Oval Definition:oval:com.redhat.rhsa:def:20214140
Revision Date:2021-11-09Version:635
Title:RHSA-2021:4140: kernel-rt security and bug fix update (Moderate)
Description:The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

  • Security Fix(es):
  • kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)
  • kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502)
  • kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503)
  • kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504)
  • kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)
  • kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587)
  • kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588)
  • kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139)
  • kernel: accepting plaintext data frames in protected networks (CVE-2020-26140)
  • kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)
  • kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143)
  • kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144)
  • kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145)
  • kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660)
  • kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158)
  • kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386)
  • kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129)
  • kernel: Use-after-free in ndb_queue_rq() (CVE-2021-3348)
  • kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489)
  • kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564)
  • kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)
  • kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)
  • kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)
  • kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732)
  • kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194)
  • kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)
  • kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950)
  • kernel: System crash in intel_pmu_drain_pebs_nhm (CVE-2021-28971)
  • kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory (CVE-2021-29155)
  • kernel: improper input validation in tipc_nl_retrieve_key function (CVE-2021-29646)
  • kernel: lack a full memory barrier upon the assignment of a new table value in x_tables.h may lead to DoS (CVE-2021-29650)
  • kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440)
  • kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829)
  • kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200)
  • kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146)
  • kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)
  • kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)
  • kernel: flowtable list del corruption with kernel BUG (CVE-2021-3635)
  • kernel: NULL pointer dereference in llsec_key_alloc() (CVE-2021-3659)
  • kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239)
  • kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)
    • Family:unixClass:patch
    Status:Reference(s):CVE-2019-14615
    CVE-2020-0427
    CVE-2020-24502
    CVE-2020-24503
    CVE-2020-24504
    CVE-2020-24586
    CVE-2020-24587
    CVE-2020-24588
    CVE-2020-26139
    CVE-2020-26140
    CVE-2020-26141
    CVE-2020-26143
    CVE-2020-26144
    CVE-2020-26145
    CVE-2020-26146
    CVE-2020-26147
    CVE-2020-29368
    CVE-2020-29660
    CVE-2020-36158
    CVE-2020-36312
    CVE-2020-36386
    CVE-2021-0129
    CVE-2021-20194
    CVE-2021-20239
    CVE-2021-23133
    CVE-2021-28950
    CVE-2021-28971
    CVE-2021-29155
    CVE-2021-29646
    CVE-2021-29650
    CVE-2021-31440
    CVE-2021-31829
    CVE-2021-31916
    CVE-2021-33033
    CVE-2021-33200
    CVE-2021-3348
    CVE-2021-3489
    CVE-2021-3564
    CVE-2021-3573
    CVE-2021-3600
    CVE-2021-3635
    CVE-2021-3659
    CVE-2021-3679
    CVE-2021-3732
    RHSA-2021:4140
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • kernel-rt earlier than 0:4.18.0-348.rt7.130.el8 is currently running
  • OR kernel-rt earlier than 0:4.18.0-348.rt7.130.el8 is set to boot up on next boot
  • AND
  • kernel-rt is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt is signed with Red Hat redhatrelease2 key
  • kernel-rt-core is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-core is signed with Red Hat redhatrelease2 key
  • kernel-rt-debug is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-debug is signed with Red Hat redhatrelease2 key
  • kernel-rt-debug-core is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-debug-core is signed with Red Hat redhatrelease2 key
  • kernel-rt-debug-devel is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-rt-debug-kvm is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
  • kernel-rt-debug-modules is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-debug-modules is signed with Red Hat redhatrelease2 key
  • kernel-rt-debug-modules-extra is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-rt-devel is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-devel is signed with Red Hat redhatrelease2 key
  • kernel-rt-kvm is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-kvm is signed with Red Hat redhatrelease2 key
  • kernel-rt-modules is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-modules is signed with Red Hat redhatrelease2 key
  • kernel-rt-modules-extra is earlier than 0:4.18.0-348.rt7.130.el8
  • AND kernel-rt-modules-extra is signed with Red Hat redhatrelease2 key
    • BACK