RedHat: RHSA-2022-1988:01 Important: kernel security, bug fix, | Li...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2022:1988-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1988
Issue date:        2022-05-10
CVE Names:         CVE-2020-0404 CVE-2020-4788 CVE-2020-13974 
                   CVE-2020-27820 CVE-2021-0941 CVE-2021-3612 
                   CVE-2021-3669 CVE-2021-3743 CVE-2021-3744 
                   CVE-2021-3752 CVE-2021-3759 CVE-2021-3764 
                   CVE-2021-3772 CVE-2021-3773 CVE-2021-4002 
                   CVE-2021-4037 CVE-2021-4083 CVE-2021-4157 
                   CVE-2021-4197 CVE-2021-4203 CVE-2021-20322 
                   CVE-2021-21781 CVE-2021-26401 CVE-2021-29154 
                   CVE-2021-37159 CVE-2021-41864 CVE-2021-42739 
                   CVE-2021-43056 CVE-2021-43389 CVE-2021-43976 
                   CVE-2021-44733 CVE-2021-45485 CVE-2021-45486 
                   CVE-2022-0001 CVE-2022-0002 CVE-2022-0286 
                   CVE-2022-0322 CVE-2022-1011 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: fget: check that the fd still exists after getting a ref to it
(CVE-2021-4083)

* kernel: avoid cyclic entity chains due to malformed USB descriptors
(CVE-2020-0404)

* kernel: speculation on incompletely validated data on IBM Power9
(CVE-2020-4788)

* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c
(CVE-2020-13974)

* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a
use-after-free (CVE-2021-0941)

* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
(CVE-2021-3612)

* kernel: reading /proc/sysvipc/shm does not scale with large shared memory
segment counts (CVE-2021-3669)

* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
(CVE-2021-3743)

* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
(CVE-2021-3744)

* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)

* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg
limits and DoS attacks (CVE-2021-3759)

* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)

* kernel: sctp: Invalid chunks may be used to remotely remove existing
associations (CVE-2021-3772)

* kernel: lack of port sanity checking in natd and netfilter leads to
exploit of OpenVPN clients (CVE-2021-3773)

* kernel: possible leak or coruption of data residing on hugetlbfs
(CVE-2021-4002)

* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)

* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)

* kernel: cgroup: Use open-time creds and namespace for migration perm
checks (CVE-2021-4197)

* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses
(CVE-2021-4203)

* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed
packets replies (CVE-2021-20322)

* kernel: arm: SIGPAGE information disclosure vulnerability
(CVE-2021-21781)

* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)

* kernel: Local privilege escalation due to incorrect BPF JIT branch
displacement computation (CVE-2021-29154)

* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c
(CVE-2021-37159)

* kernel: eBPF multiplication integer overflow in
prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to
out-of-bounds write (CVE-2021-41864)

* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)

* kernel: ppc: kvm: allows a malicious KVM guest to crash the host
(CVE-2021-43056)

* kernel: an array-index-out-bounds in detach_capi_ctr in
drivers/isdn/capi/kcapi.c (CVE-2021-43389)

* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c
allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)

* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)

* kernel: information leak in the IPv6 implementation (CVE-2021-45485)

* kernel: information leak in the IPv4 implementation (CVE-2021-45486)

* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)

* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)

* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)

* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
(CVE-2022-0322)

* kernel: FUSE allows UAF reads of write() buffers, allowing theft of
(partial) /etc/shadow hashes (CVE-2022-1011)

* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.6 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1888433 - CVE-2020-4788 kernel: speculation on incompletely validated data on IBM Power9
1901726 - CVE-2020-27820 kernel: use-after-free in nouveau kernel module
1919791 - CVE-2020-0404 kernel: avoid cyclic entity chains due to malformed USB descriptors
1946684 - CVE-2021-29154 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation
1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver
1957375 - [RFE] x86, tsc: Add kcmdline args for skipping tsc calibration sequences
1974079 - CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
1981950 - CVE-2021-21781 kernel: arm: SIGPAGE information disclosure vulnerability
1983894 - Hostnetwork pod to service backed by hostnetwork on the same node is not working with OVN Kubernetes
1985353 - CVE-2021-37159 kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c
1986473 - CVE-2021-3669 kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts
1994390 - FIPS: deadlock between PID 1 and "modprobe crypto-jitterentropy_rng" at boot, preventing system to boot
1997338 - block: update to upstream v5.14
1997467 - CVE-2021-3764 kernel: DoS in ccp_run_aes_gcm_cmd() function
1997961 - CVE-2021-3743 kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
1999544 - CVE-2021-3752 kernel: possible use-after-free in bluetooth module
1999675 - CVE-2021-3759 kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks
2000627 - CVE-2021-3744 kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
2000694 - CVE-2021-3772 kernel: sctp: Invalid chunks may be used to remotely remove existing associations
2004949 - CVE-2021-3773 kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients
2009312 - Incorrect system time reported by the cpu guest statistics (PPC only).
2009521 - XFS: sync to upstream v5.11
2010463 - CVE-2021-41864 kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write
2011104 - statfs reports wrong free space for small quotas
2013180 - CVE-2021-43389 kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
2014230 - CVE-2021-20322 kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies
2015525 - SCTP peel-off with SELinux and containers in OCP
2015755 - zram: zram leak with warning when running zram02.sh in ltp
2016169 - CVE-2020-13974 kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c
2017073 - CVE-2021-43056 kernel: ppc: kvm: allows a malicious KVM guest to crash the host
2017796 - ceph omnibus backport for RHEL-8.6.0
2018205 - CVE-2021-0941 kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free
2022814 - Rebase the input and HID stack in 8.6 to v5.15
2025003 - CVE-2021-43976 kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device
2025726 - CVE-2021-4002 kernel: possible leak or coruption of data residing on hugetlbfs
2027239 - CVE-2021-4037 kernel: security regression for CVE-2018-13405
2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
2030476 - Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan tunnel
2030747 - CVE-2021-44733 kernel: use-after-free in the TEE subsystem
2031200 - rename(2) fails on subfolder mounts when the share path has a trailing slash
2034342 - CVE-2021-4157 kernel: Buffer overwrite in decode_nfs_fh function
2035652 - CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks
2036934 - CVE-2021-4203 kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses
2037019 - CVE-2022-0286 kernel: Local denial of service in bond_ipsec_add_sa
2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation
2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation
2042798 - [RHEL8.6][sfc] General sfc driver update
2042822 - CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
2043453 - [RHEL8.6 wireless] stack & drivers general update to v5.16+
2046021 - kernel 4.18.0-358.el8 async dirops causes write errors with namespace restricted caps
2048251 - Selinux  is not  allowing SCTP connection setup between inter pod communication in enforcing mode
2061700 - CVE-2021-26401 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715
2061712 - CVE-2022-0001 hw: cpu: intel: Branch History Injection (BHI)
2061721 - CVE-2022-0002 hw: cpu: intel: Intra-Mode BTI
2064855 - CVE-2022-1011 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
kernel-4.18.0-372.9.1.el8.src.rpm

aarch64:
bpftool-4.18.0-372.9.1.el8.aarch64.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-4.18.0-372.9.1.el8.aarch64.rpm
kernel-core-4.18.0-372.9.1.el8.aarch64.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-core-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-372.9.1.el8.aarch64.rpm
kernel-devel-4.18.0-372.9.1.el8.aarch64.rpm
kernel-headers-4.18.0-372.9.1.el8.aarch64.rpm
kernel-modules-4.18.0-372.9.1.el8.aarch64.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-libs-4.18.0-372.9.1.el8.aarch64.rpm
perf-4.18.0-372.9.1.el8.aarch64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
python3-perf-4.18.0-372.9.1.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm

noarch:
kernel-abi-stablelists-4.18.0-372.9.1.el8.noarch.rpm
kernel-doc-4.18.0-372.9.1.el8.noarch.rpm

ppc64le:
bpftool-4.18.0-372.9.1.el8.ppc64le.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-core-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-core-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-devel-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-headers-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-modules-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-libs-4.18.0-372.9.1.el8.ppc64le.rpm
perf-4.18.0-372.9.1.el8.ppc64le.rpm
perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
python3-perf-4.18.0-372.9.1.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm

s390x:
bpftool-4.18.0-372.9.1.el8.s390x.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-4.18.0-372.9.1.el8.s390x.rpm
kernel-core-4.18.0-372.9.1.el8.s390x.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-core-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.s390x.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-372.9.1.el8.s390x.rpm
kernel-devel-4.18.0-372.9.1.el8.s390x.rpm
kernel-headers-4.18.0-372.9.1.el8.s390x.rpm
kernel-modules-4.18.0-372.9.1.el8.s390x.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.s390x.rpm
kernel-tools-4.18.0-372.9.1.el8.s390x.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-core-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-devel-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-modules-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-372.9.1.el8.s390x.rpm
perf-4.18.0-372.9.1.el8.s390x.rpm
perf-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
python3-perf-4.18.0-372.9.1.el8.s390x.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.s390x.rpm

x86_64:
bpftool-4.18.0-372.9.1.el8.x86_64.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-4.18.0-372.9.1.el8.x86_64.rpm
kernel-core-4.18.0-372.9.1.el8.x86_64.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-core-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-372.9.1.el8.x86_64.rpm
kernel-devel-4.18.0-372.9.1.el8.x86_64.rpm
kernel-headers-4.18.0-372.9.1.el8.x86_64.rpm
kernel-modules-4.18.0-372.9.1.el8.x86_64.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-libs-4.18.0-372.9.1.el8.x86_64.rpm
perf-4.18.0-372.9.1.el8.x86_64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
python3-perf-4.18.0-372.9.1.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
bpftool-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-libs-devel-4.18.0-372.9.1.el8.aarch64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-372.9.1.el8.ppc64le.rpm
perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-libs-devel-4.18.0-372.9.1.el8.x86_64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-0404
https://access.redhat.com/security/cve/CVE-2020-4788
https://access.redhat.com/security/cve/CVE-2020-13974
https://access.redhat.com/security/cve/CVE-2020-27820
https://access.redhat.com/security/cve/CVE-2021-0941
https://access.redhat.com/security/cve/CVE-2021-3612
https://access.redhat.com/security/cve/CVE-2021-3669
https://access.redhat.com/security/cve/CVE-2021-3743
https://access.redhat.com/security/cve/CVE-2021-3744
https://access.redhat.com/security/cve/CVE-2021-3752
https://access.redhat.com/security/cve/CVE-2021-3759
https://access.redhat.com/security/cve/CVE-2021-3764
https://access.redhat.com/security/cve/CVE-2021-3772
https://access.redhat.com/security/cve/CVE-2021-3773
https://access.redhat.com/security/cve/CVE-2021-4002
https://access.redhat.com/security/cve/CVE-2021-4037
https://access.redhat.com/security/cve/CVE-2021-4083
https://access.redhat.com/security/cve/CVE-2021-4157
https://access.redhat.com/security/cve/CVE-2021-4197
https://access.redhat.com/security/cve/CVE-2021-4203
https://access.redhat.com/security/cve/CVE-2021-20322
https://access.redhat.com/security/cve/CVE-2021-21781
https://access.redhat.com/security/cve/CVE-2021-26401
https://access.redhat.com/security/cve/CVE-2021-29154
https://access.redhat.com/security/cve/CVE-2021-37159
https://access.redhat.com/security/cve/CVE-2021-41864
https://access.redhat.com/security/cve/CVE-2021-42739
https://access.redhat.com/security/cve/CVE-2021-43056
https://access.redhat.com/security/cve/CVE-2021-43389
https://access.redhat.com/security/cve/CVE-2021-43976
https://access.redhat.com/security/cve/CVE-2021-44733
https://access.redhat.com/security/cve/CVE-2021-45485
https://access.redhat.com/security/cve/CVE-2021-45486
https://access.redhat.com/security/cve/CVE-2022-0001
https://access.redhat.com/security/cve/CVE-2022-0002
https://access.redhat.com/security/cve/CVE-2022-0286
https://access.redhat.com/security/cve/CVE-2022-0322
https://access.redhat.com/security/cve/CVE-2022-1011
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYnqSF9zjgjWX9erEAQjBXQ/8DSpFUMNN6ZVFtli2KuVowVLS+14J0jtj
0zxpr0skJT8vVulU3VTeURBMdg9NAo9bj3R5KTk2+dC+AMuHET5aoVvaYmimBGKL
5qzpu7q9Z0aaD2I288suHCnYuRJnt+qKZtNa4hlcY92bN0tcYBonxsdIS2xM6xIu
GHNS8HNVUNz4PuCBfmbITvgX9Qx+iZQVlVccDBG5LDpVwgOtnrxHKbe5E499v/9M
oVoN+eV9ulHAZdCHWlUAahbsvEqDraCKNT0nHq/xO5dprPjAcjeKYMeaICtblRr8
k+IouGywaN+mW4sBjnaaiuw2eAtoXq/wHisX1iUdNkroqcx9NBshWMDBJnE4sxQJ
ZOSc8B6yjJItPvUI7eD3BDgoka/mdoyXTrg+9VRrir6vfDHPrFySLDrO1O5HM5fO
3sExCVO2VM7QMCGHJ1zXXX4szk4SV/PRsjEesvHOyR2xTKZZWMsXe1h9gYslbADd
tW0yco/G23xjxqOtMKuM/nShBChflMy9apssldiOfdqODJMv5d4rRpt0xgmtSOM6
qReveuQCasmNrGlAHgDwbtWz01fmSuk9eYDhZNmHA3gxhoHIV/y+wr0CLbOQtDxT
p79nhiqwUo5VMj/X30Lu0Wl3ptLuhRWamzTCkEEzdubr8aVsT4RRNQU3KfVFfpT1
MWp/2ui3i80=
=Fdgy
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-1988:01 Important: kernel security, bug fix,

An update for kernel is now available for Red Hat Enterprise Linux 8

Summary

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)
* kernel: speculation on incompletely validated data on IBM Power9 (CVE-2020-4788)
* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)
* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)
* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)
* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)
* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)
* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)
* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)
* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)
* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)
* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)
* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)
* kernel: arm: SIGPAGE information disclosure vulnerability (CVE-2021-21781)
* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)
* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)
* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
* kernel: ppc: kvm: allows a malicious KVM guest to crash the host (CVE-2021-43056)
* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)
* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
* kernel: information leak in the IPv6 implementation (CVE-2021-45485)
* kernel: information leak in the IPv4 implementation (CVE-2021-45486)
* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)
* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)
* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changesdescribed in this advisory, refer to:https://access.redhat.com/articles/11258The system must be rebooted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2020-0404 https://access.redhat.com/security/cve/CVE-2020-4788 https://access.redhat.com/security/cve/CVE-2020-13974 https://access.redhat.com/security/cve/CVE-2020-27820 https://access.redhat.com/security/cve/CVE-2021-0941 https://access.redhat.com/security/cve/CVE-2021-3612 https://access.redhat.com/security/cve/CVE-2021-3669 https://access.redhat.com/security/cve/CVE-2021-3743 https://access.redhat.com/security/cve/CVE-2021-3744 https://access.redhat.com/security/cve/CVE-2021-3752 https://access.redhat.com/security/cve/CVE-2021-3759 https://access.redhat.com/security/cve/CVE-2021-3764 https://access.redhat.com/security/cve/CVE-2021-3772 https://access.redhat.com/security/cve/CVE-2021-3773 https://access.redhat.com/security/cve/CVE-2021-4002 https://access.redhat.com/security/cve/CVE-2021-4037 https://access.redhat.com/security/cve/CVE-2021-4083 https://access.redhat.com/security/cve/CVE-2021-4157 https://access.redhat.com/security/cve/CVE-2021-4197 https://access.redhat.com/security/cve/CVE-2021-4203 https://access.redhat.com/security/cve/CVE-2021-20322 https://access.redhat.com/security/cve/CVE-2021-21781 https://access.redhat.com/security/cve/CVE-2021-26401 https://access.redhat.com/security/cve/CVE-2021-29154 https://access.redhat.com/security/cve/CVE-2021-37159 https://access.redhat.com/security/cve/CVE-2021-41864 https://access.redhat.com/security/cve/CVE-2021-42739 https://access.redhat.com/security/cve/CVE-2021-43056 https://access.redhat.com/security/cve/CVE-2021-43389 https://access.redhat.com/security/cve/CVE-2021-43976 https://access.redhat.com/security/cve/CVE-2021-44733 https://access.redhat.com/security/cve/CVE-2021-45485 https://access.redhat.com/security/cve/CVE-2021-45486 https://access.redhat.com/security/cve/CVE-2022-0001 https://access.redhat.com/security/cve/CVE-2022-0002 https://access.redhat.com/security/cve/CVE-2022-0286 https://access.redhat.com/security/cve/CVE-2022-0322 https://access.redhat.com/security/cve/CVE-2022-1011 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/

Package List

Red Hat Enterprise Linux BaseOS (v. 8):
Source: kernel-4.18.0-372.9.1.el8.src.rpm
aarch64: bpftool-4.18.0-372.9.1.el8.aarch64.rpm bpftool-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-4.18.0-372.9.1.el8.aarch64.rpm kernel-core-4.18.0-372.9.1.el8.aarch64.rpm kernel-cross-headers-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-core-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-devel-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-modules-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-modules-extra-4.18.0-372.9.1.el8.aarch64.rpm kernel-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-372.9.1.el8.aarch64.rpm kernel-devel-4.18.0-372.9.1.el8.aarch64.rpm kernel-headers-4.18.0-372.9.1.el8.aarch64.rpm kernel-modules-4.18.0-372.9.1.el8.aarch64.rpm kernel-modules-extra-4.18.0-372.9.1.el8.aarch64.rpm kernel-tools-4.18.0-372.9.1.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-tools-libs-4.18.0-372.9.1.el8.aarch64.rpm perf-4.18.0-372.9.1.el8.aarch64.rpm perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm python3-perf-4.18.0-372.9.1.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-372.9.1.el8.noarch.rpm kernel-doc-4.18.0-372.9.1.el8.noarch.rpm
ppc64le: bpftool-4.18.0-372.9.1.el8.ppc64le.rpm bpftool-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-4.18.0-372.9.1.el8.ppc64le.rpm kernel-core-4.18.0-372.9.1.el8.ppc64le.rpm kernel-cross-headers-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-core-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-devel-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-modules-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-modules-extra-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-372.9.1.el8.ppc64le.rpm kernel-devel-4.18.0-372.9.1.el8.ppc64le.rpm kernel-headers-4.18.0-372.9.1.el8.ppc64le.rpm kernel-modules-4.18.0-372.9.1.el8.ppc64le.rpm kernel-modules-extra-4.18.0-372.9.1.el8.ppc64le.rpm kernel-tools-4.18.0-372.9.1.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-tools-libs-4.18.0-372.9.1.el8.ppc64le.rpm perf-4.18.0-372.9.1.el8.ppc64le.rpm perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm python3-perf-4.18.0-372.9.1.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
s390x: bpftool-4.18.0-372.9.1.el8.s390x.rpm bpftool-debuginfo-4.18.0-372.9.1.el8.s390x.rpm kernel-4.18.0-372.9.1.el8.s390x.rpm kernel-core-4.18.0-372.9.1.el8.s390x.rpm kernel-cross-headers-4.18.0-372.9.1.el8.s390x.rpm kernel-debug-4.18.0-372.9.1.el8.s390x.rpm kernel-debug-core-4.18.0-372.9.1.el8.s390x.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.s390x.rpm kernel-debug-devel-4.18.0-372.9.1.el8.s390x.rpm kernel-debug-modules-4.18.0-372.9.1.el8.s390x.rpm kernel-debug-modules-extra-4.18.0-372.9.1.el8.s390x.rpm kernel-debuginfo-4.18.0-372.9.1.el8.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-372.9.1.el8.s390x.rpm kernel-devel-4.18.0-372.9.1.el8.s390x.rpm kernel-headers-4.18.0-372.9.1.el8.s390x.rpm kernel-modules-4.18.0-372.9.1.el8.s390x.rpm kernel-modules-extra-4.18.0-372.9.1.el8.s390x.rpm kernel-tools-4.18.0-372.9.1.el8.s390x.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.s390x.rpm kernel-zfcpdump-4.18.0-372.9.1.el8.s390x.rpm kernel-zfcpdump-core-4.18.0-372.9.1.el8.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-372.9.1.el8.s390x.rpm kernel-zfcpdump-devel-4.18.0-372.9.1.el8.s390x.rpm kernel-zfcpdump-modules-4.18.0-372.9.1.el8.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-372.9.1.el8.s390x.rpm perf-4.18.0-372.9.1.el8.s390x.rpm perf-debuginfo-4.18.0-372.9.1.el8.s390x.rpm python3-perf-4.18.0-372.9.1.el8.s390x.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
x86_64: bpftool-4.18.0-372.9.1.el8.x86_64.rpm bpftool-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-4.18.0-372.9.1.el8.x86_64.rpm kernel-core-4.18.0-372.9.1.el8.x86_64.rpm kernel-cross-headers-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-core-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-devel-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-modules-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-modules-extra-4.18.0-372.9.1.el8.x86_64.rpm kernel-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-372.9.1.el8.x86_64.rpm kernel-devel-4.18.0-372.9.1.el8.x86_64.rpm kernel-headers-4.18.0-372.9.1.el8.x86_64.rpm kernel-modules-4.18.0-372.9.1.el8.x86_64.rpm kernel-modules-extra-4.18.0-372.9.1.el8.x86_64.rpm kernel-tools-4.18.0-372.9.1.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-tools-libs-4.18.0-372.9.1.el8.x86_64.rpm perf-4.18.0-372.9.1.el8.x86_64.rpm perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm python3-perf-4.18.0-372.9.1.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: bpftool-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-372.9.1.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm kernel-tools-libs-devel-4.18.0-372.9.1.el8.aarch64.rpm perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-372.9.1.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm kernel-tools-libs-devel-4.18.0-372.9.1.el8.ppc64le.rpm perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-372.9.1.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm kernel-tools-libs-devel-4.18.0-372.9.1.el8.x86_64.rpm perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity
Advisory ID: RHSA-2022:1988-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1988
Issued Date: : 2022-05-10
CVE Names: CVE-2020-0404 CVE-2020-4788 CVE-2020-13974 CVE-2020-27820 CVE-2021-0941 CVE-2021-3612 CVE-2021-3669 CVE-2021-3743 CVE-2021-3744 CVE-2021-3752 CVE-2021-3759 CVE-2021-3764 CVE-2021-3772 CVE-2021-3773 CVE-2021-4002 CVE-2021-4037 CVE-2021-4083 CVE-2021-4157 CVE-2021-4197 CVE-2021-4203 CVE-2021-20322 CVE-2021-21781 CVE-2021-26401 CVE-2021-29154 CVE-2021-37159 CVE-2021-41864 CVE-2021-42739 CVE-2021-43056 CVE-2021-43389 CVE-2021-43976 CVE-2021-44733 CVE-2021-45485 CVE-2021-45486 CVE-2022-0001 CVE-2022-0002 CVE-2022-0286 CVE-2022-0322 CVE-2022-1011

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1888433 - CVE-2020-4788 kernel: speculation on incompletely validated data on IBM Power9

1901726 - CVE-2020-27820 kernel: use-after-free in nouveau kernel module

1919791 - CVE-2020-0404 kernel: avoid cyclic entity chains due to malformed USB descriptors

1946684 - CVE-2021-29154 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation

1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver

1957375 - [RFE] x86, tsc: Add kcmdline args for skipping tsc calibration sequences

1974079 - CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()

1981950 - CVE-2021-21781 kernel: arm: SIGPAGE information disclosure vulnerability

1983894 - Hostnetwork pod to service backed by hostnetwork on the same node is not working with OVN Kubernetes

1985353 - CVE-2021-37159 kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c

1986473 - CVE-2021-3669 kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts

1994390 - FIPS: deadlock between PID 1 and "modprobe crypto-jitterentropy_rng" at boot, preventing system to boot

1997338 - block: update to upstream v5.14

1997467 - CVE-2021-3764 kernel: DoS in ccp_run_aes_gcm_cmd() function

1997961 - CVE-2021-3743 kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c

1999544 - CVE-2021-3752 kernel: possible use-after-free in bluetooth module

1999675 - CVE-2021-3759 kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks

2000627 - CVE-2021-3744 kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()

2000694 - CVE-2021-3772 kernel: sctp: Invalid chunks may be used to remotely remove existing associations

2004949 - CVE-2021-3773 kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients

2009312 - Incorrect system time reported by the cpu guest statistics (PPC only).

2009521 - XFS: sync to upstream v5.11

2010463 - CVE-2021-41864 kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write

2011104 - statfs reports wrong free space for small quotas

2013180 - CVE-2021-43389 kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c

2014230 - CVE-2021-20322 kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies

2015525 - SCTP peel-off with SELinux and containers in OCP

2015755 - zram: zram leak with warning when running zram02.sh in ltp

2016169 - CVE-2020-13974 kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c

2017073 - CVE-2021-43056 kernel: ppc: kvm: allows a malicious KVM guest to crash the host

2017796 - ceph omnibus backport for RHEL-8.6.0

2018205 - CVE-2021-0941 kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free

2022814 - Rebase the input and HID stack in 8.6 to v5.15

2025003 - CVE-2021-43976 kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device

2025726 - CVE-2021-4002 kernel: possible leak or coruption of data residing on hugetlbfs

2027239 - CVE-2021-4037 kernel: security regression for CVE-2018-13405

2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it

2030476 - Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan tunnel

2030747 - CVE-2021-44733 kernel: use-after-free in the TEE subsystem

2031200 - rename(2) fails on subfolder mounts when the share path has a trailing slash

2034342 - CVE-2021-4157 kernel: Buffer overwrite in decode_nfs_fh function

2035652 - CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks

2036934 - CVE-2021-4203 kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses

2037019 - CVE-2022-0286 kernel: Local denial of service in bond_ipsec_add_sa

2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation

2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation

2042798 - [RHEL8.6][sfc] General sfc driver update

2042822 - CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c

2043453 - [RHEL8.6 wireless] stack & drivers general update to v5.16+

2046021 - kernel 4.18.0-358.el8 async dirops causes write errors with namespace restricted caps

2048251 - Selinux is not allowing SCTP connection setup between inter pod communication in enforcing mode

2061700 - CVE-2021-26401 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715

2061712 - CVE-2022-0001 hw: cpu: intel: Branch History Injection (BHI)

2061721 - CVE-2022-0002 hw: cpu: intel: Intra-Mode BTI

2064855 - CVE-2022-1011 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.