Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2021:4140: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2019-14615: kernel: Intel graphics card information leak.
  • CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem.
  • CVE-2020-24502: kernel: Improper input validation in some Intel® Ethernet E810 Adapter drivers
  • CVE-2020-24503: kernel: Insufficient access control in some Intel® Ethernet E810 Adapter drivers
  • CVE-2020-24504: kernel: Uncontrolled resource consumption in some Intel® Ethernet E810 Adapter drivers
  • CVE-2020-24586: kernel: Fragmentation cache not cleared on reconnection
  • CVE-2020-24587: kernel: Reassembling fragments encrypted under different keys
  • CVE-2020-24588: kernel: wifi frame payload being parsed incorrectly as an L2 frame
  • CVE-2020-26139: kernel: Forwarding EAPOL from unauthenticated wifi client
  • CVE-2020-26140: kernel: accepting plaintext data frames in protected networks
  • CVE-2020-26141: kernel: not verifying TKIP MIC of fragmented frames
  • CVE-2020-26143: kernel: accepting fragmented plaintext frames in protected networks
  • CVE-2020-26144: kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header
  • CVE-2020-26145: kernel: accepting plaintext broadcast fragments as full frames
  • CVE-2020-26146: kernel: reassembling encrypted fragments with non-consecutive packet numbers
  • CVE-2020-26147: kernel: reassembling mixed encrypted/plaintext fragments
  • CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check
  • CVE-2020-29660: kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
  • CVE-2020-36158: kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value
  • CVE-2020-36312: kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c
  • CVE-2020-36386: kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
  • CVE-2021-0129: kernel: Improper access control in BlueZ may allow information disclosure vulnerability.
  • CVE-2021-3348: kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
  • CVE-2021-3489: kernel: Linux kernel eBPF RINGBUF map oversized allocation
  • CVE-2021-3564: kernel: double free in bluetooth subsystem when the HCI device initialization fails
  • CVE-2021-3573: kernel: use-after-free in function hci_sock_bound_ioctl()
  • CVE-2021-3600: kernel: eBPF 32-bit source register truncation on div/mod
  • CVE-2021-3635: kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
  • CVE-2021-3659: kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
  • CVE-2021-3679: kernel: DoS in rb_per_cpu_empty()
  • CVE-2021-3732: kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
  • CVE-2021-20194: kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
  • CVE-2021-20239: kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure
  • CVE-2021-23133: kernel: Race condition in sctp_destroy_sock list_del
  • CVE-2021-28950: kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode
  • CVE-2021-28971: kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c
  • CVE-2021-29155: kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
  • CVE-2021-29646: kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c
  • CVE-2021-29650: kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
  • CVE-2021-31440: kernel: local escalation of privileges in handling of eBPF programs
  • CVE-2021-31829: kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory
  • CVE-2021-31916: kernel: out of bounds array access in drivers/md/dm-ioctl.c
  • CVE-2021-33033: kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c
  • CVE-2021-33200: kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier
Red Hat Security Data
#vulnerability#web#mac#linux#red_hat#nodejs#js#java#kubernetes#intel#aws#buffer_overflow#auth#wifi

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2021-11-09

Updated:

2021-11-09

RHSA-2021:4140 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)
  • kernel: Improper input validation in some Intel® Ethernet E810 Adapter drivers (CVE-2020-24502)
  • kernel: Insufficient access control in some Intel® Ethernet E810 Adapter drivers (CVE-2020-24503)
  • kernel: Uncontrolled resource consumption in some Intel® Ethernet E810 Adapter drivers (CVE-2020-24504)
  • kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)
  • kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587)
  • kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588)
  • kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139)
  • kernel: accepting plaintext data frames in protected networks (CVE-2020-26140)
  • kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)
  • kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143)
  • kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144)
  • kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145)
  • kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660)
  • kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158)
  • kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386)
  • kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129)
  • kernel: Use-after-free in ndb_queue_rq() (CVE-2021-3348)
  • kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489)
  • kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564)
  • kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)
  • kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)
  • kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)
  • kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732)
  • kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194)
  • kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)
  • kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950)
  • kernel: System crash in intel_pmu_drain_pebs_nhm (CVE-2021-28971)
  • kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory (CVE-2021-29155)
  • kernel: improper input validation in tipc_nl_retrieve_key function (CVE-2021-29646)
  • kernel: lack a full memory barrier upon the assignment of a new table value in x_tables.h may lead to DoS (CVE-2021-29650)
  • kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440)
  • kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829)
  • kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200)
  • kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146)
  • kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)
  • kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)
  • kernel: flowtable list del corruption with kernel BUG (CVE-2021-3635)
  • kernel: NULL pointer dereference in llsec_key_alloc() (CVE-2021-3659)
  • kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239)
  • kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)

Solution

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
  • Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.6 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.6 x86_64

Fixes

  • BZ - 1875275 - Failure to enter full_nohz due to needless SCHED softirqs
  • BZ - 1902412 - [kernel-rt] BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u129:3/1367837 observed with blktests nvme-tcp tests
  • BZ - 1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check
  • BZ - 1905747 - kernel-rt-debug: WARNING: possible circular locking dependency detected(&serv->sv_lock -> (softirq_ctrl.lock).lock)
  • BZ - 1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
  • BZ - 1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
  • BZ - 1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value
  • BZ - 1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem.
  • BZ - 1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
  • BZ - 1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure
  • BZ - 1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel® Ethernet E810 Adapter drivers
  • BZ - 1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel® Ethernet E810 Adapter drivers
  • BZ - 1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel® Ethernet E810 Adapter drivers
  • BZ - 1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode
  • BZ - 1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c
  • BZ - 1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c
  • BZ - 1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
  • BZ - 1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c
  • BZ - 1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del
  • BZ - 1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
  • BZ - 1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory
  • BZ - 1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation
  • BZ - 1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection
  • BZ - 1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys
  • BZ - 1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame
  • BZ - 1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client
  • BZ - 1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks
  • BZ - 1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames
  • BZ - 1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks
  • BZ - 1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header
  • BZ - 1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames
  • BZ - 1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers
  • BZ - 1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments
  • BZ - 1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs
  • BZ - 1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails
  • BZ - 1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability.
  • BZ - 1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier
  • BZ - 1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl()
  • BZ - 1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
  • BZ - 1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
  • BZ - 1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
  • BZ - 1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod
  • BZ - 1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty()
  • BZ - 1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files

CVEs

  • CVE-2019-14615
  • CVE-2020-0427
  • CVE-2020-24502
  • CVE-2020-24503
  • CVE-2020-24504
  • CVE-2020-24586
  • CVE-2020-24587
  • CVE-2020-24588
  • CVE-2020-26139
  • CVE-2020-26140
  • CVE-2020-26141
  • CVE-2020-26143
  • CVE-2020-26144
  • CVE-2020-26145
  • CVE-2020-26146
  • CVE-2020-26147
  • CVE-2020-29368
  • CVE-2020-29660
  • CVE-2020-36158
  • CVE-2020-36312
  • CVE-2020-36386
  • CVE-2021-0129
  • CVE-2021-3348
  • CVE-2021-3489
  • CVE-2021-3564
  • CVE-2021-3573
  • CVE-2021-3600
  • CVE-2021-3635
  • CVE-2021-3659
  • CVE-2021-3679
  • CVE-2021-3732
  • CVE-2021-20194
  • CVE-2021-20239
  • CVE-2021-23133
  • CVE-2021-28950
  • CVE-2021-28971
  • CVE-2021-29155
  • CVE-2021-29646
  • CVE-2021-29650
  • CVE-2021-31440
  • CVE-2021-31829
  • CVE-2021-31916
  • CVE-2021-33033
  • CVE-2021-33200

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

Red Hat Enterprise Linux for Real Time 8

SRPM

kernel-rt-4.18.0-348.rt7.130.el8.src.rpm

SHA-256: a5b3977f63bf8eecd27e7297f5eeca9e482f9516997e1f1c654e4ff274212bcf

x86_64

kernel-rt-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 880fffad0be46e1edf5132d56d6100abe4619ffd8b05eea543bb2dea89dfa21d

kernel-rt-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 81dd8f65866e8ca4ff304396fcedb1736702d1aea33e44518d4efe4961bb73b0

kernel-rt-debug-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: f97d4419f8952db2e28d293b31c00e91be53de117a5f54f0cfe4c6a04d5af8a0

kernel-rt-debug-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: b2444dfcb3773a68a0ada321125c2d01493d37b1918fa893113b309116e963d8

kernel-rt-debug-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 90d7bbd7dd91e68665c6f6b03fe9d18d2383a67048c7fb15488002af329df41b

kernel-rt-debug-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 3114ce56f8ee7bd7c44759c2ac8450e9f628059bd2acfc1c72b1bf5e71d3cd62

kernel-rt-debug-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: dda663d867933a56ffee448832754a3ed7f8d3b2cc89964ae2afc369aabcd64b

kernel-rt-debug-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 409409c8953c8992de4b0d74bc993e1bada02d9cb253ffed671ed95a628ed8fd

kernel-rt-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 5ee30599aeba6d259d6e59aa62efcb0e1f49cb20d104a31958382ea245cb59c1

kernel-rt-debuginfo-common-x86_64-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 2fb79a741e98efd4055c64fbac56925368e7a7388a3f85fc01f0242ab152cd28

kernel-rt-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 0c74fb60a95b408b9faff8886a853e7cb6f517b0faf2c408e5eec8ff84b3020a

kernel-rt-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 972bb38a34b331763d6bf501cc2695784f6b1ab976715621db735367bc2ff0fc

kernel-rt-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 43f0cc8e5eab05388f925718f2b1f1b25abe30e07f3e82df437fdacecb99b15c

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM

kernel-rt-4.18.0-348.rt7.130.el8.src.rpm

SHA-256: a5b3977f63bf8eecd27e7297f5eeca9e482f9516997e1f1c654e4ff274212bcf

x86_64

kernel-rt-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 880fffad0be46e1edf5132d56d6100abe4619ffd8b05eea543bb2dea89dfa21d

kernel-rt-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 81dd8f65866e8ca4ff304396fcedb1736702d1aea33e44518d4efe4961bb73b0

kernel-rt-debug-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: f97d4419f8952db2e28d293b31c00e91be53de117a5f54f0cfe4c6a04d5af8a0

kernel-rt-debug-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: b2444dfcb3773a68a0ada321125c2d01493d37b1918fa893113b309116e963d8

kernel-rt-debug-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 90d7bbd7dd91e68665c6f6b03fe9d18d2383a67048c7fb15488002af329df41b

kernel-rt-debug-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 3114ce56f8ee7bd7c44759c2ac8450e9f628059bd2acfc1c72b1bf5e71d3cd62

kernel-rt-debug-kvm-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: cf417bc849b287634121ab527b3ca4ae7fd1d01534888e23ffa973c671205336

kernel-rt-debug-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: dda663d867933a56ffee448832754a3ed7f8d3b2cc89964ae2afc369aabcd64b

kernel-rt-debug-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 409409c8953c8992de4b0d74bc993e1bada02d9cb253ffed671ed95a628ed8fd

kernel-rt-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 5ee30599aeba6d259d6e59aa62efcb0e1f49cb20d104a31958382ea245cb59c1

kernel-rt-debuginfo-common-x86_64-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 2fb79a741e98efd4055c64fbac56925368e7a7388a3f85fc01f0242ab152cd28

kernel-rt-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 0c74fb60a95b408b9faff8886a853e7cb6f517b0faf2c408e5eec8ff84b3020a

kernel-rt-kvm-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 49e305cfe31af2ff89e8147bc0127391db1ace5893234c820c8decbd7b145230

kernel-rt-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 972bb38a34b331763d6bf501cc2695784f6b1ab976715621db735367bc2ff0fc

kernel-rt-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 43f0cc8e5eab05388f925718f2b1f1b25abe30e07f3e82df437fdacecb99b15c

Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.6

SRPM

kernel-rt-4.18.0-348.rt7.130.el8.src.rpm

SHA-256: a5b3977f63bf8eecd27e7297f5eeca9e482f9516997e1f1c654e4ff274212bcf

x86_64

kernel-rt-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 880fffad0be46e1edf5132d56d6100abe4619ffd8b05eea543bb2dea89dfa21d

kernel-rt-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 81dd8f65866e8ca4ff304396fcedb1736702d1aea33e44518d4efe4961bb73b0

kernel-rt-debug-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: f97d4419f8952db2e28d293b31c00e91be53de117a5f54f0cfe4c6a04d5af8a0

kernel-rt-debug-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: b2444dfcb3773a68a0ada321125c2d01493d37b1918fa893113b309116e963d8

kernel-rt-debug-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 90d7bbd7dd91e68665c6f6b03fe9d18d2383a67048c7fb15488002af329df41b

kernel-rt-debug-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 3114ce56f8ee7bd7c44759c2ac8450e9f628059bd2acfc1c72b1bf5e71d3cd62

kernel-rt-debug-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: dda663d867933a56ffee448832754a3ed7f8d3b2cc89964ae2afc369aabcd64b

kernel-rt-debug-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 409409c8953c8992de4b0d74bc993e1bada02d9cb253ffed671ed95a628ed8fd

kernel-rt-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 5ee30599aeba6d259d6e59aa62efcb0e1f49cb20d104a31958382ea245cb59c1

kernel-rt-debuginfo-common-x86_64-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 2fb79a741e98efd4055c64fbac56925368e7a7388a3f85fc01f0242ab152cd28

kernel-rt-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 0c74fb60a95b408b9faff8886a853e7cb6f517b0faf2c408e5eec8ff84b3020a

kernel-rt-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 972bb38a34b331763d6bf501cc2695784f6b1ab976715621db735367bc2ff0fc

kernel-rt-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 43f0cc8e5eab05388f925718f2b1f1b25abe30e07f3e82df437fdacecb99b15c

Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.6

SRPM

kernel-rt-4.18.0-348.rt7.130.el8.src.rpm

SHA-256: a5b3977f63bf8eecd27e7297f5eeca9e482f9516997e1f1c654e4ff274212bcf

x86_64

kernel-rt-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 880fffad0be46e1edf5132d56d6100abe4619ffd8b05eea543bb2dea89dfa21d

kernel-rt-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 81dd8f65866e8ca4ff304396fcedb1736702d1aea33e44518d4efe4961bb73b0

kernel-rt-debug-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: f97d4419f8952db2e28d293b31c00e91be53de117a5f54f0cfe4c6a04d5af8a0

kernel-rt-debug-core-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: b2444dfcb3773a68a0ada321125c2d01493d37b1918fa893113b309116e963d8

kernel-rt-debug-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 90d7bbd7dd91e68665c6f6b03fe9d18d2383a67048c7fb15488002af329df41b

kernel-rt-debug-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 3114ce56f8ee7bd7c44759c2ac8450e9f628059bd2acfc1c72b1bf5e71d3cd62

kernel-rt-debug-kvm-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: cf417bc849b287634121ab527b3ca4ae7fd1d01534888e23ffa973c671205336

kernel-rt-debug-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: dda663d867933a56ffee448832754a3ed7f8d3b2cc89964ae2afc369aabcd64b

kernel-rt-debug-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 409409c8953c8992de4b0d74bc993e1bada02d9cb253ffed671ed95a628ed8fd

kernel-rt-debuginfo-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 5ee30599aeba6d259d6e59aa62efcb0e1f49cb20d104a31958382ea245cb59c1

kernel-rt-debuginfo-common-x86_64-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 2fb79a741e98efd4055c64fbac56925368e7a7388a3f85fc01f0242ab152cd28

kernel-rt-devel-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 0c74fb60a95b408b9faff8886a853e7cb6f517b0faf2c408e5eec8ff84b3020a

kernel-rt-kvm-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 49e305cfe31af2ff89e8147bc0127391db1ace5893234c820c8decbd7b145230

kernel-rt-modules-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 972bb38a34b331763d6bf501cc2695784f6b1ab976715621db735367bc2ff0fc

kernel-rt-modules-extra-4.18.0-348.rt7.130.el8.x86_64.rpm

SHA-256: 43f0cc8e5eab05388f925718f2b1f1b25abe30e07f3e82df437fdacecb99b15c

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Ubuntu Security Notice USN-6014-1

Ubuntu Security Notice 6014-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-6013-1

Ubuntu Security Notice 6013-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-6001-1

Ubuntu Security Notice 6001-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

CVE-2023-28069: DSA-2022-258: Dell Streaming Data Platform Security Update for Multiple Third-Party Component Vulnerabilities

Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. An attacker with privileges same as a legitimate user can phish the legitimate the user to redirect to malicious website leading to information disclosure and launch of phishing attacks.

CVE-2022-34456: DSA-2022-267: Dell EMC Metronode VS5 Security Update for Multiple Third-Party Component Vulnerabilities

Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Gentoo Linux Security Advisory 202209-16

Gentoo Linux Security Advisory 202209-16 - Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution. Versions less than 5.63 are affected.

Red Hat Security Advisory 2022-6053-01

Red Hat Security Advisory 2022-6053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.56.

RHSA-2022:6053: Red Hat Security Advisory: OpenShift Container Platform 4.7.56 security and bug fix update

Red Hat OpenShift Container Platform release 4.7.56 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

CVE-2021-3659: Red Hat Customer Portal - Access to 24x7 support and knowledge

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.

RHSA-2022:5879: Red Hat Security Advisory: OpenShift Container Platform 4.9.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2403: openshift: oauth-serving-cert configmap contains cluster certificate private key

Red Hat Security Advisory 2022-5730-01

Red Hat Security Advisory 2022-5730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.25.

RHSA-2022:5730: Red Hat Security Advisory: OpenShift Container Platform 4.10.25 bug fix and security update

Red Hat OpenShift Container Platform release 4.10.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921...

Red Hat Security Advisory 2022-5626-01

Red Hat Security Advisory 2022-5626-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:5626: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2021-4197: kernel: cgroup: Use open-time creds and namespace for migration perm checks * CVE-2021-4203: kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses * CVE-2022-1...

RHSA-2022:5633: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2021-4197: kernel: cgroup: Use open-time creds and namespace for migration perm checks * CVE-2021-4203: kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses * CVE-202...

CVE-2022-32263: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.

CVE-2022-29286: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.

CVE-2022-27929: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.

CVE-2022-27934: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.

CVE-2022-26655: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.

CVE-2022-27935: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.

CVE-2022-26654: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.

CVE-2022-27936: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.

CVE-2022-26656: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.

CVE-2022-27932: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-27931: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-27930: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.

CVE-2022-27928: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-25357: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.

CVE-2022-27937: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.

CVE-2022-27933: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2021-40012: July

Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.

Red Hat Security Advisory 2022-5220-01

Red Hat Security Advisory 2022-5220-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5224-01

Red Hat Security Advisory 2022-5224-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, information leakage, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:5220: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-1729: kernel: race condition in perf_event_open leads to priv...

RHSA-2022:5224: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-1729: kernel: race condition in perf_event_open leads to p...

CVE-2022-20233: Pixel Update Bulletin—June 2022  |  Android Open Source Project

In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A

CVE-2021-3732: CVE-2021-3732 | Ubuntu

A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.

CVE-2021-0978: Pixel Update Bulletin—December 2021

In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-192587406

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

RHSA-2021:4356: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-14615: kernel: Intel graphics card information leak. * CVE-2020-0427: kernel: out-of-bounds reads in pinctrl subsystem. * CVE-2020-24502: kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24503: kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers * CVE-2020-24504: kernel: Uncontroll...

CVE-2021-3573: Invalid Bug ID

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.

CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

CVE-2021-3564: Invalid Bug ID

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.

CVE-2021-20239: Invalid Bug ID

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.

CVE-2020-25668: [SECURITY] [DLA 2494-1] linux security update

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

CVE-2020-25668: [SECURITY] [DLA 2494-1] linux security update

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

CVE-2021-31440: ZDI-21-503

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-24587: Security flaws in all Wi-Fi devices

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2020-26145: Security flaws in all Wi-Fi devices

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

CVE-2021-23133

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.

CVE-2021-28971

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.

CVE-2020-36158: [1/1] mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

CVE-2020-8832: Bug #1862840 “[Bionic] i915 incomplete fix for CVE-2019-14615” : Bugs : linux package : Ubuntu

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

CVE-2020-3909: About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.