Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:2570

Опубликовано: 29 июн. 2021
Источник: rocky
Оценка: Important

Описание

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034)

  • kernel: security bypass in certs/blacklist.c and certs/system_keyring.c (CVE-2020-26541)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • [ESXi][Rocky Linux-8] VMXNET3 v4 causes invalid checksums of inner packets of VXLAN tunnel (BZ#1960702)

  • fnic crash from invalid request pointer (BZ#1961705)

  • GFS2: Failed FS thaw call makes the entire snapshot failed. (BZ#1961849)

  • dm writecache: fix performance degradation in ssd mode (BZ#1962241)

  • Kernel BUG with act_ct and IP fragments (BZ#1963940)

  • core: backports from upstream (BZ#1963952)

  • Hibernate resume on Rocky Linux fails in Amazon EC2 C5.18xlarge instance (BZ#1964930)

  • [SanityOnly] panic caused by i40e_msix_clean_rings (BZ#1964962)

  • tc reclassification limit is too low for OVN (BZ#1965148)

  • tc action ct nat src addr does not work while used with ct nat dst addr together (BZ#1965150)

  • CNB: Rebase/update TC subsystem for Rocky Linux 8.5 (BZ#1965457)

  • sctp: crash due to use after free of sctp_transport structure (BZ#1965632)

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
kernel-debug-corex86_64305.7.1.el8_4kernel-debug-core-4.18.0-305.7.1.el8_4.x86_64.rpm
bpftoolx86_64305.7.1.el8_4bpftool-4.18.0-305.7.1.el8_4.x86_64.rpm
kernel-docnoarch305.7.1.el8_4kernel-doc-4.18.0-305.7.1.el8_4.noarch.rpm
python3-perfx86_64305.7.1.el8_4python3-perf-4.18.0-305.7.1.el8_4.x86_64.rpm
kernel-toolsx86_64305.7.1.el8_4kernel-tools-4.18.0-305.7.1.el8_4.x86_64.rpm
kernel-abi-stablelistsnoarch305.7.1.el8_4kernel-abi-stablelists-4.18.0-305.7.1.el8_4.noarch.rpm
kernelx86_64305.7.1.el8_4kernel-4.18.0-305.7.1.el8_4.x86_64.rpm
kernel-modulesx86_64305.7.1.el8_4kernel-modules-4.18.0-305.7.1.el8_4.x86_64.rpm
kernel-cross-headersx86_64305.7.1.el8_4kernel-cross-headers-4.18.0-305.7.1.el8_4.x86_64.rpm
kernel-debug-modulesx86_64305.7.1.el8_4kernel-debug-modules-4.18.0-305.7.1.el8_4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2020-26541
CVE-2021-33034

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2021-2570

oracle-oval
больше 4 лет назад

ELSA-2021-2570: kernel security and bug fix update (IMPORTANT)

ubuntu логотип

CVE-2020-26541

CVSS3: 6.5
ubuntu
около 5 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

redhat логотип

CVE-2020-26541

CVSS3: 6.5
redhat
больше 5 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

nvd логотип

CVE-2020-26541

CVSS3: 6.5
nvd
около 5 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

msrc логотип

CVE-2020-26541

CVSS3: 6.5
msrc
около 5 лет назад

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.