Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Fedora 35: FEDORA-2022-395481ef2c Urgent System Vulnerability Patch

fedora
Calendar Grey May 15, 2021
Dist Fedora Esm H88
The update to Kernel 5.11.20 for Fedora 34 introduces vital stability improvements and security enhancements throughout the operating system.
The 5.11.20 stable kernel update contains a number of important fixes across the tree.

Summary

The kernel meta package

The 5.11.20 stable kernel update contains a number of important fixes across the

tree.

* Wed May 12 2021 Justin M. Forbes [5.11.20-0]

- io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers (Thadeu Lima de Souza Cascardo)

- bpf: Prevent writable memory-mapping of read-only ringbuf pages (Andrii Nakryiko)

- bpf, ringbuf: Deny reserve of buffers larger than ringbuf (Thadeu Lima de Souza Cascardo)

- bpf: Fix alu32 const subreg bound tracking on bitwise operations (Daniel Borkmann)

- net/nfc: fix use-after-free llcp_sock_bind/connect (Or Cohen)

[ 1 ] Bug #1959514 - CVE-2021-23134 kernel: use-after-free in nfc sockets

https://bugzilla.redhat.com/show_bug.cgi?id=1959514

[ 2 ] Bug #1959556 - CVE-2021-3490 kernel: Linux kernel eBPF bitwise ops ALU32 bounds tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1959556

[ 3 ] Bug #1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation

https://bugzilla.redhat.com/show_bug.cgi?id=1959559

[ 4 ] Bug #1959565 - CVE-2021-3491 kernel: Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass

https://bugzilla.redhat.com/show_bug.cgi?id=1959565

su -c 'dnf upgrade --advisory FEDORA-2021-286375de1e' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory critical issue software update Fedora security enhancement update information critical update kernel system patch safety stability fix

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 34
Version: 5.11.20
Release: 300.fc34
URL: https://www.kernel.org/
Summary: The Linux kernel

Topics%20covered

Topics Covered

security advisory critical issue software update Fedora security enhancement update information critical update kernel system patch safety stability fix

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here