-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2021:1578-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:1578
Issue date:        2021-05-18
CVE Names:         CVE-2019-18811 CVE-2019-19523 CVE-2019-19528 
                   CVE-2020-0431 CVE-2020-11608 CVE-2020-12114 
                   CVE-2020-12362 CVE-2020-12464 CVE-2020-14314 
                   CVE-2020-14356 CVE-2020-15437 CVE-2020-24394 
                   CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 
                   CVE-2020-25643 CVE-2020-25704 CVE-2020-27786 
                   CVE-2020-27835 CVE-2020-28974 CVE-2020-35508 
                   CVE-2020-36322 CVE-2021-0342 
====================================================================
1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)

* kernel: memory leak in sof_set_get_large_ctrl_data() function in
sound/soc/sof/ipc.c (CVE-2019-18811)

* kernel: use-after-free caused by a malicious USB device in the
drivers/usb/misc/adutux.c driver (CVE-2019-19523)

* kernel: use-after-free bug caused by a malicious USB device in the
drivers/usb/misc/iowarrior.c driver (CVE-2019-19528)

* kernel: possible out of bounds write in kbd_keycode of keyboard.c
(CVE-2020-0431)

* kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)

* kernel: use-after-free in usb_sg_cancel function in
drivers/usb/core/message.c (CVE-2020-12464)

* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)

* kernel: Use After Free vulnerability in cgroup BPF component
(CVE-2020-14356)

* kernel: NULL pointer dereference in serial8250_isa_init_ports function in
drivers/tty/serial/8250/8250_core.c (CVE-2020-15437)

* kernel: umask not applied on filesystem without ACL support
(CVE-2020-24394)

* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)

* kernel: incomplete permission checking for access to rbd devices
(CVE-2020-25284)

* kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c
(CVE-2020-25285)

* kernel: improper input validation in ppp_cp_parse_cr function leads to
memory corruption and read overflow (CVE-2020-25643)

* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)

* kernel: use-after-free in kernel midi subsystem (CVE-2020-27786)

* kernel: child process is able to access parent mm through hfi dev file
handle (CVE-2020-27835)

* kernel: slab-out-of-bounds read in fbcon (CVE-2020-28974)

* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting
- ->real_parent (CVE-2020-35508)

* kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate
situations (CVE-2020-36322)

* kernel: use after free in tun_get_user of tun.c could lead to local
escalation of privilege (CVE-2021-0342)

* kernel: NULL pointer dereferences in ov511_mode_init_regs and
ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c (CVE-2020-11608)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1777455 - CVE-2019-18811 kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c
1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver
1783507 - CVE-2019-19528 kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver
1831726 - CVE-2020-12464 kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c
1833445 - CVE-2020-11608 kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c
1848084 - i_version is turned off whenever filesystem is remounted
1848652 - CVE-2020-12114 kernel: DoS by corrupting mountpoint reference counter
1853922 - CVE-2020-14314 kernel: buffer uses out of index in ext3/4 filesystem
1859244 - Failure when modifying bridge multicast-snooping from 0 to 1
1860479 - Unable to attach VLAN-based logical networks to a bond
1868453 - CVE-2020-14356 kernel: Use After Free vulnerability in cgroup BPF component
1869141 - CVE-2020-24394 kernel: umask not applied on filesystem without ACL support
1876840 - logs are filled with: sending ioctl to DM device without required privilege
1877575 - CVE-2020-25212 kernel: TOCTOU mismatch in the NFS client code
1879981 - CVE-2020-25643 kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
1882591 - CVE-2020-25285 kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c
1882594 - CVE-2020-25284 kernel: incomplete permission checking for access to rbd devices
1890373 - kernel version update cause qemu live migration failed
1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory
1900933 - CVE-2020-27786 kernel: use-after-free in kernel midi subsystem
1901161 - CVE-2020-15437 kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c
1901709 - CVE-2020-27835 kernel: child process is able to access parent mm through hfi dev file handle
1902724 - CVE-2020-35508 kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
1903126 - CVE-2020-28974 kernel: slab-out-of-bounds read in fbcon
1903387 - fsfreeze of xfs filesystem can be significantly delayed in xfs_wait_buftarg if a process continues to grab and release buffers1903983 - rootless mode doesn't work
1911343 - blk_alloc_queue() ABI change
1915799 - CVE-2021-0342 kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege
1919889 - CVE-2020-0431 kernel: possible out of bounds write in kbd_keycode of keyboard.c
1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers1949560 - CVE-2020-36322 kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
kernel-4.18.0-305.el8.src.rpm

aarch64:
bpftool-4.18.0-305.el8.aarch64.rpm
bpftool-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-4.18.0-305.el8.aarch64.rpm
kernel-core-4.18.0-305.el8.aarch64.rpm
kernel-cross-headers-4.18.0-305.el8.aarch64.rpm
kernel-debug-4.18.0-305.el8.aarch64.rpm
kernel-debug-core-4.18.0-305.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debug-devel-4.18.0-305.el8.aarch64.rpm
kernel-debug-modules-4.18.0-305.el8.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.el8.aarch64.rpm
kernel-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.el8.aarch64.rpm
kernel-devel-4.18.0-305.el8.aarch64.rpm
kernel-headers-4.18.0-305.el8.aarch64.rpm
kernel-modules-4.18.0-305.el8.aarch64.rpm
kernel-modules-extra-4.18.0-305.el8.aarch64.rpm
kernel-tools-4.18.0-305.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-tools-libs-4.18.0-305.el8.aarch64.rpm
perf-4.18.0-305.el8.aarch64.rpm
perf-debuginfo-4.18.0-305.el8.aarch64.rpm
python3-perf-4.18.0-305.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.el8.aarch64.rpm

noarch:
kernel-abi-stablelists-4.18.0-305.el8.noarch.rpm
kernel-doc-4.18.0-305.el8.noarch.rpm

ppc64le:
bpftool-4.18.0-305.el8.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-4.18.0-305.el8.ppc64le.rpm
kernel-core-4.18.0-305.el8.ppc64le.rpm
kernel-cross-headers-4.18.0-305.el8.ppc64le.rpm
kernel-debug-4.18.0-305.el8.ppc64le.rpm
kernel-debug-core-4.18.0-305.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-debug-devel-4.18.0-305.el8.ppc64le.rpm
kernel-debug-modules-4.18.0-305.el8.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.el8.ppc64le.rpm
kernel-devel-4.18.0-305.el8.ppc64le.rpm
kernel-headers-4.18.0-305.el8.ppc64le.rpm
kernel-modules-4.18.0-305.el8.ppc64le.rpm
kernel-modules-extra-4.18.0-305.el8.ppc64le.rpm
kernel-tools-4.18.0-305.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-tools-libs-4.18.0-305.el8.ppc64le.rpm
perf-4.18.0-305.el8.ppc64le.rpm
perf-debuginfo-4.18.0-305.el8.ppc64le.rpm
python3-perf-4.18.0-305.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.el8.ppc64le.rpm

s390x:
bpftool-4.18.0-305.el8.s390x.rpm
bpftool-debuginfo-4.18.0-305.el8.s390x.rpm
kernel-4.18.0-305.el8.s390x.rpm
kernel-core-4.18.0-305.el8.s390x.rpm
kernel-cross-headers-4.18.0-305.el8.s390x.rpm
kernel-debug-4.18.0-305.el8.s390x.rpm
kernel-debug-core-4.18.0-305.el8.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.el8.s390x.rpm
kernel-debug-devel-4.18.0-305.el8.s390x.rpm
kernel-debug-modules-4.18.0-305.el8.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.el8.s390x.rpm
kernel-debuginfo-4.18.0-305.el8.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.el8.s390x.rpm
kernel-devel-4.18.0-305.el8.s390x.rpm
kernel-headers-4.18.0-305.el8.s390x.rpm
kernel-modules-4.18.0-305.el8.s390x.rpm
kernel-modules-extra-4.18.0-305.el8.s390x.rpm
kernel-tools-4.18.0-305.el8.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.el8.s390x.rpm
kernel-zfcpdump-4.18.0-305.el8.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.el8.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.el8.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.el8.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.el8.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.el8.s390x.rpm
perf-4.18.0-305.el8.s390x.rpm
perf-debuginfo-4.18.0-305.el8.s390x.rpm
python3-perf-4.18.0-305.el8.s390x.rpm
python3-perf-debuginfo-4.18.0-305.el8.s390x.rpm

x86_64:
bpftool-4.18.0-305.el8.x86_64.rpm
bpftool-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-4.18.0-305.el8.x86_64.rpm
kernel-core-4.18.0-305.el8.x86_64.rpm
kernel-cross-headers-4.18.0-305.el8.x86_64.rpm
kernel-debug-4.18.0-305.el8.x86_64.rpm
kernel-debug-core-4.18.0-305.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-debug-devel-4.18.0-305.el8.x86_64.rpm
kernel-debug-modules-4.18.0-305.el8.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.el8.x86_64.rpm
kernel-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.el8.x86_64.rpm
kernel-devel-4.18.0-305.el8.x86_64.rpm
kernel-headers-4.18.0-305.el8.x86_64.rpm
kernel-modules-4.18.0-305.el8.x86_64.rpm
kernel-modules-extra-4.18.0-305.el8.x86_64.rpm
kernel-tools-4.18.0-305.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-tools-libs-4.18.0-305.el8.x86_64.rpm
perf-4.18.0-305.el8.x86_64.rpm
perf-debuginfo-4.18.0-305.el8.x86_64.rpm
python3-perf-4.18.0-305.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.el8.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
bpftool-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.el8.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.el8.aarch64.rpm
perf-debuginfo-4.18.0-305.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.el8.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.el8.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.el8.ppc64le.rpm
perf-debuginfo-4.18.0-305.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.el8.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.el8.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.el8.x86_64.rpm
perf-debuginfo-4.18.0-305.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-18811
https://access.redhat.com/security/cve/CVE-2019-19523
https://access.redhat.com/security/cve/CVE-2019-19528
https://access.redhat.com/security/cve/CVE-2020-0431
https://access.redhat.com/security/cve/CVE-2020-11608
https://access.redhat.com/security/cve/CVE-2020-12114
https://access.redhat.com/security/cve/CVE-2020-12362
https://access.redhat.com/security/cve/CVE-2020-12464
https://access.redhat.com/security/cve/CVE-2020-14314
https://access.redhat.com/security/cve/CVE-2020-14356
https://access.redhat.com/security/cve/CVE-2020-15437
https://access.redhat.com/security/cve/CVE-2020-24394
https://access.redhat.com/security/cve/CVE-2020-25212
https://access.redhat.com/security/cve/CVE-2020-25284
https://access.redhat.com/security/cve/CVE-2020-25285
https://access.redhat.com/security/cve/CVE-2020-25643
https://access.redhat.com/security/cve/CVE-2020-25704
https://access.redhat.com/security/cve/CVE-2020-27786
https://access.redhat.com/security/cve/CVE-2020-27835
https://access.redhat.com/security/cve/CVE-2020-28974
https://access.redhat.com/security/cve/CVE-2020-35508
https://access.redhat.com/security/cve/CVE-2020-36322
https://access.redhat.com/security/cve/CVE-2021-0342
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYKPtUtzjgjWX9erEAQhNzw/9F6cpeKdpnVS3awWzATKfC4r16pIGJmLl
je5fSRHlPqZPu1aO9PcxAQbW3WDQ0S2MWDZDko+XdZTcob7ekBg2F/UQh/wkN4dr
2SE+HlhoRMzykUwKXyVkeqHV8o3lhbbBWwLCO4Mvo/3EWZMwE84YkuYZGMlbkiP/
5LXomS+exfm3IGe9u5ByyVVvl0JrDmvMxDULjqUoqoQwCO7pu37lPcnmk0D0z/RR
eJzTK4Fg9bg74eGkZu1d7169CbXJ5/JMIO6mAfjCqCLzGqP1Dqy19rONbZfq5FYB
LXkWmPW6uxecT+FVirUjS2l8almi+Vu9K9H0IcfnYxctMg80CcdAoNhkCfoSFb/Q
eBFhDGU0w4X6ll5KtXFju+qZuYLp4nu7PiF9vvFHiM7kps13eoOShstgyyc7urtY
M3rUSyM3ll31Ci6cmnTW6q1vc9HaLF+XfQtv4x/lMfDP+YhWpQJOefDRuQIqftLO
NwjOTJOpbqTz8hvkRS1pZm4b3bppNs7dfygV1xKP96JuDVk107UjHZj5ygYKsWSw
XrHUXRnVpgTrGBhOOnGRAA51fjfCYDmooaWCHpOyNqNoAcJTdPJFz3y/wEU4W4Dk
hy/TIXykL0AHKFTcZpyjkVOfGCNtG1POP1MzwoAaY/gAbDqxyUHDnh4z2hYEmnNy
EfZ3tn1MwzI=RRkk
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2021-1578:01 Important: kernel security, bug fix,

An update for kernel is now available for Red Hat Enterprise Linux 8

Summary

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
* kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c (CVE-2019-18811)
* kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver (CVE-2019-19523)
* kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (CVE-2019-19528)
* kernel: possible out of bounds write in kbd_keycode of keyboard.c (CVE-2020-0431)
* kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)
* kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c (CVE-2020-12464)
* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)
* kernel: Use After Free vulnerability in cgroup BPF component (CVE-2020-14356)
* kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c (CVE-2020-15437)
* kernel: umask not applied on filesystem without ACL support (CVE-2020-24394)
* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)
* kernel: incomplete permission checking for access to rbd devices (CVE-2020-25284)
* kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c (CVE-2020-25285)
* kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow (CVE-2020-25643)
* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
* kernel: use-after-free in kernel midi subsystem (CVE-2020-27786)
* kernel: child process is able to access parent mm through hfi dev file handle (CVE-2020-27835)
* kernel: slab-out-of-bounds read in fbcon (CVE-2020-28974)
* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting - ->real_parent (CVE-2020-35508)
* kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322)
* kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege (CVE-2021-0342)
* kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c (CVE-2020-11608)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2019-18811 https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19528 https://access.redhat.com/security/cve/CVE-2020-0431 https://access.redhat.com/security/cve/CVE-2020-11608 https://access.redhat.com/security/cve/CVE-2020-12114 https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2020-12464 https://access.redhat.com/security/cve/CVE-2020-14314 https://access.redhat.com/security/cve/CVE-2020-14356 https://access.redhat.com/security/cve/CVE-2020-15437 https://access.redhat.com/security/cve/CVE-2020-24394 https://access.redhat.com/security/cve/CVE-2020-25212 https://access.redhat.com/security/cve/CVE-2020-25284 https://access.redhat.com/security/cve/CVE-2020-25285 https://access.redhat.com/security/cve/CVE-2020-25643 https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-27786 https://access.redhat.com/security/cve/CVE-2020-27835 https://access.redhat.com/security/cve/CVE-2020-28974 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2020-36322 https://access.redhat.com/security/cve/CVE-2021-0342 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

Package List

Red Hat Enterprise Linux BaseOS (v. 8):
Source: kernel-4.18.0-305.el8.src.rpm
aarch64: bpftool-4.18.0-305.el8.aarch64.rpm bpftool-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-4.18.0-305.el8.aarch64.rpm kernel-core-4.18.0-305.el8.aarch64.rpm kernel-cross-headers-4.18.0-305.el8.aarch64.rpm kernel-debug-4.18.0-305.el8.aarch64.rpm kernel-debug-core-4.18.0-305.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-debug-devel-4.18.0-305.el8.aarch64.rpm kernel-debug-modules-4.18.0-305.el8.aarch64.rpm kernel-debug-modules-extra-4.18.0-305.el8.aarch64.rpm kernel-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.el8.aarch64.rpm kernel-devel-4.18.0-305.el8.aarch64.rpm kernel-headers-4.18.0-305.el8.aarch64.rpm kernel-modules-4.18.0-305.el8.aarch64.rpm kernel-modules-extra-4.18.0-305.el8.aarch64.rpm kernel-tools-4.18.0-305.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-tools-libs-4.18.0-305.el8.aarch64.rpm perf-4.18.0-305.el8.aarch64.rpm perf-debuginfo-4.18.0-305.el8.aarch64.rpm python3-perf-4.18.0-305.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-305.el8.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-305.el8.noarch.rpm kernel-doc-4.18.0-305.el8.noarch.rpm
ppc64le: bpftool-4.18.0-305.el8.ppc64le.rpm bpftool-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-4.18.0-305.el8.ppc64le.rpm kernel-core-4.18.0-305.el8.ppc64le.rpm kernel-cross-headers-4.18.0-305.el8.ppc64le.rpm kernel-debug-4.18.0-305.el8.ppc64le.rpm kernel-debug-core-4.18.0-305.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-debug-devel-4.18.0-305.el8.ppc64le.rpm kernel-debug-modules-4.18.0-305.el8.ppc64le.rpm kernel-debug-modules-extra-4.18.0-305.el8.ppc64le.rpm kernel-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.el8.ppc64le.rpm kernel-devel-4.18.0-305.el8.ppc64le.rpm kernel-headers-4.18.0-305.el8.ppc64le.rpm kernel-modules-4.18.0-305.el8.ppc64le.rpm kernel-modules-extra-4.18.0-305.el8.ppc64le.rpm kernel-tools-4.18.0-305.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-tools-libs-4.18.0-305.el8.ppc64le.rpm perf-4.18.0-305.el8.ppc64le.rpm perf-debuginfo-4.18.0-305.el8.ppc64le.rpm python3-perf-4.18.0-305.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.el8.ppc64le.rpm
s390x: bpftool-4.18.0-305.el8.s390x.rpm bpftool-debuginfo-4.18.0-305.el8.s390x.rpm kernel-4.18.0-305.el8.s390x.rpm kernel-core-4.18.0-305.el8.s390x.rpm kernel-cross-headers-4.18.0-305.el8.s390x.rpm kernel-debug-4.18.0-305.el8.s390x.rpm kernel-debug-core-4.18.0-305.el8.s390x.rpm kernel-debug-debuginfo-4.18.0-305.el8.s390x.rpm kernel-debug-devel-4.18.0-305.el8.s390x.rpm kernel-debug-modules-4.18.0-305.el8.s390x.rpm kernel-debug-modules-extra-4.18.0-305.el8.s390x.rpm kernel-debuginfo-4.18.0-305.el8.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-305.el8.s390x.rpm kernel-devel-4.18.0-305.el8.s390x.rpm kernel-headers-4.18.0-305.el8.s390x.rpm kernel-modules-4.18.0-305.el8.s390x.rpm kernel-modules-extra-4.18.0-305.el8.s390x.rpm kernel-tools-4.18.0-305.el8.s390x.rpm kernel-tools-debuginfo-4.18.0-305.el8.s390x.rpm kernel-zfcpdump-4.18.0-305.el8.s390x.rpm kernel-zfcpdump-core-4.18.0-305.el8.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-305.el8.s390x.rpm kernel-zfcpdump-devel-4.18.0-305.el8.s390x.rpm kernel-zfcpdump-modules-4.18.0-305.el8.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-305.el8.s390x.rpm perf-4.18.0-305.el8.s390x.rpm perf-debuginfo-4.18.0-305.el8.s390x.rpm python3-perf-4.18.0-305.el8.s390x.rpm python3-perf-debuginfo-4.18.0-305.el8.s390x.rpm
x86_64: bpftool-4.18.0-305.el8.x86_64.rpm bpftool-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-4.18.0-305.el8.x86_64.rpm kernel-core-4.18.0-305.el8.x86_64.rpm kernel-cross-headers-4.18.0-305.el8.x86_64.rpm kernel-debug-4.18.0-305.el8.x86_64.rpm kernel-debug-core-4.18.0-305.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-debug-devel-4.18.0-305.el8.x86_64.rpm kernel-debug-modules-4.18.0-305.el8.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.el8.x86_64.rpm kernel-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.el8.x86_64.rpm kernel-devel-4.18.0-305.el8.x86_64.rpm kernel-headers-4.18.0-305.el8.x86_64.rpm kernel-modules-4.18.0-305.el8.x86_64.rpm kernel-modules-extra-4.18.0-305.el8.x86_64.rpm kernel-tools-4.18.0-305.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-tools-libs-4.18.0-305.el8.x86_64.rpm perf-4.18.0-305.el8.x86_64.rpm perf-debuginfo-4.18.0-305.el8.x86_64.rpm python3-perf-4.18.0-305.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-305.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: bpftool-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.el8.aarch64.rpm kernel-tools-libs-devel-4.18.0-305.el8.aarch64.rpm perf-debuginfo-4.18.0-305.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-305.el8.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.el8.ppc64le.rpm kernel-tools-libs-devel-4.18.0-305.el8.ppc64le.rpm perf-debuginfo-4.18.0-305.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.el8.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.el8.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.el8.x86_64.rpm perf-debuginfo-4.18.0-305.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-305.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2021:1578-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1578
Issued Date: : 2021-05-18
CVE Names: CVE-2019-18811 CVE-2019-19523 CVE-2019-19528 CVE-2020-0431 CVE-2020-11608 CVE-2020-12114 CVE-2020-12362 CVE-2020-12464 CVE-2020-14314 CVE-2020-14356 CVE-2020-15437 CVE-2020-24394 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-25643 CVE-2020-25704 CVE-2020-27786 CVE-2020-27835 CVE-2020-28974 CVE-2020-35508 CVE-2020-36322 CVE-2021-0342

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64


Bugs Fixed

1777455 - CVE-2019-18811 kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c

1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver

1783507 - CVE-2019-19528 kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver

1831726 - CVE-2020-12464 kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c

1833445 - CVE-2020-11608 kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c

1848084 - i_version is turned off whenever filesystem is remounted

1848652 - CVE-2020-12114 kernel: DoS by corrupting mountpoint reference counter

1853922 - CVE-2020-14314 kernel: buffer uses out of index in ext3/4 filesystem

1859244 - Failure when modifying bridge multicast-snooping from 0 to 1

1860479 - Unable to attach VLAN-based logical networks to a bond

1868453 - CVE-2020-14356 kernel: Use After Free vulnerability in cgroup BPF component

1869141 - CVE-2020-24394 kernel: umask not applied on filesystem without ACL support

1876840 - logs are filled with: sending ioctl to DM device without required privilege

1877575 - CVE-2020-25212 kernel: TOCTOU mismatch in the NFS client code

1879981 - CVE-2020-25643 kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow

1882591 - CVE-2020-25285 kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c

1882594 - CVE-2020-25284 kernel: incomplete permission checking for access to rbd devices

1890373 - kernel version update cause qemu live migration failed

1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory

1900933 - CVE-2020-27786 kernel: use-after-free in kernel midi subsystem

1901161 - CVE-2020-15437 kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c

1901709 - CVE-2020-27835 kernel: child process is able to access parent mm through hfi dev file handle

1902724 - CVE-2020-35508 kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent

1903126 - CVE-2020-28974 kernel: slab-out-of-bounds read in fbcon

1903387 - fsfreeze of xfs filesystem can be significantly delayed in xfs_wait_buftarg if a process continues to grab and release buffers1903983 - rootless mode doesn't work

1911343 - blk_alloc_queue() ABI change

1915799 - CVE-2021-0342 kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege

1919889 - CVE-2020-0431 kernel: possible out of bounds write in kbd_keycode of keyboard.c

1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers1949560 - CVE-2020-36322 kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations


Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved