Lucene search

K
redhatRedHatRHSA-2021:2714
HistoryJul 20, 2021 - 1:30 p.m.

(RHSA-2021:2714) Important: kernel security and bug fix update

2021-07-2013:30:15
access.redhat.com
59

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

55.4%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)

  • kernel: race condition for removal of the HCI controller (CVE-2021-32399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • pinctrl_emmitsburg: improper configuration (BZ#1963984)

  • [Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath (BZ#1964419)

  • RHEL8.4 - [P10] [NPIV Multi queue Test kernel- 4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on Denali (ibmvfc/dlpar/RHEL8.4) (BZ#1964697)

  • Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967099)

  • backport fixes for Connection Tracking offload (BZ#1968679)

  • fm10k: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969910)

  • ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969911)

  • ena: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969913)

  • b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969914)

  • e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969915)

  • ice: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969917)

  • igb: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969919)

  • igbvf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969920)

  • igc: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969921)

  • ixgbe: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969922)

  • i40e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969923)

  • iavf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969925)

  • Backport netlink extack tracepoint (BZ#1972938)

  • [RHEL8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968)

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

55.4%