(RHSA-2021:3444) Important: kernel security and bug fix update

2021-09-0714:26:29

access.redhat.com

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

40.5%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: race condition in net/can/bcm.c leads to local privilege escalation (CVE-2021-3609)
kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)
kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Guest kernel call trace when boot up with 4T memory and 2 vcpus (BZ#1993551)

OSVersionArchitecturePackageVersionFilename
RedHat8ppc64lekernel-cross-headers< 4.18.0-147.54.2.el8_1kernel-cross-headers-4.18.0-147.54.2.el8_1.ppc64le.rpm
RedHat8x86_64bpftool< 4.18.0-147.54.2.el8_1bpftool-4.18.0-147.54.2.el8_1.x86_64.rpm
RedHat8s390xbpftool< 4.18.0-147.54.2.el8_1bpftool-4.18.0-147.54.2.el8_1.s390x.rpm
RedHat8x86_64kernel-debug-core< 4.18.0-147.54.2.el8_1kernel-debug-core-4.18.0-147.54.2.el8_1.x86_64.rpm
RedHat8x86_64kernel-cross-headers< 4.18.0-147.54.2.el8_1kernel-cross-headers-4.18.0-147.54.2.el8_1.x86_64.rpm
RedHat8ppc64lekernel-modules< 4.18.0-147.54.2.el8_1kernel-modules-4.18.0-147.54.2.el8_1.ppc64le.rpm
RedHat8aarch64kernel-modules-extra< 4.18.0-147.54.2.el8_1kernel-modules-extra-4.18.0-147.54.2.el8_1.aarch64.rpm
RedHat8s390xbpftool-debuginfo< 4.18.0-147.54.2.el8_1bpftool-debuginfo-4.18.0-147.54.2.el8_1.s390x.rpm
RedHat8s390xkernel-debug-debuginfo< 4.18.0-147.54.2.el8_1kernel-debug-debuginfo-4.18.0-147.54.2.el8_1.s390x.rpm
RedHat8aarch64kernel-devel< 4.18.0-147.54.2.el8_1kernel-devel-4.18.0-147.54.2.el8_1.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	ppc64le	kernel-cross-headers	< 4.18.0-147.54.2.el8_1	kernel-cross-headers-4.18.0-147.54.2.el8_1.ppc64le.rpm
RedHat	8	x86_64	bpftool	< 4.18.0-147.54.2.el8_1	bpftool-4.18.0-147.54.2.el8_1.x86_64.rpm
RedHat	8	s390x	bpftool	< 4.18.0-147.54.2.el8_1	bpftool-4.18.0-147.54.2.el8_1.s390x.rpm
RedHat	8	x86_64	kernel-debug-core	< 4.18.0-147.54.2.el8_1	kernel-debug-core-4.18.0-147.54.2.el8_1.x86_64.rpm
RedHat	8	x86_64	kernel-cross-headers	< 4.18.0-147.54.2.el8_1	kernel-cross-headers-4.18.0-147.54.2.el8_1.x86_64.rpm
RedHat	8	ppc64le	kernel-modules	< 4.18.0-147.54.2.el8_1	kernel-modules-4.18.0-147.54.2.el8_1.ppc64le.rpm
RedHat	8	aarch64	kernel-modules-extra	< 4.18.0-147.54.2.el8_1	kernel-modules-extra-4.18.0-147.54.2.el8_1.aarch64.rpm
RedHat	8	s390x	bpftool-debuginfo	< 4.18.0-147.54.2.el8_1	bpftool-debuginfo-4.18.0-147.54.2.el8_1.s390x.rpm
RedHat	8	s390x	kernel-debug-debuginfo	< 4.18.0-147.54.2.el8_1	kernel-debug-debuginfo-4.18.0-147.54.2.el8_1.s390x.rpm
RedHat	8	aarch64	kernel-devel	< 4.18.0-147.54.2.el8_1	kernel-devel-4.18.0-147.54.2.el8_1.aarch64.rpm