Lucene search

K
redhatRedHatRHSA-2021:3363
HistoryAug 31, 2021 - 8:20 a.m.

(RHSA-2021:3363) Important: kernel security, bug fix, and enhancement update

2021-08-3108:20:19
access.redhat.com
33

0.002 Low

EPSS

Percentile

59.5%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: race condition in net/can/bcm.c leads to local privilege escalation (CVE-2021-3609)

  • kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543)

  • kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555)

  • kernel: race condition for removal of the HCI controller (CVE-2021-32399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • [Regression] RHEL8.2 - ISST-LTE:pVM:diapvmlp83:sum:memory DLPAR fails to add memory on multiple trials[mm/memory_hotplug.c:1163] (mm-) (BZ#1930169)

  • Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967100)

  • s390/uv: Fix handling of length extensions (BZ#1975657)

  • RHEL 8.3 using FCOE via a FastLinQ QL45000 card will not manually scan in LUN from Target_id’s over 8 (BZ#1976265)

  • Backport “tick/nohz: Conditionally restart tick on idle exit” to RHEL 8.5 (BZ#1978711)

  • rhel8.3: phase 2 netfilter backports from upstream (BZ#1980323)

  • xfrm: backports from upstream (BZ#1981841)

Enhancement(s):

  • [8.2.z] Incorrect parsing of ACPI HMAT table reports incorrect kernel WARNING taint (BZ#1943702)

  • Only selected patches from [IBM 8.4 FEAT] ibmvnic: Backport FW950 and assorted bug fixes (BZ#1980795)