Red Hat Enterprise Linux 8 RHSA-2021:1739-01 Critical: Kernel-RT Update
red hat
May 18, 2021
An update for kernel-rt is now available for Red Hat Enterprise Linux 8
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Summary
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
* kernel: use-after-free caused by a malicious USB device in the
drivers/usb/misc/adutux.c driver (CVE-2019-19523)
* kernel: use-after-free bug caused by a malicious USB device in the
drivers/usb/misc/iowarrior.c driver (CVE-2019-19528)
* kernel: possible out of bounds write in kbd_keycode of keyboard.c
(CVE-2020-0431)
* kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)
* kernel: use-after-free in usb_sg_cancel function in
drivers/usb/core/message.c (CVE-2020-12464)
* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)
* kernel: Use After Free vulnerability in cgroup BPF component
(CVE-2020-14356)
* kernel: NULL pointer dereference in serial8250_isa_init_ports function in
drivers/tty/serial/8250/8250_core.c (CVE-2020-15437)
* kernel: umask not applied on filesystem without ACL support
(CVE-2020-24394)
* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)
* kernel: incomplete permission checking for access to rbd devices
(CVE-2020-25284)
* kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c
(CVE-2020-25285)
* kernel: improper input validation in ppp_cp_parse_cr function leads to
memory corruption and read overflow (CVE-2020-25643)
* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
* kernel: use-after-free in kernel midi subsystem (CVE-2020-27786)
* kernel: child process is able to access parent mm through hfi dev file
handle (CVE-2020-27835)
* kernel: slab-out-of-bounds read in fbcon (CVE-2020-28974)
* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting
- ->real_parent (CVE-2020-35508)
* kernel: use after free in tun_get_user of tun.c could lead to local
escalation of privilege (CVE-2021-0342)
* kernel: NULL pointer dereferences in ov511_mode_init_regs and
ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c (CVE-2020-11608)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.4 Release Notes linked from the References section.
References
https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19528 https://access.redhat.com/security/cve/CVE-2020-0431 https://access.redhat.com/security/cve/CVE-2020-11608 https://access.redhat.com/security/cve/CVE-2020-12114 https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2020-12464 https://access.redhat.com/security/cve/CVE-2020-14314 https://access.redhat.com/security/cve/CVE-2020-14356 https://access.redhat.com/security/cve/CVE-2020-15437 https://access.redhat.com/security/cve/CVE-2020-24394 https://access.redhat.com/security/cve/CVE-2020-25212 https://access.redhat.com/security/cve/CVE-2020-25284 https://access.redhat.com/security/cve/CVE-2020-25285 https://access.redhat.com/security/cve/CVE-2020-25643 https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-27786 https://access.redhat.com/security/cve/CVE-2020-27835 https://access.redhat.com/security/cve/CVE-2020-28974 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2021-0342 https://access.redhat.com/security/updates/classification/#important Read the Full Advisory
Package List
Red Hat Enterprise Linux Real Time for NFV (v. 8):
Source:
kernel-rt-4.18.0-305.rt7.72.el8.src.rpm
x86_64:
kernel-rt-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-core-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-devel-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-kvm-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-modules-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.rt7.72.el8.x86_64.rpm
Red Hat Enterprise Linux Real Time (v. 8):
Source:
kernel-rt-4.18.0-305.rt7.72.el8.src.rpm
x86_64:
kernel-rt-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-core-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.rt7.72.el8.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.rt7.72.el8.x86_64.rpm
Read the Full Advisory
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2021:1739-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1739
Issue date: 2021-05-18
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Relevant Releases Architectures
Red Hat Enterprise Linux Real Time (v. 8) - x86_64
Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64
Bugs Fixed
1783434 - CVE-2019-19523 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver
1783507 - CVE-2019-19528 kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver
1831726 - CVE-2020-12464 kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c
1833445 - CVE-2020-11608 kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c
1848652 - CVE-2020-12114 kernel: DoS by corrupting mountpoint reference counter
1853922 - CVE-2020-14314 kernel: buffer uses out of index in ext3/4 filesystem
1868453 - CVE-2020-14356 kernel: Use After Free vulnerability in cgroup BPF component
1869141 - CVE-2020-24394 kernel: umask not applied on filesystem without ACL support
1877575 - CVE-2020-25212 kernel: TOCTOU mismatch in the NFS client code
1879981 - CVE-2020-25643 kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
1882591 - CVE-2020-25285 kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c
1882594 - CVE-2020-25284 kernel: incomplete permission checking for access to rbd devices
1886109 - BUG: using smp_processor_id() in preemptible [00000000] code: handler106/3082 [rhel-rt-8.4.0]
1894793 - After configure hugepage and reboot test server, kernel got panic status.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!