Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2021:1739: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es):

  • kernel: Integer overflow in Intel® Graphics Drivers (CVE-2020-12362)
  • kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver (CVE-2019-19523)
  • kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (CVE-2019-19528)
  • kernel: possible out of bounds write in kbd_keycode of keyboard.c (CVE-2020-0431)
  • kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)
  • kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c (CVE-2020-12464)
  • kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)
  • kernel: Use After Free vulnerability in cgroup BPF component (CVE-2020-14356)
  • kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c (CVE-2020-15437)
  • kernel: umask not applied on filesystem without ACL support (CVE-2020-24394)
  • kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)
  • kernel: incomplete permission checking for access to rbd devices (CVE-2020-25284)
  • kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c (CVE-2020-25285)
  • kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow (CVE-2020-25643)
  • kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
  • kernel: use-after-free in kernel midi subsystem (CVE-2020-27786)
  • kernel: child process is able to access parent mm through hfi dev file handle (CVE-2020-27835)
  • kernel: slab-out-of-bounds read in fbcon (CVE-2020-28974)
  • kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent (CVE-2020-35508)
  • kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege (CVE-2021-0342)
  • kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c (CVE-2020-11608) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. Related CVEs:
  • CVE-2019-19523: kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver
  • CVE-2019-19528: kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver
  • CVE-2020-0431: kernel: possible out of bounds write in kbd_keycode of keyboard.c
  • CVE-2020-11608: kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c
  • CVE-2020-12114: kernel: DoS by corrupting mountpoint reference counter
  • CVE-2020-12362: kernel: Integer overflow in Intel® Graphics Drivers
  • CVE-2020-12363: kernel: Improper input validation in some Intel® Graphics Drivers
  • CVE-2020-12364: kernel: Null pointer dereference in some Intel® Graphics Drivers
  • CVE-2020-12464: kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c
  • CVE-2020-14314: kernel: buffer uses out of index in ext3/4 filesystem
  • CVE-2020-14356: kernel: Use After Free vulnerability in cgroup BPF component
  • CVE-2020-15437: kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c
  • CVE-2020-24394: kernel: umask not applied on filesystem without ACL support
  • CVE-2020-25212: kernel: TOCTOU mismatch in the NFS client code
  • CVE-2020-25284: kernel: incomplete permission checking for access to rbd devices
  • CVE-2020-25285: kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c
  • CVE-2020-25643: kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
  • CVE-2020-25704: kernel: perf_event_parse_addr_filter memory
  • CVE-2020-27786: kernel: use-after-free in kernel midi subsystem
  • CVE-2020-27835: kernel: child process is able to access parent mm through hfi dev file handle
  • CVE-2020-28974: kernel: slab-out-of-bounds read in fbcon
  • CVE-2020-35508: kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
  • CVE-2021-0342: kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege
  • CVE-2021-0605: kernel: In pfkey_dump() dplen and splen can both be specified to access the xfrm_address_t structure out of bounds
Red Hat Security Data
Open in Source
#vulnerability#linux#red_hat

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data