Alerts This Week
Warning Icon 1 933
Alerts This Week
Warning Icon 1 933

Fedora 33: FEDORA-2021-05152dbcf5 Critical Kernel Security Fixes

fedora
Calendar Grey May 15, 2021
Dist Fedora Esm H88
Kernel 5.11.20 has been officially released for Fedora 33, bringing essential updates aimed at improving both performance and security.
The 5.11.20 stable kernel update contains a number of important fixes across the tree.

Summary

The kernel meta package

The 5.11.20 stable kernel update contains a number of important fixes across the

tree.

* Wed May 12 2021 Justin M. Forbes [5.11.20-0]

- io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers (Thadeu Lima de Souza Cascardo)

- bpf: Prevent writable memory-mapping of read-only ringbuf pages (Andrii Nakryiko)

- bpf, ringbuf: Deny reserve of buffers larger than ringbuf (Thadeu Lima de Souza Cascardo)

- bpf: Fix alu32 const subreg bound tracking on bitwise operations (Daniel Borkmann)

- net/nfc: fix use-after-free llcp_sock_bind/connect (Or Cohen)

[ 1 ] Bug #1959514 - CVE-2021-23134 kernel: use-after-free in nfc sockets

https://bugzilla.redhat.com/show_bug.cgi?id=1959514

[ 2 ] Bug #1959556 - CVE-2021-3490 kernel: Linux kernel eBPF bitwise ops ALU32 bounds tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1959556

[ 3 ] Bug #1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation

https://bugzilla.redhat.com/show_bug.cgi?id=1959559

[ 4 ] Bug #1959565 - CVE-2021-3491 kernel: Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass

https://bugzilla.redhat.com/show_bug.cgi?id=1959565

su -c 'dnf upgrade --advisory FEDORA-2021-05152dbcf5' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory fedora update critical Fedora security fix kernel system stability

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 33
Version: 5.11.20
Release: 200.fc33
URL: https://www.kernel.org/
Summary: The Linux kernel

Topics%20covered

Topics Covered

security advisory fedora update critical Fedora security fix kernel system stability

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here