[RHSA-2021:4088] kernel-rt security and bug fix update
Severity
Important
Affected Packages
12
CVEs
3
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)
kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the RHEL-8.4.z source tree (BZ#2004117)
- ID
- RHSA-2021:4088
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2021:4088
- Published
-
2021-11-02T00:00:00
(2 years ago) - Modified
-
2021-11-02T00:00:00
(2 years ago) - Rights
- Copyright 2021 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2021-1704
- ALSA-2021:4056
- ASB-A-173843328
- DSA-4978-1
- ELSA-2021-3801
- ELSA-2021-4056
- ELSA-2021-4777
- ELSA-2021-9419
- ELSA-2021-9420
- ELSA-2021-9421
- ELSA-2021-9422
- ELSA-2021-9450
- ELSA-2021-9451
- ELSA-2021-9452
- ELSA-2021-9453
- ELSA-2021-9459
- ELSA-2021-9564
- ELSA-2021-9565
- ELSA-2022-9244
- ELSA-2022-9245
- ELSA-2022-9793
- FEDORA-2021-33819e6b09
- FEDORA-2021-a424256622
- MS:CVE-2021-3656
- openSUSE-SU-2021:1271-1
- openSUSE-SU-2021:2184-1
- openSUSE-SU-2021:2202-1
- openSUSE-SU-2021:2305-1
- openSUSE-SU-2021:2352-1
- openSUSE-SU-2021:2427-1
- openSUSE-SU-2021:3179-1
- openSUSE-SU-2021:3205-1
- openSUSE-SU-2021:3876-1
- RHSA-2021:3801
- RHSA-2021:3802
- RHSA-2021:4056
- RHSA-2021:4122
- RHSA-2021:4777
- RHSA-2021:4779
- RHSA-2021:4798
- RLSA-2021:4088
- SUSE-SU-2021:2184-1
- SUSE-SU-2021:2202-1
- SUSE-SU-2021:2303-1
- SUSE-SU-2021:2305-1
- SUSE-SU-2021:2321-1
- SUSE-SU-2021:2324-1
- SUSE-SU-2021:2325-1
- SUSE-SU-2021:2332-1
- SUSE-SU-2021:2344-1
- SUSE-SU-2021:2349-1
- SUSE-SU-2021:2352-1
- SUSE-SU-2021:2361-1
- SUSE-SU-2021:2367-1
- SUSE-SU-2021:2368-1
- SUSE-SU-2021:2372-1
- SUSE-SU-2021:2377-1
- SUSE-SU-2021:2387-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2407-1
- SUSE-SU-2021:2416-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2422-1
- SUSE-SU-2021:2426-1
- SUSE-SU-2021:2427-1
- SUSE-SU-2021:2433-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2021:2453-1
- SUSE-SU-2021:2538-1
- SUSE-SU-2021:2542-1
- SUSE-SU-2021:2560-1
- SUSE-SU-2021:2577-1
- SUSE-SU-2021:2584-1
- SUSE-SU-2021:2643-1
- SUSE-SU-2021:3073-1
- SUSE-SU-2021:3177-1
- SUSE-SU-2021:3178-1
- SUSE-SU-2021:3179-1
- SUSE-SU-2021:3192-1
- SUSE-SU-2021:3205-1
- SUSE-SU-2021:3205-2
- SUSE-SU-2021:3206-1
- SUSE-SU-2021:3207-1
- SUSE-SU-2021:3217-1
- SUSE-SU-2021:3415-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3969-1
- SUSE-SU-2021:3972-1
- USN-5070-1
- USN-5071-1
- USN-5071-2
- USN-5072-1
- USN-5073-1
- USN-5073-2
- USN-5082-1
- USN-5136-1
- USN-5137-1
- USN-5137-2
- USN-5343-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1974319 | https://bugzilla.redhat.com/1974319 | |
Bugzilla | 1974491 | https://bugzilla.redhat.com/1974491 | |
Bugzilla | 1983988 | https://bugzilla.redhat.com/1983988 | |
RHSA | RHSA-2021:4088 | https://access.redhat.com/errata/RHSA-2021:4088 | |
CVE | CVE-2020-36385 | https://access.redhat.com/security/cve/CVE-2020-36385 | |
CVE | CVE-2021-0512 | https://access.redhat.com/security/cve/CVE-2021-0512 | |
CVE | CVE-2021-3656 | https://access.redhat.com/security/cve/CVE-2021-3656 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-modules | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-modules-extra | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-kvm | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-devel | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-debug | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-debug-modules | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-debug-modules-extra | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-debug-kvm | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-debug-devel | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-debug-core | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-8.4 | redhat | kernel-rt-core | < 4.18.0-305.25.1.rt7.97.el8_4 | redhat-8.4 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |