Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

RED HAT: RHSA-2021-4777-06 Important: Kernel Use-After-Free Fix

red hat
Calendar Grey November 23, 2021
Dist Redhat Esm H88
Canonical delivers significant kernel security patch addressing serious use-after-free vulnerability alongside various other bugs impacting Ubuntu 20.04.
An update for kernel is now available for Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Summary

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* scsi: ibmvfc: Avoid link down on FS9100 canister reboot (BZ#1882627)
* crash in qla2x00_status_entry() because of corrupt srb (BZ#1899599)
* qedf driver: race condition between qedf's completion work task and another work item tearing down an fcport with qedf_cleanup_fcport (BZ#1941766)
* The kernel crashes in hv_pci_remove_slots() upon hv device removal. A possible race between hv_pci_remove_slots() and pci_devices_present_work(). (BZ#1948961)
* I/O delays incorrectly handled in the NVMe stack (BZ#1981610)
* Data corruption in NFS client reusing slotid/seqid due to an interrupted slot (BZ#2007465)

Topics%20covered

Topics Covered

security advisory bug fix kernel fix security impact important update RHEL use-after-free

References

https://access.redhat.com/security/cve/CVE-2020-36385 https://access.redhat.com/security/updates/classification#important

Package List

Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-1160.49.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1160.49.1.el7.noarch.rpm kernel-doc-3.10.0-1160.49.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1160.49.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.49.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.49.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.49.1.el7.x86_64.rpm perf-3.10.0-1160.49.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm python-perf-3.10.0-1160.49.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.49.1.el7.x86_64.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2021:4777-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4777
Issue date: 2021-11-23

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory bug fix kernel fix security impact important update RHEL use-after-free

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

Bugs Fixed

1974319 - CVE-2020-36385 kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here