(RHSA-2021:4770) Important: kernel security and bug fix update

2021-11-2311:55:39

access.redhat.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

46.7%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Bring in upstream serial kernel patch (BZ#2007936)

OSVersionArchitecturePackageVersionFilename
RedHat7noarchkernel-doc< 3.10.0-957.86.1.el7kernel-doc-3.10.0-957.86.1.el7.noarch.rpm
RedHat7x86_64kernel-debug-devel< 3.10.0-957.86.1.el7kernel-debug-devel-3.10.0-957.86.1.el7.x86_64.rpm
RedHat7x86_64kernel-debuginfo< 3.10.0-957.86.1.el7kernel-debuginfo-3.10.0-957.86.1.el7.x86_64.rpm
RedHat7ppc64lekernel-debug-debuginfo< 3.10.0-957.86.1.el7kernel-debug-debuginfo-3.10.0-957.86.1.el7.ppc64le.rpm
RedHat7x86_64perf-debuginfo< 3.10.0-957.86.1.el7perf-debuginfo-3.10.0-957.86.1.el7.x86_64.rpm
RedHat7x86_64bpftool< 3.10.0-957.86.1.el7bpftool-3.10.0-957.86.1.el7.x86_64.rpm
RedHat7ppc64lekernel-debuginfo-common-ppc64le< 3.10.0-957.86.1.el7kernel-debuginfo-common-ppc64le-3.10.0-957.86.1.el7.ppc64le.rpm
RedHat7ppc64lekernel-debuginfo< 3.10.0-957.86.1.el7kernel-debuginfo-3.10.0-957.86.1.el7.ppc64le.rpm
RedHat7x86_64kernel-debug-debuginfo< 3.10.0-957.86.1.el7kernel-debug-debuginfo-3.10.0-957.86.1.el7.x86_64.rpm
RedHat7ppc64lekernel-bootwrapper< 3.10.0-957.86.1.el7kernel-bootwrapper-3.10.0-957.86.1.el7.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	kernel-doc	< 3.10.0-957.86.1.el7	kernel-doc-3.10.0-957.86.1.el7.noarch.rpm
RedHat	7	x86_64	kernel-debug-devel	< 3.10.0-957.86.1.el7	kernel-debug-devel-3.10.0-957.86.1.el7.x86_64.rpm
RedHat	7	x86_64	kernel-debuginfo	< 3.10.0-957.86.1.el7	kernel-debuginfo-3.10.0-957.86.1.el7.x86_64.rpm
RedHat	7	ppc64le	kernel-debug-debuginfo	< 3.10.0-957.86.1.el7	kernel-debug-debuginfo-3.10.0-957.86.1.el7.ppc64le.rpm
RedHat	7	x86_64	perf-debuginfo	< 3.10.0-957.86.1.el7	perf-debuginfo-3.10.0-957.86.1.el7.x86_64.rpm
RedHat	7	x86_64	bpftool	< 3.10.0-957.86.1.el7	bpftool-3.10.0-957.86.1.el7.x86_64.rpm
RedHat	7	ppc64le	kernel-debuginfo-common-ppc64le	< 3.10.0-957.86.1.el7	kernel-debuginfo-common-ppc64le-3.10.0-957.86.1.el7.ppc64le.rpm
RedHat	7	ppc64le	kernel-debuginfo	< 3.10.0-957.86.1.el7	kernel-debuginfo-3.10.0-957.86.1.el7.ppc64le.rpm
RedHat	7	x86_64	kernel-debug-debuginfo	< 3.10.0-957.86.1.el7	kernel-debug-debuginfo-3.10.0-957.86.1.el7.x86_64.rpm
RedHat	7	ppc64le	kernel-bootwrapper	< 3.10.0-957.86.1.el7	kernel-bootwrapper-3.10.0-957.86.1.el7.ppc64le.rpm