Oval Definition:oval:com.redhat.rhsa:def:20212714
Revision Date:2021-07-20Version:638
Title:RHSA-2021:2714: kernel security and bug fix update (Important)
Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)

  • kernel: race condition for removal of the HCI controller (CVE-2021-32399)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

  • pinctrl_emmitsburg: improper configuration (BZ#1963984)

  • [Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath (BZ#1964419)

  • RHEL8.4 - [P10] [NPIV Multi queue Test kernel- 4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on Denali (ibmvfc/dlpar/RHEL8.4) (BZ#1964697)

  • Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967099)

  • backport fixes for Connection Tracking offload (BZ#1968679)

  • fm10k: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969910)

  • ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969911)

  • ena: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969913)

  • b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969914)

  • e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969915)

  • ice: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969917)

  • igb: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969919)

  • igbvf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969920)

  • igc: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969921)

  • ixgbe: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969922)

  • i40e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969923)

  • iavf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969925)

  • Backport netlink extack tracepoint (BZ#1972938)

  • [RHEL8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968)
    • Family:unixClass:patch
    Status:Reference(s):CVE-2021-32399
    CVE-2021-33909
    RHSA-2021:2714
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • kernel earlier than 0:4.18.0-305.10.2.el8_4 is currently running
  • OR kernel earlier than 0:4.18.0-305.10.2.el8_4 is set to boot up on next boot
  • AND
  • bpftool is earlier than 0:4.18.0-305.10.2.el8_4
  • AND bpftool is signed with Red Hat redhatrelease2 key
  • kernel is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel is signed with Red Hat redhatrelease2 key
  • kernel-abi-stablelists is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-abi-stablelists is signed with Red Hat redhatrelease2 key
  • kernel-core is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-core is signed with Red Hat redhatrelease2 key
  • kernel-cross-headers is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-cross-headers is signed with Red Hat redhatrelease2 key
  • kernel-debug is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-debug is signed with Red Hat redhatrelease2 key
  • kernel-debug-core is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-debug-core is signed with Red Hat redhatrelease2 key
  • kernel-debug-devel is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-debug-modules is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-debug-modules is signed with Red Hat redhatrelease2 key
  • kernel-debug-modules-extra is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-devel is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-devel is signed with Red Hat redhatrelease2 key
  • kernel-doc is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-doc is signed with Red Hat redhatrelease2 key
  • kernel-modules is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-modules is signed with Red Hat redhatrelease2 key
  • kernel-modules-extra is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-tools is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-tools is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-tools-libs is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs-devel is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-zfcpdump is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-core is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-devel is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-modules is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-modules-extra is earlier than 0:4.18.0-305.10.2.el8_4
  • AND kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
  • perf is earlier than 0:4.18.0-305.10.2.el8_4
  • AND perf is signed with Red Hat redhatrelease2 key
  • python3-perf is earlier than 0:4.18.0-305.10.2.el8_4
  • AND python3-perf is signed with Red Hat redhatrelease2 key
    • BACK