7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.7%
An update is available for kernel.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run (CVE-2021-3501)
kernel: nitro_enclaves stale file descriptors on failed usercopy (CVE-2021-3543)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
OVS mistakenly using local IP as tun_dst for VXLAN packets (?) (BZ#1944667)
Selinux: The task calling security_set_bools() deadlocks with itself when it later calls selinux_audit_rule_match(). (BZ#1945123)
[mlx5] tc flower mpls match options does not work (BZ#1952061)
mlx5: missing patches for ct.rel (BZ#1952062)
CT HWOL: with OVN/OVS, intermittently, load balancer hairpin TCP packets get dropped for seconds in a row (BZ#1952065)
[Lenovo 8.3 bug] Blackscreen after clicking on “Settings” icon from top-right corner. (BZ#1952900)
Rocky Linux 8.x missing uio upstream fix. (BZ#1952952)
Turbostat doesn’t show any measured data on AMD Milan (BZ#1952987)
P620 no sound from front headset jack (BZ#1954545)
Rocky Linux kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. (BZ#1955188)
[net/sched] connection failed with DNAT + SNAT by tc action ct (BZ#1956458)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
rocky | 8 | aarch64 | bpftool | < 4.18.0-305.3.1.el8_4 | bpftool-0:4.18.0-305.3.1.el8_4.aarch64.rpm |
rocky | 8 | x86_64 | bpftool | < 4.18.0-305.3.1.el8_4 | bpftool-0:4.18.0-305.3.1.el8_4.x86_64.rpm |
rocky | 8 | aarch64 | bpftool-debuginfo | < 4.18.0-305.3.1.el8_4 | bpftool-debuginfo-0:4.18.0-305.3.1.el8_4.aarch64.rpm |
rocky | 8 | x86_64 | bpftool-debuginfo | < 4.18.0-305.3.1.el8_4 | bpftool-debuginfo-0:4.18.0-305.3.1.el8_4.x86_64.rpm |
rocky | 8 | aarch64 | kernel | < 4.18.0-305.3.1.el8_4 | kernel-0:4.18.0-305.3.1.el8_4.aarch64.rpm |
rocky | 8 | x86_64 | kernel | < 4.18.0-305.3.1.el8_4 | kernel-0:4.18.0-305.3.1.el8_4.x86_64.rpm |
rocky | 8 | noarch | kernel-abi-stablelists | < 4.18.0-305.3.1.el8_4 | kernel-abi-stablelists-0:4.18.0-305.3.1.el8_4.noarch.rpm |
rocky | 8 | aarch64 | kernel-core | < 4.18.0-305.3.1.el8_4 | kernel-core-0:4.18.0-305.3.1.el8_4.aarch64.rpm |
rocky | 8 | x86_64 | kernel-core | < 4.18.0-305.3.1.el8_4 | kernel-core-0:4.18.0-305.3.1.el8_4.x86_64.rpm |
rocky | 8 | aarch64 | kernel-cross-headers | < 4.18.0-305.3.1.el8_4 | kernel-cross-headers-0:4.18.0-305.3.1.el8_4.aarch64.rpm |
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.7%