Lucene search

K
osvGoogleOSV:RLSA-2021:2714
HistoryJul 20, 2021 - 1:30 p.m.

Important: kernel security and bug fix update

2021-07-2013:30:15
Google
osv.dev
15

7.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.1%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)

  • kernel: race condition for removal of the HCI controller (CVE-2021-32399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • pinctrl_emmitsburg: improper configuration (BZ#1963984)

  • [Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath (BZ#1964419)

  • Rocky Linux8.4 - [P10] [NPIV Multi queue Test kernel- 4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on Denali (ibmvfc/dlpar/Rocky Linux8.4) (BZ#1964697)

  • Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967099)

  • backport fixes for Connection Tracking offload (BZ#1968679)

  • fm10k: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969910)

  • ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969911)

  • ena: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969913)

  • b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969914)

  • e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969915)

  • ice: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969917)

  • igb: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969919)

  • igbvf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969920)

  • igc: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969921)

  • ixgbe: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969922)

  • i40e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969923)

  • iavf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969925)

  • Backport netlink extack tracepoint (BZ#1972938)

  • [Rocky Linux8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968)