Lucene search

RedHatRHSA-2021:4777

HistoryNov 23, 2021 - 2:39 p.m.

(RHSA-2021:4777) Important: kernel security and bug fix update

2021-11-2314:39:00

access.redhat.com

kernel packages

linux kernel

security fix

use-after-free

drivers

bug fix

scsi

ibmvfc

crash

qla2x00_status_entry

qedf driver

race condition

data corruption

nfs client

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

47.6%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

scsi: ibmvfc: Avoid link down on FS9100 canister reboot (BZ#1882627)
crash in qla2x00_status_entry() because of corrupt srb (BZ#1899599)
qedf driver: race condition between qedf’s completion work task and another work item tearing down an fcport with qedf_cleanup_fcport (BZ#1941766)
The kernel crashes in hv_pci_remove_slots() upon hv device removal. A possible race between hv_pci_remove_slots() and pci_devices_present_work(). (BZ#1948961)
I/O delays incorrectly handled in the NVMe stack (BZ#1981610)
Data corruption in NFS client reusing slotid/seqid due to an interrupted slot (BZ#2007465)

OSVersionArchitecturePackageVersionFilename
RedHat7s390xkernel< 3.10.0-1160.49.1.el7kernel-3.10.0-1160.49.1.el7.s390x.rpm
RedHat7x86_64kernel< 3.10.0-1160.49.1.el7kernel-3.10.0-1160.49.1.el7.x86_64.rpm
RedHat7ppc64lebpftool< 3.10.0-1160.49.1.el7bpftool-3.10.0-1160.49.1.el7.ppc64le.rpm
RedHat7s390xpython-perf-debuginfo< 3.10.0-1160.49.1.el7python-perf-debuginfo-3.10.0-1160.49.1.el7.s390x.rpm
RedHat7ppc64kernel-debug-debuginfo< 3.10.0-1160.49.1.el7kernel-debug-debuginfo-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat7ppc64kernel-tools-debuginfo< 3.10.0-1160.49.1.el7kernel-tools-debuginfo-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat7ppc64bpftool< 3.10.0-1160.49.1.el7bpftool-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat7ppc64kernel-debuginfo-common-ppc64< 3.10.0-1160.49.1.el7kernel-debuginfo-common-ppc64-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat7s390xperf-debuginfo< 3.10.0-1160.49.1.el7perf-debuginfo-3.10.0-1160.49.1.el7.s390x.rpm
RedHat7ppc64kernel-debuginfo< 3.10.0-1160.49.1.el7kernel-debuginfo-3.10.0-1160.49.1.el7.ppc64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	s390x	kernel	< 3.10.0-1160.49.1.el7	kernel-3.10.0-1160.49.1.el7.s390x.rpm
RedHat	7	x86_64	kernel	< 3.10.0-1160.49.1.el7	kernel-3.10.0-1160.49.1.el7.x86_64.rpm
RedHat	7	ppc64le	bpftool	< 3.10.0-1160.49.1.el7	bpftool-3.10.0-1160.49.1.el7.ppc64le.rpm
RedHat	7	s390x	python-perf-debuginfo	< 3.10.0-1160.49.1.el7	python-perf-debuginfo-3.10.0-1160.49.1.el7.s390x.rpm
RedHat	7	ppc64	kernel-debug-debuginfo	< 3.10.0-1160.49.1.el7	kernel-debug-debuginfo-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat	7	ppc64	kernel-tools-debuginfo	< 3.10.0-1160.49.1.el7	kernel-tools-debuginfo-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat	7	ppc64	bpftool	< 3.10.0-1160.49.1.el7	bpftool-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat	7	ppc64	kernel-debuginfo-common-ppc64	< 3.10.0-1160.49.1.el7	kernel-debuginfo-common-ppc64-3.10.0-1160.49.1.el7.ppc64.rpm
RedHat	7	s390x	perf-debuginfo	< 3.10.0-1160.49.1.el7	perf-debuginfo-3.10.0-1160.49.1.el7.s390x.rpm
RedHat	7	ppc64	kernel-debuginfo	< 3.10.0-1160.49.1.el7	kernel-debuginfo-3.10.0-1160.49.1.el7.ppc64.rpm