Critical Kernel Update for Red Hat 8 RHSA-2021-1578-01 Boosts Security
red hat
May 18, 2021
An update for kernel is now available for Red Hat Enterprise Linux 8
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Summary
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
* kernel: memory leak in sof_set_get_large_ctrl_data() function in
sound/soc/sof/ipc.c (CVE-2019-18811)
* kernel: use-after-free caused by a malicious USB device in the
drivers/usb/misc/adutux.c driver (CVE-2019-19523)
* kernel: use-after-free bug caused by a malicious USB device in the
drivers/usb/misc/iowarrior.c driver (CVE-2019-19528)
* kernel: possible out of bounds write in kbd_keycode of keyboard.c
(CVE-2020-0431)
* kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)
* kernel: use-after-free in usb_sg_cancel function in
drivers/usb/core/message.c (CVE-2020-12464)
* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)
* kernel: Use After Free vulnerability in cgroup BPF component
(CVE-2020-14356)
* kernel: NULL pointer dereference in serial8250_isa_init_ports function in
drivers/tty/serial/8250/8250_core.c (CVE-2020-15437)
* kernel: umask not applied on filesystem without ACL support
(CVE-2020-24394)
* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)
* kernel: incomplete permission checking for access to rbd devices
(CVE-2020-25284)
* kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c
(CVE-2020-25285)
* kernel: improper input validation in ppp_cp_parse_cr function leads to
memory corruption and read overflow (CVE-2020-25643)
* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
* kernel: use-after-free in kernel midi subsystem (CVE-2020-27786)
* kernel: child process is able to access parent mm through hfi dev file
handle (CVE-2020-27835)
* kernel: slab-out-of-bounds read in fbcon (CVE-2020-28974)
* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting
- ->real_parent (CVE-2020-35508)
* kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate
situations (CVE-2020-36322)
* kernel: use after free in tun_get_user of tun.c could lead to local
escalation of privilege (CVE-2021-0342)
* kernel: NULL pointer dereferences in ov511_mode_init_regs and
ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c (CVE-2020-11608)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.4 Release Notes linked from the References section.
References
https://access.redhat.com/security/cve/CVE-2019-18811 https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19528 https://access.redhat.com/security/cve/CVE-2020-0431 https://access.redhat.com/security/cve/CVE-2020-11608 https://access.redhat.com/security/cve/CVE-2020-12114 https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2020-12464 https://access.redhat.com/security/cve/CVE-2020-14314 https://access.redhat.com/security/cve/CVE-2020-14356 https://access.redhat.com/security/cve/CVE-2020-15437 https://access.redhat.com/security/cve/CVE-2020-24394 https://access.redhat.com/security/cve/CVE-2020-25212 https://access.redhat.com/security/cve/CVE-2020-25284 https://access.redhat.com/security/cve/CVE-2020-25285 https://access.redhat.com/security/cve/CVE-2020-25643 https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-27786 https://access.redhat.com/security/cve/CVE-2020-27835 https://access.redhat.com/security/cve/CVE-2020-28974 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2020-36322 https://access.redhat.com/security/cve/CVE-2021-0342 Read the Full Advisory
Package List
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
kernel-4.18.0-305.el8.src.rpm
aarch64:
bpftool-4.18.0-305.el8.aarch64.rpm
bpftool-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-4.18.0-305.el8.aarch64.rpm
kernel-core-4.18.0-305.el8.aarch64.rpm
kernel-cross-headers-4.18.0-305.el8.aarch64.rpm
kernel-debug-4.18.0-305.el8.aarch64.rpm
kernel-debug-core-4.18.0-305.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debug-devel-4.18.0-305.el8.aarch64.rpm
kernel-debug-modules-4.18.0-305.el8.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.el8.aarch64.rpm
kernel-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.el8.aarch64.rpm
kernel-devel-4.18.0-305.el8.aarch64.rpm
kernel-headers-4.18.0-305.el8.aarch64.rpm
kernel-modules-4.18.0-305.el8.aarch64.rpm
kernel-modules-extra-4.18.0-305.el8.aarch64.rpm
kernel-tools-4.18.0-305.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-tools-libs-4.18.0-305.el8.aarch64.rpm
perf-4.18.0-305.el8.aarch64.rpm
perf-debuginfo-4.18.0-305.el8.aarch64.rpm
python3-perf-4.18.0-305.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.el8.aarch64.rpm
noarch:
kernel-abi-stablelists-4.18.0-305.el8.noarch.rpm
kernel-doc-4.18.0-305.el8.noarch.rpm
ppc64le:
bpftool-4.18.0-305.el8.ppc64le.rpm
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2021:1578-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1578
Issue date: 2021-05-18
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Relevant Releases Architectures
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Bugs Fixed
1777455 - CVE-2019-18811 kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c
1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver
1783507 - CVE-2019-19528 kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver
1831726 - CVE-2020-12464 kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c
1833445 - CVE-2020-11608 kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c
1848084 - i_version is turned off whenever filesystem is remounted
1848652 - CVE-2020-12114 kernel: DoS by corrupting mountpoint reference counter
1853922 - CVE-2020-14314 kernel: buffer uses out of index in ext3/4 filesystem
1859244 - Failure when modifying bridge multicast-snooping from 0 to 1
1860479 - Unable to attach VLAN-based logical networks to a bond
1868453 - CVE-2020-14356 kernel: Use After Free vulnerability in cgroup BPF component
1869141 - CVE-2020-24394 kernel: umask not applied on filesystem without ACL support
1876840 - logs are filled with: sending ioctl to DM device without required privilege
1877575 - CVE-2020-25212 kernel: TOCTOU mismatch in the NFS client code
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!