- SUSE-SU-2020:3281-1
- SUSE-SU-2020:3326-1
- SUSE-SU-2020:3389-1
- SUSE-SU-2020:3400-1
- SUSE-SU-2020:3402-1
- SUSE-SU-2020:3433-1
- SUSE-SU-2020:3441-1
- SUSE-SU-2020:3449-1
- SUSE-SU-2020:3484-1
- SUSE-SU-2020:3491-1
- SUSE-SU-2020:3501-1
- SUSE-SU-2020:3503-1
- SUSE-SU-2020:3507-1
- SUSE-SU-2020:3512-1
- SUSE-SU-2020:3513-1
- SUSE-SU-2020:3522-1
- SUSE-SU-2020:3532-1
- SUSE-SU-2020:3544-1
- SUSE-SU-2020:3648-1
- SUSE-SU-2020:3651-1
- SUSE-SU-2020:3656-1
- SUSE-SU-2020:3670-1
- SUSE-SU-2020:3690-1
- SUSE-SU-2020:3717-1
- SUSE-SU-2020:3764-1
- SUSE-SU-2021:0094-1
- SUSE-SU-2021:0095-1
- SUSE-SU-2021:0096-1
- SUSE-SU-2021:0097-1
- SUSE-SU-2021:0098-1
- SUSE-SU-2021:0108-1
- SUSE-SU-2021:0117-1
- SUSE-SU-2021:0118-1
- SUSE-SU-2021:0133-1
- SUSE-SU-2021:0347-1
- SUSE-SU-2021:0348-1
- SUSE-SU-2021:0353-1
- SUSE-SU-2021:0354-1
- SUSE-SU-2021:0362-1
- SUSE-SU-2021:0367-1
- SUSE-SU-2021:0377-1
- SUSE-SU-2021:0408-1
- SUSE-SU-2021:0427-1
- SUSE-SU-2021:0433-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0743-1
- SUSE-SU-2021:0744-1
- SUSE-SU-2021:0818-1
- SUSE-SU-2021:0823-1
- SUSE-SU-2021:0826-1
- SUSE-SU-2021:0835-1
- SUSE-SU-2021:0841-1
- SUSE-SU-2021:0842-1
- SUSE-SU-2021:0849-1
- SUSE-SU-2021:0853-1
- SUSE-SU-2021:0859-1
- SUSE-SU-2021:0868-1
- SUSE-SU-2021:0870-1
- SUSE-SU-2021:1074-1
- SUSE-SU-2021:1148-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- USN-4226-1
- USN-4255-1
- USN-4255-2
- USN-4285-1
- USN-4287-1
- USN-4287-2
- USN-4657-1
- USN-4658-1
- USN-4659-1
- USN-4660-1
- USN-4679-1
- USN-4680-1
- USN-4681-1
- USN-4694-1
- USN-4709-1
- USN-4711-1
- USN-4713-1
- USN-4713-2
- USN-4748-1
- USN-4749-1
- USN-4750-1
- USN-4751-1
- USN-4752-1
- USN-4753-1
- USN-4901-1
- USN-4912-1
- USN-5130-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/python-perf?arch=x86_64&distro=redhat-7 | redhat | python-perf | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/python-perf?arch=s390x&distro=redhat-7 | redhat | python-perf | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/python-perf?arch=ppc64le&distro=redhat-7 | redhat | python-perf | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/python-perf?arch=ppc64&distro=redhat-7 | redhat | python-perf | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/perf?arch=x86_64&distro=redhat-7 | redhat | perf | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/perf?arch=s390x&distro=redhat-7 | redhat | perf | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/perf?arch=ppc64le&distro=redhat-7 | redhat | perf | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/perf?arch=ppc64&distro=redhat-7 | redhat | perf | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=s390x&distro=redhat-7 | redhat | kernel | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64&distro=redhat-7 | redhat | kernel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-tools?arch=x86_64&distro=redhat-7 | redhat | kernel-tools | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-tools?arch=ppc64le&distro=redhat-7 | redhat | kernel-tools | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-tools?arch=ppc64&distro=redhat-7 | redhat | kernel-tools | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-tools-libs?arch=x86_64&distro=redhat-7 | redhat | kernel-tools-libs | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-tools-libs?arch=ppc64le&distro=redhat-7 | redhat | kernel-tools-libs | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-tools-libs?arch=ppc64&distro=redhat-7 | redhat | kernel-tools-libs | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-tools-libs-devel?arch=x86_64&distro=redhat-7 | redhat | kernel-tools-libs-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-tools-libs-devel?arch=ppc64le&distro=redhat-7 | redhat | kernel-tools-libs-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-tools-libs-devel?arch=ppc64&distro=redhat-7 | redhat | kernel-tools-libs-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-kdump?arch=s390x&distro=redhat-7 | redhat | kernel-kdump | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/kernel-kdump-devel?arch=s390x&distro=redhat-7 | redhat | kernel-kdump-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/kernel-doc?distro=redhat-7 | redhat | kernel-doc | < 3.10.0-1160.21.1.el7 | redhat-7 | ||
Affected | pkg:rpm/redhat/kernel-devel?arch=x86_64&distro=redhat-7 | redhat | kernel-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-devel?arch=s390x&distro=redhat-7 | redhat | kernel-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64le&distro=redhat-7 | redhat | kernel-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-devel?arch=ppc64&distro=redhat-7 | redhat | kernel-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=x86_64&distro=redhat-7 | redhat | kernel-debug | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug?arch=s390x&distro=redhat-7 | redhat | kernel-debug | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64le&distro=redhat-7 | redhat | kernel-debug | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-debug?arch=ppc64&distro=redhat-7 | redhat | kernel-debug | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=x86_64&distro=redhat-7 | redhat | kernel-debug-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=s390x&distro=redhat-7 | redhat | kernel-debug-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64le&distro=redhat-7 | redhat | kernel-debug-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-debug-devel?arch=ppc64&distro=redhat-7 | redhat | kernel-debug-devel | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64le&distro=redhat-7 | redhat | kernel-bootwrapper | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel-bootwrapper?arch=ppc64&distro=redhat-7 | redhat | kernel-bootwrapper | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/kernel-abi-whitelists?distro=redhat-7 | redhat | kernel-abi-whitelists | < 3.10.0-1160.21.1.el7 | redhat-7 | ||
Affected | pkg:rpm/redhat/bpftool?arch=x86_64&distro=redhat-7 | redhat | bpftool | < 3.10.0-1160.21.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/bpftool?arch=s390x&distro=redhat-7 | redhat | bpftool | < 3.10.0-1160.21.1.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/bpftool?arch=ppc64le&distro=redhat-7 | redhat | bpftool | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/bpftool?arch=ppc64&distro=redhat-7 | redhat | bpftool | < 3.10.0-1160.21.1.el7 | redhat-7 | ppc64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |