Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisoryRed Hatimportant

Red Hat: RHSA-2021-4875 Important Kernel-RT Security Update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2021:4875-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4875 Issue date: 2021-11-30 CVE Names: CVE-2020-36385 CVE-2021-20317 ==================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Real Time EUS (v. 8.2) - x86_64 Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385) * kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest RHEL-8.2.z13 Batch source tree (BZ#2020969) 4. Solution: For details on how to apply this update, whichincludes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1974319 - CVE-2020-36385 kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free 2005258 - CVE-2021-20317 kernel: timer tree corruption leads to missing wakeup and system freeze 6. Package List: Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2): Source: kernel-rt-4.18.0-193.70.1.rt13.120.el8_2.src.rpm x86_64: kernel-rt-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-core-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-core-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-devel-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-kvm-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-modules-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debuginfo-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-devel-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-kvm-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-modules-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-modules-extra-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm Red Hat Enterprise Linux Real Time EUS (v.8.2): Source: kernel-rt-4.18.0-193.70.1.rt13.120.el8_2.src.rpm x86_64: kernel-rt-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-core-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-core-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-devel-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-modules-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debuginfo-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-devel-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-modules-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm kernel-rt-modules-extra-4.18.0-193.70.1.rt13.120.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-36385 https://access.redhat.com/security/cve/CVE-2021-20317 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYaaMktzjgjWX9erEAQh95g/+M371f5LXpeUM5sMAeEMmgHFAVp89beu/ +0ckhNmPTCxtCJ5fOy3fU9ADMYNm+ElGdyQLRFeRUPJe0bIPUMA2ly8nTcOo8xes sqqX7qkFDA+jHmAUKBGSnx90095Wwut2OJNNbBh+Nuf9hApCjXyDk0c2NseRSPB0 DtiXoTEOaC8odj/aMUHMu8u1toaghJkF8hcehVPHarfKwLiNPFjbPUqrMBp0yfzZ PTNJ1APxqpgLar37e+vT5ZSvo3OaP5acfD19wsQAwet9bHa3yHMPW2cWh7mJqd2v aFMUqGZLQWogU+5akRELTmraKctWN5T4LtMq1X5i+Q6v9bXsVQn9PiSd1Dgua9JH BxeP6PwMFP3+Hyo5Ef0fa9+CeUFevxlsKU6zWaPZoBoTtNW+w1EKuklt70AMD11U RpgYX1+PlXGClkgE7t9Tgoae6E5nq+hNMgC9QmP7ZiQeqJEpNL+lc6ydJlu0wK2O OfDek15ck9LxI/W90G+elufVJ0E1C8BUROuqTwqvKf2fOKebXxHfTHacQzcgp45o ink5bPIkuCwjVSNA1ggRaDIb40c23idq1x1nHyQPB7G+6JQqfsD2JCaajeEFB3PR Xj+TSn/iWceaSX2L99Ols8EmB06JHJe72jLC+E8bD2HEM4fLXP7NdaJRU8Nn5MkW ytdmGe/Oxy0=4H6u -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The kernel-rt patch for Red Hat resolves critical vulnerabilities. It’s essential to implement the update swiftly to ensure system reliability.. Red Hat Security, kernel-rt, bug fix update, security issue, enterprise Linux. . Severity: Important. LinuxSecurity.com Team

Nov 30, 2021 •Important Red Hat

security advisorybug fiximportant

RedHat: RHSA-2021-4871-05 Important: Kernel Fix for Free and Freeze Issues

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:4871-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4871 Issue date: 2021-11-30 CVE Names: CVE-2020-36385 CVE-2021-20317 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385) * kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [IBM 8.4] [P10] P10 hardware counter (performance counters/perf:) support (BZ#1994075) * RHEL8.1 Snapshot1 - [4.18.0-128.el8.ppc64le] [ Brazos 31TB/192 Core ] While running upstreamkernel selftest case system crashed (TM) (BZ#1996057) * [kernel-debug] WARNING: possible circular locking dependency detected (module_mutex & text_mutex) (BZ#2013777) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1974319 - CVE-2020-36385 kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free 2005258 - CVE-2021-20317 kernel: timer tree corruption leads to missing wakeup and system freeze 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.2): Source: kernel-4.18.0-193.70.1.el8_2.src.rpm aarch64: bpftool-4.18.0-193.70.1.el8_2.aarch64.rpm bpftool-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-core-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-cross-headers-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-core-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-devel-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-modules-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-devel-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-headers-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-modules-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-modules-extra-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-tools-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-tools-libs-4.18.0-193.70.1.el8_2.aarch64.rpm perf-4.18.0-193.70.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm python3-perf-4.18.0-193.70.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.70.1.el8_2.noarch.rpm kernel-doc-4.18.0-193.70.1.el8_2.noarch.rpm ppc64le: bpftool-4.18.0-193.70.1.el8_2.ppc64le.rpm bpftool-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-core-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-cross-headers-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-core-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-devel-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-modules-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-devel-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-headers-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-modules-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-modules-extra-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-tools-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-tools-libs-4.18.0-193.70.1.el8_2.ppc64le.rpm perf-4.18.0-193.70.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm python3-perf-4.18.0-193.70.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm s390x: bpftool-4.18.0-193.70.1.el8_2.s390x.rpm bpftool-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm kernel-4.18.0-193.70.1.el8_2.s390x.rpm kernel-core-4.18.0-193.70.1.el8_2.s390x.rpm kernel-cross-headers-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debug-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debug-core-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debug-devel-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debug-modules-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debug-modules-extra-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.70.1.el8_2.s390x.rpm kernel-devel-4.18.0-193.70.1.el8_2.s390x.rpm kernel-headers-4.18.0-193.70.1.el8_2.s390x.rpm kernel-modules-4.18.0-193.70.1.el8_2.s390x.rpm kernel-modules-extra-4.18.0-193.70.1.el8_2.s390x.rpm kernel-tools-4.18.0-193.70.1.el8_2.s390x.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm kernel-zfcpdump-4.18.0-193.70.1.el8_2.s390x.rpm kernel-zfcpdump-core-4.18.0-193.70.1.el8_2.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.70.1.el8_2.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.70.1.el8_2.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.70.1.el8_2.s390x.rpm perf-4.18.0-193.70.1.el8_2.s390x.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm python3-perf-4.18.0-193.70.1.el8_2.s390x.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.s390x.rpm x86_64: bpftool-4.18.0-193.70.1.el8_2.x86_64.rpm bpftool-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-core-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-cross-headers-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-core-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-devel-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-modules-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-devel-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-headers-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-modules-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-modules-extra-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-tools-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-tools-libs-4.18.0-193.70.1.el8_2.x86_64.rpm perf-4.18.0-193.70.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm python3-perf-4.18.0-193.70.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v.8.2): aarch64: bpftool-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm kernel-tools-libs-devel-4.18.0-193.70.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm kernel-tools-libs-devel-4.18.0-193.70.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm kernel-tools-libs-devel-4.18.0-193.70.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.70.1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-36385 https://access.redhat.com/security/cve/CVE-2021-20317 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYaaMjNzjgjWX9erEAQgK1g//aS5CbyTfr8pbxDbPCj2z+bpLxSUTbvUm h0EGBZ/AECpjFYIdvL7Koo3mFVIEpm8xRwNFY5JkUs0EUwJ6AQKOOz0sUbmteMfi 3BcYnZnftvm2ctdCVSer4jPQmSv1aUflYmT2NcRKLAWkeisflHf3pvyE43la7+13 Y+iQMH4DgILUCrsXyW3Zyt81k8AqJkYMF7E9PZjUYZLMMlv/i9EymTIbPnQNDZCu hnzZgM4j/WFZgsLnhfqBcjZzhpe7Z/3ICcaL1PtSgphrm6hnmPqgMu4vgverrF0a Nf+j0UQR3vtGddeM/ZwF2IhykFs6blHyEb3r21Xy/XeRARleOk34Edw2Jc9SxB6W hQ/IJBsF/mdWE/QgJt7DRaVqrR6Cocpxq5UnDXyrayeKTA4qcEJJY9flJRBcr93z 0O43I2IvtTzWKdFgL6nGc9Dk6MSuNyfkY6PItlTBuYudCtTAW1UgcGgDVia2Ej+s ORRxYxWKxKSYu+oZIQ4StPwm7/M1EMc5NmhmprW8cq6LWyWWylQNJGtedqSMYGXw AVpgDBlCuzbKxjd7Qh84NxlVDM1R4Baajts8Utb43E+1TFzkxaYWe4wBPjjTXyf7 hnYT9Y5/P/J1FmPzGNjkPO9607Epmsy3SArv5/tRvlIqk63gPEVs+ZEZFmnHbXov MyC/vSzH6TA=wRY+ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest Red Hat kernel update targets critical vulnerabilities such as race conditions and unrecoverable system hangs.. Kernel Update, Red Hat Security, Bug Fixes, Use-After-Free, System Freeze. . Severity: Important. LinuxSecurity.com Team

Nov 30, 2021 •Important Red Hat

security advisoryRed Hatkernel update

Red Hat: Kernel Important Security Update for CVE-2021-20317 CVE-2021-43267

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2021:4647-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4647 Issue date: 2021-11-15 CVE Names: CVE-2021-20317 CVE-2021-43267 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267) * kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must berebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2005258 - CVE-2021-20317 kernel: timer tree corruption leads to missing wakeup and system freeze 2020362 - CVE-2021-43267 kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type 6. Package List: Red Hat Enterprise Linux BaseOS (v.8): Source: kernel-4.18.0-348.2.1.el8_5.src.rpm aarch64: bpftool-4.18.0-348.2.1.el8_5.aarch64.rpm bpftool-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-core-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-cross-headers-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-core-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-devel-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-modules-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-modules-extra-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-devel-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-headers-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-modules-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-modules-extra-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-tools-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-tools-libs-4.18.0-348.2.1.el8_5.aarch64.rpm perf-4.18.0-348.2.1.el8_5.aarch64.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm python3-perf-4.18.0-348.2.1.el8_5.aarch64.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm noarch: kernel-abi-stablelists-4.18.0-348.2.1.el8_5.noarch.rpm kernel-doc-4.18.0-348.2.1.el8_5.noarch.rpm ppc64le: bpftool-4.18.0-348.2.1.el8_5.ppc64le.rpm bpftool-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-core-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-cross-headers-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-core-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-devel-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-modules-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-modules-extra-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-devel-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-headers-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-modules-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-modules-extra-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-tools-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-tools-libs-4.18.0-348.2.1.el8_5.ppc64le.rpm perf-4.18.0-348.2.1.el8_5.ppc64le.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm python3-perf-4.18.0-348.2.1.el8_5.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm s390x: bpftool-4.18.0-348.2.1.el8_5.s390x.rpm bpftool-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm kernel-4.18.0-348.2.1.el8_5.s390x.rpm kernel-core-4.18.0-348.2.1.el8_5.s390x.rpm kernel-cross-headers-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debug-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debug-core-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debug-devel-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debug-modules-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debug-modules-extra-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-348.2.1.el8_5.s390x.rpm kernel-devel-4.18.0-348.2.1.el8_5.s390x.rpm kernel-headers-4.18.0-348.2.1.el8_5.s390x.rpm kernel-modules-4.18.0-348.2.1.el8_5.s390x.rpm kernel-modules-extra-4.18.0-348.2.1.el8_5.s390x.rpm kernel-tools-4.18.0-348.2.1.el8_5.s390x.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm kernel-zfcpdump-4.18.0-348.2.1.el8_5.s390x.rpm kernel-zfcpdump-core-4.18.0-348.2.1.el8_5.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm kernel-zfcpdump-devel-4.18.0-348.2.1.el8_5.s390x.rpm kernel-zfcpdump-modules-4.18.0-348.2.1.el8_5.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-348.2.1.el8_5.s390x.rpm perf-4.18.0-348.2.1.el8_5.s390x.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm python3-perf-4.18.0-348.2.1.el8_5.s390x.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.s390x.rpm x86_64: bpftool-4.18.0-348.2.1.el8_5.x86_64.rpm bpftool-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-core-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-cross-headers-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-core-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-devel-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-modules-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-devel-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-headers-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-modules-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-modules-extra-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-tools-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-tools-libs-4.18.0-348.2.1.el8_5.x86_64.rpm perf-4.18.0-348.2.1.el8_5.x86_64.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm python3-perf-4.18.0-348.2.1.el8_5.x86_64.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm Red Hat CodeReady Linux Builder (v.8): aarch64: bpftool-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm kernel-tools-libs-devel-4.18.0-348.2.1.el8_5.aarch64.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm kernel-tools-libs-devel-4.18.0-348.2.1.el8_5.ppc64le.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.2.1.el8_5.x86_64.rpm perf-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm python3-perf-debuginfo-4.18.0-348.2.1.el8_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-20317 https://access.redhat.com/security/cve/CVE-2021-43267 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYZJxttzjgjWX9erEAQjojQ/+MoTjjMUK5jpJ5o6kkowfFdnGHfN7R6hs 9WXU7yyvdFHaqIrKEGwCD7UMGu/V5qMvhO6Y4vSnHDzeW55pLNgTWYNqqkjGDrfK X5bIZ7fWr9iM8ddZUEXcExe49BmPpT8VP04hL/VwyBCSANg7U1bCPaO2and4UJr4 /LAAGjcob69BiOoxws1V247/YUgIlGyFFuScgv6yNplWyZa4+4Vs4inkDipI1sY4 eKdzWOcjzRU30t/TO9IgYZSlyRQ1wwY0sNfFSyraAr3UzgZ3stWMjonuu+BJ0Fsa ymka+E+XeXx7O7OrmufrhGFLW2CmpCKO/4UxKlwsOhTSN/yPI/eLZUKT6Q3OYHtu DEnZ3Tjyr02Ch7vHonugVEFWP+nkCkoiayDr6hEkcaiGhB6riDbHgcGF3i9V3z/f ReaBRMpynqRdeck34HFpSH2hDQy46bYrIfvmejUlyK4AWXTAJGMW9+V1zvLFCVU3 /AWfJc83i2EmFArzM/e8bpKg3RKE4UTQ4Xj/x7Blc7sYXjvP7sBeGxj5cUcyHc1w XbFvXGj5fK1kmk+W3loYrzZ+qsSGWEGIO8OMLEvwnHwrdn1MyPfWycM8PCvwrbYa Nuc4P98I9BUkVRRjyAPXhe6g3Cg7ubKodjd33+BtSIOPwCxyvIQLExqIRftbGAji MXILtN60WO4=YZsD -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat's Important kernel update remediate core issues including system freezes, enhancing overall system stability.. kernel Update, Red Hat Security, Important Security Fixes. . Severity: Important. LinuxSecurity.com Team

Nov 15, 2021 •Important Red Hat

Stay Secure with the Latest Linux Advisories

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Explore Latest Linux Security advisories

Red Hat: RHSA-2021-4875 Important Kernel-RT Security Update

RedHat: RHSA-2021-4871-05 Important: Kernel Fix for Free and Freeze Issues

Red Hat: Kernel Important Security Update for CVE-2021-20317 CVE-2021-43267

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Refine advisories

severity

Topics

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!