kernel security and bug fix update

2021-07-2013:30:15

Rockylinux Product Errata

errata.rockylinux.org

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

55.7%

JSON

An update is available for kernel.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909)
kernel: race condition for removal of the HCI controller (CVE-2021-32399)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

pinctrl_emmitsburg: improper configuration (BZ#1963984)
[Ampere] locking/qrwlock: Fix ordering in queued_write_lock_slowpath (BZ#1964419)
Rocky Linux8.4 - [P10] [NPIV Multi queue Test kernel- 4.18.0-283.el8.ibmvfc_11022021.ppc64le] DLPAR operation fails for ibmvfc on Denali (ibmvfc/dlpar/Rocky Linux8.4) (BZ#1964697)
Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967099)
backport fixes for Connection Tracking offload (BZ#1968679)
fm10k: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969910)
ixgbevf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969911)
ena: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969913)
b44, bnx2, bnx2x, bnxt, tg3: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969914)
e1000, e1000e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969915)
ice: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969917)
igb: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969919)
igbvf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969920)
igc: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969921)
ixgbe: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969922)
i40e: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969923)
iavf: removal of MODULE_VERSION deemed improper for y-stream release (BZ#1969925)
Backport netlink extack tracepoint (BZ#1972938)
[Rocky Linux8.4] kernel panic when create NPIV port on qedf driver (BZ#1974968)

OSVersionArchitecturePackageVersionFilename
rocky8aarch64bpftool< 4.18.0-305.10.2.el8_4bpftool-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky8x86_64bpftool< 4.18.0-305.10.2.el8_4bpftool-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky8aarch64bpftool-debuginfo< 4.18.0-305.10.2.el8_4bpftool-debuginfo-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky8x86_64bpftool-debuginfo< 4.18.0-305.10.2.el8_4bpftool-debuginfo-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky8aarch64kernel< 4.18.0-305.10.2.el8_4kernel-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky8x86_64kernel< 4.18.0-305.10.2.el8_4kernel-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky8noarchkernel-abi-stablelists< 4.18.0-305.10.2.el8_4kernel-abi-stablelists-0:4.18.0-305.10.2.el8_4.noarch.rpm
rocky8aarch64kernel-core< 4.18.0-305.10.2.el8_4kernel-core-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky8x86_64kernel-core< 4.18.0-305.10.2.el8_4kernel-core-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky8aarch64kernel-cross-headers< 4.18.0-305.10.2.el8_4kernel-cross-headers-0:4.18.0-305.10.2.el8_4.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	aarch64	bpftool	< 4.18.0-305.10.2.el8_4	bpftool-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky	8	x86_64	bpftool	< 4.18.0-305.10.2.el8_4	bpftool-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky	8	aarch64	bpftool-debuginfo	< 4.18.0-305.10.2.el8_4	bpftool-debuginfo-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky	8	x86_64	bpftool-debuginfo	< 4.18.0-305.10.2.el8_4	bpftool-debuginfo-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky	8	aarch64	kernel	< 4.18.0-305.10.2.el8_4	kernel-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky	8	x86_64	kernel	< 4.18.0-305.10.2.el8_4	kernel-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky	8	noarch	kernel-abi-stablelists	< 4.18.0-305.10.2.el8_4	kernel-abi-stablelists-0:4.18.0-305.10.2.el8_4.noarch.rpm
rocky	8	aarch64	kernel-core	< 4.18.0-305.10.2.el8_4	kernel-core-0:4.18.0-305.10.2.el8_4.aarch64.rpm
rocky	8	x86_64	kernel-core	< 4.18.0-305.10.2.el8_4	kernel-core-0:4.18.0-305.10.2.el8_4.x86_64.rpm
rocky	8	aarch64	kernel-cross-headers	< 4.18.0-305.10.2.el8_4	kernel-cross-headers-0:4.18.0-305.10.2.el8_4.aarch64.rpm