Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-3612 (GCVE-0-2021-3612)
Vulnerability from cvelistv5
Published
2021-07-09 10:33
Modified
2024-08-03 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - ->CWE-119
Summary
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.9-rc1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20-\u003eCWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:36:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.9-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20-\u003eCWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"name": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"refsource": "MISC",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210805-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3612",
"datePublished": "2021-07-09T10:33:16",
"dateReserved": "2021-06-21T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3612\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-07-09T11:15:09.457\",\"lastModified\":\"2024-11-21T06:21:58.743\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado un fallo de escritura en memoria fuera de l\u00edmites en el kernel de Linux joystick devices subsystem en versiones anteriores a 5.9-rc1, en la manera en que el usuario llama a la ioctl JSIOCSBTNMAP. Este fallo permite a un usuario local bloquear el sistema o posiblemente escalar sus privilegios en el sistema. La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad y la disponibilidad del sistema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.9.0\",\"matchCriteriaId\":\"C9CA5EDA-9CA4-49FA-AF86-7B150825868E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EDB6772-7FDB-45FF-8D72-952902A7EE56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9955F62A-75D3-4347-9AD3-5947FC365838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A6D77C7-A2F4-4700-AB5A-3EC853496ECA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB9B8171-F6CA-427D-81E0-6536D3BBFA8D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"090AA6F4-4404-4E26-82AB-C3A22636F276\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108A2215-50FB-4074-94CF-C130FA14566D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F0B6C0-F930-480D-962B-3F4EFDCC13C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"803BC414-B250-4E3A-A478-A3881340D6B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEB3337-BFDE-462A-908B-176F92053CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"736AEAE9-782B-4F71-9893-DED53367E102\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1974079\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210805-0005/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1974079\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210805-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
suse-su-2021:2438-1
Vulnerability from csaf_suse
Published
2021-07-21 11:46
Modified
2021-07-21 11:46
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116).
- CVE-2021-33909: Extremely large seq buffer allocations in seq_file could lead to buffer underruns and code execution (bsc#1188062).
- CVE-2021-3609: A use-after-free in can/bcm could have led to privilege escalation (bsc#1187215).
- CVE-2021-3612: An out-of-bounds memory write flaw was found in the joystick devices subsystem in the way the user calls ioctl JSIOCSBTNMAP. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (bnc#1187585 ).
- CVE-2021-35039: kernel/module.c mishandled Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bnc#1188080). NOTE that SUSE kernels are configured with CONFIG_MODULE_SIG=y, so are not affected.
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch
- fix patches metadata
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- Use /usr/lib/modules as module dir when usermerge is active in the target distro.
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames
SUSE-2021-2438,SUSE-SLE-Module-Basesystem-15-SP2-2021-2438,SUSE-SLE-Module-Development-Tools-15-SP2-2021-2438,SUSE-SLE-Module-Legacy-15-SP2-2021-2438,SUSE-SLE-Module-Live-Patching-15-SP2-2021-2438,SUSE-SLE-Product-HA-15-SP2-2021-2438,SUSE-SLE-Product-WE-15-SP2-2021-2438,SUSE-SUSE-MicroOS-5.0-2021-2438
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116).\n- CVE-2021-33909: Extremely large seq buffer allocations in seq_file could lead to buffer underruns and code execution (bsc#1188062).\n- CVE-2021-3609: A use-after-free in can/bcm could have led to privilege escalation (bsc#1187215).\n- CVE-2021-3612: An out-of-bounds memory write flaw was found in the joystick devices subsystem in the way the user calls ioctl JSIOCSBTNMAP. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (bnc#1187585 ).\n- CVE-2021-35039: kernel/module.c mishandled Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bnc#1188080). NOTE that SUSE kernels are configured with CONFIG_MODULE_SIG=y, so are not affected.\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: si5341: Update initialization magic (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch\n- fix patches metadata\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify \u0026 fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(\u0026port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: tcpm: update power supply once partner accepts (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- Use /usr/lib/modules as module dir when usermerge is active in the target distro.\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors \u0026 warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2438,SUSE-SLE-Module-Basesystem-15-SP2-2021-2438,SUSE-SLE-Module-Development-Tools-15-SP2-2021-2438,SUSE-SLE-Module-Legacy-15-SP2-2021-2438,SUSE-SLE-Module-Live-Patching-15-SP2-2021-2438,SUSE-SLE-Product-HA-15-SP2-2021-2438,SUSE-SLE-Product-WE-15-SP2-2021-2438,SUSE-SUSE-MicroOS-5.0-2021-2438",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2438-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2438-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212438-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2438-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009194.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-21T11:46:47Z",
"generator": {
"date": "2021-07-21T11:46:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2438-1",
"initial_release_date": "2021-07-21T11:46:47Z",
"revision_history": [
{
"date": "2021-07-21T11:46:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"product_id": "cluster-md-kmp-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-24.75.3.aarch64",
"product_id": "cluster-md-kmp-preempt-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "dlm-kmp-default-5.3.18-24.75.3.aarch64",
"product_id": "dlm-kmp-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-24.75.3.aarch64",
"product_id": "dlm-kmp-preempt-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"product_id": "gfs2-kmp-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-24.75.3.aarch64",
"product_id": "gfs2-kmp-preempt-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-default-5.3.18-24.75.3.aarch64",
"product_id": "kernel-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"product": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"product_id": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.aarch64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.aarch64",
"product_id": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-default-devel-5.3.18-24.75.3.aarch64",
"product_id": "kernel-default-devel-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-default-extra-5.3.18-24.75.3.aarch64",
"product_id": "kernel-default-extra-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.aarch64",
"product_id": "kernel-default-livepatch-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.aarch64",
"product_id": "kernel-default-livepatch-devel-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-obs-build-5.3.18-24.75.3.aarch64",
"product_id": "kernel-obs-build-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-24.75.1.aarch64",
"product": {
"name": "kernel-obs-qa-5.3.18-24.75.1.aarch64",
"product_id": "kernel-obs-qa-5.3.18-24.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-preempt-5.3.18-24.75.3.aarch64",
"product_id": "kernel-preempt-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"product_id": "kernel-preempt-devel-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-preempt-extra-5.3.18-24.75.3.aarch64",
"product_id": "kernel-preempt-extra-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-livepatch-devel-5.3.18-24.75.3.aarch64",
"product": {
"name": "kernel-preempt-livepatch-devel-5.3.18-24.75.3.aarch64",
"product_id": "kernel-preempt-livepatch-devel-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-24.75.1.aarch64",
"product": {
"name": "kernel-syms-5.3.18-24.75.1.aarch64",
"product_id": "kernel-syms-5.3.18-24.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "kselftests-kmp-default-5.3.18-24.75.3.aarch64",
"product_id": "kselftests-kmp-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-24.75.3.aarch64",
"product_id": "kselftests-kmp-preempt-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"product_id": "ocfs2-kmp-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-24.75.3.aarch64",
"product_id": "ocfs2-kmp-preempt-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"product_id": "reiserfs-kmp-default-5.3.18-24.75.3.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-24.75.3.aarch64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-24.75.3.aarch64",
"product_id": "reiserfs-kmp-preempt-5.3.18-24.75.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-24.75.2.noarch",
"product": {
"name": "kernel-devel-5.3.18-24.75.2.noarch",
"product_id": "kernel-devel-5.3.18-24.75.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-24.75.2.noarch",
"product": {
"name": "kernel-docs-5.3.18-24.75.2.noarch",
"product_id": "kernel-docs-5.3.18-24.75.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-24.75.2.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-24.75.2.noarch",
"product_id": "kernel-docs-html-5.3.18-24.75.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-24.75.2.noarch",
"product": {
"name": "kernel-macros-5.3.18-24.75.2.noarch",
"product_id": "kernel-macros-5.3.18-24.75.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-24.75.2.noarch",
"product": {
"name": "kernel-source-5.3.18-24.75.2.noarch",
"product_id": "kernel-source-5.3.18-24.75.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-24.75.2.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-24.75.2.noarch",
"product_id": "kernel-source-vanilla-5.3.18-24.75.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"product_id": "cluster-md-kmp-default-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"product_id": "dlm-kmp-default-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"product_id": "gfs2-kmp-default-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-debug-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-debug-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-debug-devel-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-debug-devel-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-debug-livepatch-devel-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-debug-livepatch-devel-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-default-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-default-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"product": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"product_id": "kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.ppc64le",
"product_id": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-default-devel-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-default-devel-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-default-extra-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-default-extra-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-default-livepatch-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-kvmsmall-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-kvmsmall-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-kvmsmall-devel-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"product_id": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kernel-obs-build-5.3.18-24.75.3.ppc64le",
"product_id": "kernel-obs-build-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-24.75.1.ppc64le",
"product": {
"name": "kernel-obs-qa-5.3.18-24.75.1.ppc64le",
"product_id": "kernel-obs-qa-5.3.18-24.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-24.75.1.ppc64le",
"product": {
"name": "kernel-syms-5.3.18-24.75.1.ppc64le",
"product_id": "kernel-syms-5.3.18-24.75.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "kselftests-kmp-default-5.3.18-24.75.3.ppc64le",
"product_id": "kselftests-kmp-default-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"product_id": "ocfs2-kmp-default-5.3.18-24.75.3.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"product": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"product_id": "reiserfs-kmp-default-5.3.18-24.75.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"product": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"product_id": "cluster-md-kmp-default-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-24.75.3.s390x",
"product": {
"name": "dlm-kmp-default-5.3.18-24.75.3.s390x",
"product_id": "dlm-kmp-default-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-24.75.3.s390x",
"product": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.s390x",
"product_id": "gfs2-kmp-default-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-24.75.3.s390x",
"product": {
"name": "kernel-default-5.3.18-24.75.3.s390x",
"product_id": "kernel-default-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"product": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"product_id": "kernel-default-base-5.3.18-24.75.3.9.34.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.s390x",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.s390x",
"product_id": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-24.75.3.s390x",
"product": {
"name": "kernel-default-devel-5.3.18-24.75.3.s390x",
"product_id": "kernel-default-devel-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-24.75.3.s390x",
"product": {
"name": "kernel-default-extra-5.3.18-24.75.3.s390x",
"product_id": "kernel-default-extra-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-24.75.3.s390x",
"product": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.s390x",
"product_id": "kernel-default-livepatch-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"product_id": "kernel-default-livepatch-devel-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"product_id": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-24.75.3.s390x",
"product": {
"name": "kernel-obs-build-5.3.18-24.75.3.s390x",
"product_id": "kernel-obs-build-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-24.75.1.s390x",
"product": {
"name": "kernel-obs-qa-5.3.18-24.75.1.s390x",
"product_id": "kernel-obs-qa-5.3.18-24.75.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-24.75.1.s390x",
"product": {
"name": "kernel-syms-5.3.18-24.75.1.s390x",
"product_id": "kernel-syms-5.3.18-24.75.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-5.3.18-24.75.2.s390x",
"product": {
"name": "kernel-zfcpdump-5.3.18-24.75.2.s390x",
"product_id": "kernel-zfcpdump-5.3.18-24.75.2.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-24.75.3.s390x",
"product": {
"name": "kselftests-kmp-default-5.3.18-24.75.3.s390x",
"product_id": "kselftests-kmp-default-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"product": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"product_id": "ocfs2-kmp-default-5.3.18-24.75.3.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"product": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"product_id": "reiserfs-kmp-default-5.3.18-24.75.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"product_id": "cluster-md-kmp-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-24.75.3.x86_64",
"product_id": "cluster-md-kmp-preempt-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "dlm-kmp-default-5.3.18-24.75.3.x86_64",
"product_id": "dlm-kmp-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-24.75.3.x86_64",
"product_id": "dlm-kmp-preempt-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"product_id": "gfs2-kmp-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-24.75.3.x86_64",
"product_id": "gfs2-kmp-preempt-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-debug-5.3.18-24.75.3.x86_64",
"product_id": "kernel-debug-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-debug-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-debug-livepatch-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-debug-livepatch-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-default-5.3.18-24.75.3.x86_64",
"product_id": "kernel-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"product_id": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-24.75.3.9.34.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-default-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-default-extra-5.3.18-24.75.3.x86_64",
"product_id": "kernel-default-extra-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"product_id": "kernel-default-livepatch-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-24.75.3.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-24_75-preempt-1-5.3.3.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-24_75-preempt-1-5.3.3.x86_64",
"product_id": "kernel-livepatch-5_3_18-24_75-preempt-1-5.3.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-24.75.3.x86_64",
"product_id": "kernel-obs-build-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-24.75.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-24.75.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-24.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-24.75.3.x86_64",
"product_id": "kernel-preempt-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-preempt-extra-5.3.18-24.75.3.x86_64",
"product_id": "kernel-preempt-extra-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-livepatch-devel-5.3.18-24.75.3.x86_64",
"product": {
"name": "kernel-preempt-livepatch-devel-5.3.18-24.75.3.x86_64",
"product_id": "kernel-preempt-livepatch-devel-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-24.75.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-24.75.1.x86_64",
"product_id": "kernel-syms-5.3.18-24.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "kselftests-kmp-default-5.3.18-24.75.3.x86_64",
"product_id": "kselftests-kmp-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-24.75.3.x86_64",
"product_id": "kselftests-kmp-preempt-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"product_id": "ocfs2-kmp-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-24.75.3.x86_64",
"product_id": "ocfs2-kmp-preempt-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"product_id": "reiserfs-kmp-default-5.3.18-24.75.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-24.75.3.x86_64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-24.75.3.x86_64",
"product_id": "reiserfs-kmp-preempt-5.3.18-24.75.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "kernel-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le"
},
"product_reference": "kernel-default-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x"
},
"product_reference": "kernel-default-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64"
},
"product_reference": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le"
},
"product_reference": "kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x"
},
"product_reference": "kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64"
},
"product_reference": "kernel-default-devel-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le"
},
"product_reference": "kernel-default-devel-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x"
},
"product_reference": "kernel-default-devel-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-24.75.2.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch"
},
"product_reference": "kernel-devel-5.3.18-24.75.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-24.75.2.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch"
},
"product_reference": "kernel-macros-5.3.18-24.75.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64"
},
"product_reference": "kernel-preempt-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-24.75.2.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch"
},
"product_reference": "kernel-docs-5.3.18-24.75.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64"
},
"product_reference": "kernel-obs-build-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le"
},
"product_reference": "kernel-obs-build-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x"
},
"product_reference": "kernel-obs-build-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64"
},
"product_reference": "kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-24.75.2.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch"
},
"product_reference": "kernel-source-5.3.18-24.75.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-24.75.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64"
},
"product_reference": "kernel-syms-5.3.18-24.75.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-24.75.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le"
},
"product_reference": "kernel-syms-5.3.18-24.75.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-24.75.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x"
},
"product_reference": "kernel-syms-5.3.18-24.75.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-24.75.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-24.75.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le"
},
"product_reference": "reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x"
},
"product_reference": "reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le"
},
"product_reference": "kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x"
},
"product_reference": "kernel-default-livepatch-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le"
},
"product_reference": "cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x"
},
"product_reference": "cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "dlm-kmp-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le"
},
"product_reference": "dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x"
},
"product_reference": "dlm-kmp-default-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "dlm-kmp-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le"
},
"product_reference": "gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x"
},
"product_reference": "gfs2-kmp-default-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le"
},
"product_reference": "ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x"
},
"product_reference": "ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-default-extra-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-extra-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-preempt-extra-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-24.75.3.aarch64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64"
},
"product_reference": "kernel-default-5.3.18-24.75.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-24.75.3.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64"
},
"product_reference": "kernel-default-5.3.18-24.75.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64"
},
"product_reference": "kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-21T11:46:47Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-21T11:46:47Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-21T11:46:47Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-21T11:46:47Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-24_75-default-1-5.3.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Micro 5.0:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-base-5.3.18-24.75.3.9.34.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-default-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-devel-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-macros-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:kernel-preempt-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-docs-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-obs-build-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-preempt-devel-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-source-5.3.18-24.75.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:kernel-syms-5.3.18-24.75.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP2:reiserfs-kmp-default-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-default-extra-5.3.18-24.75.3.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:kernel-preempt-extra-5.3.18-24.75.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-21T11:46:47Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
suse-su-2021:2687-1
Vulnerability from csaf_suse
Published
2021-08-14 08:17
Modified
2021-08-14 08:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).
The following non-security bugs were fixed:
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: DPTF: Fix reading of attributes (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).
- ALSA: pcm: Fix mmap capability check (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usx2y: Avoid camelCase (git-fixes).
- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).
- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).
- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).
- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).
- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).
- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5682: Disable irq on shutdown (git-fixes).
- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).
- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).
- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).
- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).
- Bluetooth: Remove spurious error message (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).
- Bluetooth: btintel: Check firmware version before download (bsc#1188893).
- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).
- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).
- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).
- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).
- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).
- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).
- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).
- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).
- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).
- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).
- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).
- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).
- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).
- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).
- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).
- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).
- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).
- Bluetooth: hci_intel: enable on new platform (bsc#1188893).
- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).
- Bluetooth: hci_qca: fix potential GPF (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).
- KVM: nVMX: Consult only the 'basic' exit reason when routing nested exit (bsc#1188773).
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).
- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).
- RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).
- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).
- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).
- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).
- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
- Revert 'ACPI: resources: Add checks for ACPI IRQ override' (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'Bluetooth: btintel: Fix endianness issue for TLV version information' (bsc#1188893).
- Revert 'USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem' (git-fixes).
- Revert 'be2net: disable bh with spin_lock in be_process_mcc' (git-fixes).
- Revert 'drm/i915: Propagate errors on awaiting already signaled fences' (git-fixes).
- Revert 'drm: add a locked version of drm_is_current_master' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'iwlwifi: remove wide_cmd_header field' (bsc#1187495).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- bcache: avoid oversized read request in cache missing code path (bsc#1184631).
- bcache: remove bcache device self-defined readahead (bsc#1184631).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: do not disable an already disabled PCI device (git-fixes).
- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).
- bonding: fix build issue (git-fixes).
- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).
- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- cadence: force nonlinear buffers to be cloned (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- coresight: Propagate symlink failure (git-fixes).
- coresight: core: Fix use of uninitialized pointer (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- docs: virt/kvm: close inline string literal (bsc#1188703).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).
- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).
- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
- drm/amd/display: Fix build warnings (git-fixes).
- drm/amd/display: Fix off-by-one error in DML (git-fixes).
- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).
- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).
- drm/amdgpu: wait for moving fence after pinning (git-fixes).
- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge/sii8620: fix dependency on extcon (git-fixes).
- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm/bridge: nwl-dsi: Force a full modeset when crtc_state->active is changed to be true (git-fixes).
- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).
- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).
- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/rockchip: lvds: Fix an error handling path (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/scheduler: Fix hang when sched_entity released (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).
- drm/vc4: crtc: Skip the TXP (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).
- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: add a locked version of drm_is_current_master (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm: bridge: add missing word in Analogix help text (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm: rockchip: add missing registers for RK3066 (git-fixes).
- drm: rockchip: add missing registers for RK3188 (git-fixes).
- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).
- i40e: fix PTP on 5Gb links (jsc#SLE-13701).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).
- intel_th: Wait until port is in reset before programming it (git-fixes).
- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).
- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).
- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).
- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).
- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).
- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).
- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).
- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).
- iwlwifi: add trans op to set PNVM (bsc#1187495).
- iwlwifi: align RX status flags with firmware (bsc#1187495).
- iwlwifi: api: fix u32 -> __le32 (bsc#1187495).
- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).
- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).
- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).
- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).
- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).
- iwlwifi: dbg: add dumping special device memory (bsc#1187495).
- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).
- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).
- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).
- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: enable twt by default (bsc#1187495).
- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).
- iwlwifi: fix sar geo table initialization (bsc#1187495).
- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).
- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).
- iwlwifi: increase PNVM load timeout (bsc#1187495).
- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).
- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).
- iwlwifi: move PNVM implementation to common code (bsc#1187495).
- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).
- iwlwifi: move bc_pool to a common trans header (bsc#1187495).
- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).
- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).
- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).
- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).
- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).
- iwlwifi: mvm: add a get lmac id function (bsc#1187495).
- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).
- iwlwifi: mvm: add d3 prints (bsc#1187495).
- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).
- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).
- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).
- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).
- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).
- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).
- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).
- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).
- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).
- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).
- iwlwifi: mvm: fix error print when session protection ends (git-fixes).
- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).
- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).
- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).
- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).
- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).
- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).
- iwlwifi: mvm: ops: Remove unused static struct 'iwl_mvm_debug_names' (bsc#1187495).
- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).
- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).
- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).
- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).
- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).
- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).
- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).
- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).
- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).
- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).
- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).
- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).
- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).
- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).
- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).
- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).
- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).
- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).
- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).
- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).
- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).
- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).
- iwlwifi: pcie: fix context info freeing (git-fixes).
- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).
- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).
- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).
- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).
- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).
- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).
- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).
- iwlwifi: provide gso_type to GSO packets (bsc#1187495).
- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).
- iwlwifi: read and parse PNVM file (bsc#1187495).
- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).
- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).
- iwlwifi: remove wide_cmd_header field (bsc#1187495).
- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: rs: align to new TLC config command API (bsc#1187495).
- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).
- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).
- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).
- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).
- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).
- iwlwifi: support version 5 of the alive notification (bsc#1187495).
- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).
- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).
- iwlwifi: use correct group for alive notification (bsc#1187495).
- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).
- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).
- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- kABI compatibility fix for max98373_priv struct (git-fixes).
- kABI workaround for btintel symbol changes (bsc#1188893).
- kABI workaround for intel_th_driver (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let's ignore kABI checks of those.
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).
- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: consider per-CPU statistics if present (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- mac80211: reset profile_periodicity/ema_ap (git-fixes).
- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).
- mt76: mt7615: increase MCU command timeout (git-fixes).
- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mvpp2: suppress warning (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).
- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).
- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).
- net: marvell: Fix OF_MDIO config check (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).
- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- powerpc/stacktrace: Fix spurious 'stale' traces in raise_backtrace_ipi() (bsc#1156395).
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Do not disable clocks at device remove time (git-fixes).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
- rbd: always kick acquire on 'acquired' and 'released' notifications (bsc#1188746).
- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- replaced with upstream security mitigation cleanup
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- rtw88: 8822c: fix lc calibration timing (git-fixes).
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: 8250_pci: Add support for new HPE serial device (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- sfp: Fix error handing in sfp_probe() (git-fixes).
- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).
- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).
- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).
- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- virtio_net: move tx vq operation under tx queue lock (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen/events: reset active flag for lateeoi events later (git-fixes).
- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).
- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).
Patchnames
SUSE-2021-2687,SUSE-SLE-Module-Basesystem-15-SP3-2021-2687,SUSE-SLE-Module-Development-Tools-15-SP3-2021-2687,SUSE-SLE-Module-Legacy-15-SP3-2021-2687,SUSE-SLE-Module-Live-Patching-15-SP3-2021-2687,SUSE-SLE-Product-HA-15-SP3-2021-2687,SUSE-SLE-Product-WE-15-SP3-2021-2687
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).\n- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).\n- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).\n- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).\n\nThe following non-security bugs were fixed:\n\n- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: DPTF: Fix reading of attributes (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).\n- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).\n- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).\n- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).\n- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).\n- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).\n- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).\n- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).\n- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).\n- ALSA: pcm: Fix mmap capability check (git-fixes).\n- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).\n- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).\n- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).\n- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).\n- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).\n- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- ALSA: usx2y: Avoid camelCase (git-fixes).\n- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).\n- ARM: ensure the signal page contains defined contents (bsc#1188445).\n- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).\n- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).\n- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).\n- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).\n- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).\n- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).\n- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).\n- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).\n- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).\n- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5682: Disable irq on shutdown (git-fixes).\n- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).\n- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).\n- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).\n- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).\n- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).\n- Bluetooth: Remove spurious error message (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).\n- Bluetooth: btintel: Check firmware version before download (bsc#1188893).\n- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).\n- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).\n- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).\n- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).\n- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).\n- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).\n- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).\n- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).\n- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).\n- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).\n- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).\n- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).\n- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).\n- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).\n- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).\n- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).\n- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).\n- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).\n- Bluetooth: hci_intel: enable on new platform (bsc#1188893).\n- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).\n- Bluetooth: hci_qca: fix potential GPF (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).\n- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).\n- KVM: nVMX: Consult only the \u0027basic\u0027 exit reason when routing nested exit (bsc#1188773).\n- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).\n- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).\n- RDMA/cma: Protect RMW with qp_mutex (git-fixes).\n- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).\n- RDMA/rtrs-clt: Fix memory leak of not-freed sess-\u003estats and stats-\u003epcpu_stats (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).\n- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).\n- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).\n- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).\n- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).\n- Revert \u0027ACPI: resources: Add checks for ACPI IRQ override\u0027 (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027Bluetooth: btintel: Fix endianness issue for TLV version information\u0027 (bsc#1188893).\n- Revert \u0027USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem\u0027 (git-fixes).\n- Revert \u0027be2net: disable bh with spin_lock in be_process_mcc\u0027 (git-fixes).\n- Revert \u0027drm/i915: Propagate errors on awaiting already signaled fences\u0027 (git-fixes).\n- Revert \u0027drm: add a locked version of drm_is_current_master\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027iwlwifi: remove wide_cmd_header field\u0027 (bsc#1187495).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).\n- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).\n- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).\n- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- bcache: avoid oversized read request in cache missing code path (bsc#1184631).\n- bcache: remove bcache device self-defined readahead (bsc#1184631).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: do not disable an already disabled PCI device (git-fixes).\n- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).\n- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).\n- bonding: fix build issue (git-fixes).\n- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).\n- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).\n- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- cadence: force nonlinear buffers to be cloned (git-fixes).\n- can: ems_usb: fix memory leak (git-fixes).\n- can: esd_usb2: fix memory leak (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: mcba_usb_start(): add missing urb-\u003etransfer_dma initialization (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).\n- can: usb_8dev: fix memory leak (git-fixes).\n- ceph: do not WARN if we\u0027re still opening a session to an MDS (bsc#1188748).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- cifs: Fix preauth hash corruption (git-fixes).\n- cifs: Return correct error code from smb2_get_enc_key (git-fixes).\n- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).\n- cifs: fix interrupted close commands (git-fixes).\n- cifs: fix memory leak in smb2_copychunk_range (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).\n- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: si5341: Update initialization magic (git-fixes).\n- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- coresight: Propagate symlink failure (git-fixes).\n- coresight: core: Fix use of uninitialized pointer (git-fixes).\n- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).\n- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).\n- crypto: sun4i-ss - initialize need_fallback (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- cxgb4: fix IRQ free race during driver unload (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).\n- docs: virt/kvm: close inline string literal (bsc#1188703).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).\n- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).\n- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).\n- drm/amd/display: Fix build warnings (git-fixes).\n- drm/amd/display: Fix off-by-one error in DML (git-fixes).\n- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).\n- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).\n- drm/amd/display: Update scaling settings on modeset (git-fixes).\n- drm/amd/display: Verify Gamma \u0026 Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).\n- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).\n- drm/amd/display: fix incorrrect valid irq check (git-fixes).\n- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).\n- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).\n- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).\n- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).\n- drm/amdgpu: wait for moving fence after pinning (git-fixes).\n- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).\n- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).\n- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).\n- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).\n- drm/arm/malidp: Always list modifiers (git-fixes).\n- drm/bridge/sii8620: fix dependency on extcon (git-fixes).\n- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).\n- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).\n- drm/bridge: nwl-dsi: Force a full modeset when crtc_state-\u003eactive is changed to be true (git-fixes).\n- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).\n- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).\n- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).\n- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).\n- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).\n- drm/msm/mdp4: Fix modifier support enabling (git-fixes).\n- drm/msm: Fix error return code in msm_drm_init() (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).\n- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/rockchip: lvds: Fix an error handling path (git-fixes).\n- drm/sched: Avoid data corruptions (git-fixes).\n- drm/scheduler: Fix hang when sched_entity released (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).\n- drm/vc4: crtc: Skip the TXP (git-fixes).\n- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).\n- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).\n- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).\n- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).\n- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).\n- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm: Return -ENOTTY for non-drm ioctls (git-fixes).\n- drm: add a locked version of drm_is_current_master (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm: bridge: add missing word in Analogix help text (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm: rockchip: add missing registers for RK3066 (git-fixes).\n- drm: rockchip: add missing registers for RK3188 (git-fixes).\n- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).\n- e1000e: Check the PCIm state (git-fixes).\n- e1000e: Fix an error handling path in \u0027e1000_probe()\u0027 (git-fixes).\n- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: Do not delete the mode that is still in use (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).\n- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).\n- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).\n- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).\n- gtp: fix an use-before-init in gtp_newlink() (git-fixes).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: core: Disable client irq on reboot/shutdown (git-fixes).\n- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).\n- i40e: Fix error handling in i40e_vsi_open (git-fixes).\n- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).\n- i40e: fix PTP on 5Gb links (jsc#SLE-13701).\n- iavf: Fix an error handling path in \u0027iavf_probe()\u0027 (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).\n- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).\n- igb: Fix an error handling path in \u0027igb_probe()\u0027 (git-fixes).\n- igb: Fix position of assignment to *ring (git-fixes).\n- igb: Fix use-after-free error during reset (git-fixes).\n- igc: Fix an error handling path in \u0027igc_probe()\u0027 (git-fixes).\n- igc: Fix use-after-free error during reset (git-fixes).\n- igc: change default return of igc_read_phy_reg() (git-fixes).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma180: Use explicit member assignment (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).\n- intel_th: Wait until port is in reset before programming it (git-fixes).\n- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).\n- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).\n- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).\n- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).\n- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).\n- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).\n- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).\n- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).\n- iwlwifi: add trans op to set PNVM (bsc#1187495).\n- iwlwifi: align RX status flags with firmware (bsc#1187495).\n- iwlwifi: api: fix u32 -\u003e __le32 (bsc#1187495).\n- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).\n- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).\n- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).\n- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).\n- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).\n- iwlwifi: dbg: add dumping special device memory (bsc#1187495).\n- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).\n- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).\n- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).\n- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: enable twt by default (bsc#1187495).\n- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).\n- iwlwifi: fix sar geo table initialization (bsc#1187495).\n- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).\n- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).\n- iwlwifi: increase PNVM load timeout (bsc#1187495).\n- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).\n- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).\n- iwlwifi: move PNVM implementation to common code (bsc#1187495).\n- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).\n- iwlwifi: move bc_pool to a common trans header (bsc#1187495).\n- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).\n- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).\n- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).\n- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).\n- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).\n- iwlwifi: mvm: add a get lmac id function (bsc#1187495).\n- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).\n- iwlwifi: mvm: add d3 prints (bsc#1187495).\n- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).\n- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).\n- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).\n- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).\n- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).\n- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).\n- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).\n- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).\n- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).\n- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).\n- iwlwifi: mvm: fix error print when session protection ends (git-fixes).\n- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).\n- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).\n- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).\n- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).\n- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).\n- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).\n- iwlwifi: mvm: ops: Remove unused static struct \u0027iwl_mvm_debug_names\u0027 (bsc#1187495).\n- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).\n- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).\n- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).\n- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).\n- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).\n- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).\n- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).\n- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).\n- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).\n- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).\n- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).\n- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).\n- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).\n- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).\n- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).\n- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).\n- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).\n- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).\n- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).\n- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).\n- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).\n- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).\n- iwlwifi: pcie: fix context info freeing (git-fixes).\n- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).\n- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).\n- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).\n- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).\n- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).\n- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).\n- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).\n- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).\n- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).\n- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).\n- iwlwifi: provide gso_type to GSO packets (bsc#1187495).\n- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).\n- iwlwifi: read and parse PNVM file (bsc#1187495).\n- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).\n- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).\n- iwlwifi: remove wide_cmd_header field (bsc#1187495).\n- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: rs: align to new TLC config command API (bsc#1187495).\n- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).\n- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).\n- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).\n- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).\n- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).\n- iwlwifi: support version 5 of the alive notification (bsc#1187495).\n- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).\n- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).\n- iwlwifi: use correct group for alive notification (bsc#1187495).\n- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).\n- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).\n- ixgbe: Fix an error handling path in \u0027ixgbe_probe()\u0027 (git-fixes).\n- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).\n- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- kABI compatibility fix for max98373_priv struct (git-fixes).\n- kABI workaround for btintel symbol changes (bsc#1188893).\n- kABI workaround for intel_th_driver (git-fixes).\n- kABI workaround for pci/quirks.c (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let\u0027s ignore kABI checks of those.\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- kernel-binary.spec: Fix up usrmerge for non-modular kernels.\n- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel\n- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).\n- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).\n- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).\n- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).\n- kprobes: fix kill kprobe which has been marked as gone (git-fixes).\n- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).\n- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mac80211: consider per-CPU statistics if present (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- mac80211: reset profile_periodicity/ema_ap (git-fixes).\n- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media, bpf: Do not copy more entries than user space requested (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).\n- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).\n- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).\n- misc: alcor_pci: fix inverted branch condition (git-fixes).\n- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mt76: mt7603: set 0 as min coverage_class value (git-fixes).\n- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).\n- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).\n- mt76: mt7615: increase MCU command timeout (git-fixes).\n- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).\n- mt76: set dma-done flag for flushed descriptors (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mvpp2: suppress warning (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).\n- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).\n- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).\n- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).\n- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).\n- net: dp83867: Fix OF_MDIO config check (git-fixes).\n- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).\n- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).\n- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).\n- net: marvell: Fix OF_MDIO config check (git-fixes).\n- net: mvpp2: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).\n- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).\n- nfc: nfcsim: fix use after free during module unload (git-fixes).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).\n- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).\n- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).\n- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).\n- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).\n- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).\n- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).\n- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: ab8500: Avoid NULL pointers (git-fixes).\n- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).\n- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).\n- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).\n- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).\n- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).\n- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).\n- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).\n- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).\n- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).\n- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).\n- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).\n- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).\n- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).\n- powerpc/stacktrace: Fix spurious \u0027stale\u0027 traces in raise_backtrace_ipi() (bsc#1156395).\n- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).\n- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).\n- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).\n- pwm: imx1: Do not disable clocks at device remove time (git-fixes).\n- pwm: spear: Do not modify HW state in .remove callback (git-fixes).\n- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).\n- r8152: Fix potential PM refcount imbalance (bsc#1186194).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).\n- rbd: always kick acquire on \u0027acquired\u0027 and \u0027released\u0027 notifications (bsc#1188746).\n- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi6421: Fix getting wrong drvdata (git-fixes).\n- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- replaced with upstream security mitigation cleanup\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).\n- rtw88: 8822c: fix lc calibration timing (git-fixes).\n- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).\n- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: 8250_pci: Add support for new HPE serial device (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- sfp: Fix error handing in sfp_probe() (git-fixes).\n- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).\n- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).\n- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: cadence: Correct initialisation of runtime PM again (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).\n- spi: mediatek: fix fifo rx mode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).\n- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).\n- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).\n- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tpm: efi: Use local variable for calculating final log size (git-fixes).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Do not reference char * as a string in histograms (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify \u0026 fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).\n- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).\n- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).\n- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).\n- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).\n- usb: max-3421: Prevent corruption of freed memory (git-fixes).\n- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(\u0026port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: update power supply once partner accepts (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- virtio_console: Assure used length from device is limited (git-fixes).\n- virtio_net: move tx vq operation under tx queue lock (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).\n- w1: ds2438: fixing bug that would always get page0 (git-fixes).\n- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).\n- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).\n- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).\n- wireless: carl9170: fix LEDS build errors \u0026 warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xen/events: reset active flag for lateeoi events later (git-fixes).\n- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).\n- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).\n- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).\n- xhci: Fix lost USB 2 remote wake (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2687,SUSE-SLE-Module-Basesystem-15-SP3-2021-2687,SUSE-SLE-Module-Development-Tools-15-SP3-2021-2687,SUSE-SLE-Module-Legacy-15-SP3-2021-2687,SUSE-SLE-Module-Live-Patching-15-SP3-2021-2687,SUSE-SLE-Product-HA-15-SP3-2021-2687,SUSE-SLE-Product-WE-15-SP3-2021-2687",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2687-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2687-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212687-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2687-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009292.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1153274",
"url": "https://bugzilla.suse.com/1153274"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176447",
"url": "https://bugzilla.suse.com/1176447"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1180814",
"url": "https://bugzilla.suse.com/1180814"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1184631",
"url": "https://bugzilla.suse.com/1184631"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185377",
"url": "https://bugzilla.suse.com/1185377"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186194",
"url": "https://bugzilla.suse.com/1186194"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1186483",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187476",
"url": "https://bugzilla.suse.com/1187476"
},
{
"category": "self",
"summary": "SUSE Bug 1187495",
"url": "https://bugzilla.suse.com/1187495"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188101",
"url": "https://bugzilla.suse.com/1188101"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188126",
"url": "https://bugzilla.suse.com/1188126"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188323",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "self",
"summary": "SUSE Bug 1188366",
"url": "https://bugzilla.suse.com/1188366"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188445",
"url": "https://bugzilla.suse.com/1188445"
},
{
"category": "self",
"summary": "SUSE Bug 1188504",
"url": "https://bugzilla.suse.com/1188504"
},
{
"category": "self",
"summary": "SUSE Bug 1188620",
"url": "https://bugzilla.suse.com/1188620"
},
{
"category": "self",
"summary": "SUSE Bug 1188683",
"url": "https://bugzilla.suse.com/1188683"
},
{
"category": "self",
"summary": "SUSE Bug 1188703",
"url": "https://bugzilla.suse.com/1188703"
},
{
"category": "self",
"summary": "SUSE Bug 1188720",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "self",
"summary": "SUSE Bug 1188746",
"url": "https://bugzilla.suse.com/1188746"
},
{
"category": "self",
"summary": "SUSE Bug 1188747",
"url": "https://bugzilla.suse.com/1188747"
},
{
"category": "self",
"summary": "SUSE Bug 1188748",
"url": "https://bugzilla.suse.com/1188748"
},
{
"category": "self",
"summary": "SUSE Bug 1188752",
"url": "https://bugzilla.suse.com/1188752"
},
{
"category": "self",
"summary": "SUSE Bug 1188770",
"url": "https://bugzilla.suse.com/1188770"
},
{
"category": "self",
"summary": "SUSE Bug 1188771",
"url": "https://bugzilla.suse.com/1188771"
},
{
"category": "self",
"summary": "SUSE Bug 1188772",
"url": "https://bugzilla.suse.com/1188772"
},
{
"category": "self",
"summary": "SUSE Bug 1188773",
"url": "https://bugzilla.suse.com/1188773"
},
{
"category": "self",
"summary": "SUSE Bug 1188774",
"url": "https://bugzilla.suse.com/1188774"
},
{
"category": "self",
"summary": "SUSE Bug 1188777",
"url": "https://bugzilla.suse.com/1188777"
},
{
"category": "self",
"summary": "SUSE Bug 1188838",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "self",
"summary": "SUSE Bug 1188876",
"url": "https://bugzilla.suse.com/1188876"
},
{
"category": "self",
"summary": "SUSE Bug 1188885",
"url": "https://bugzilla.suse.com/1188885"
},
{
"category": "self",
"summary": "SUSE Bug 1188893",
"url": "https://bugzilla.suse.com/1188893"
},
{
"category": "self",
"summary": "SUSE Bug 1188973",
"url": "https://bugzilla.suse.com/1188973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37576/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-14T08:17:13Z",
"generator": {
"date": "2021-08-14T08:17:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2687-1",
"initial_release_date": "2021-08-14T08:17:13Z",
"revision_history": [
{
"date": "2021-08-14T08:17:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-al-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-al-5.3.18-59.19.1.aarch64",
"product_id": "dtb-al-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-allwinner-5.3.18-59.19.1.aarch64",
"product_id": "dtb-allwinner-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-altera-5.3.18-59.19.1.aarch64",
"product_id": "dtb-altera-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-amd-5.3.18-59.19.1.aarch64",
"product_id": "dtb-amd-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-amlogic-5.3.18-59.19.1.aarch64",
"product_id": "dtb-amlogic-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-apm-5.3.18-59.19.1.aarch64",
"product_id": "dtb-apm-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-arm-5.3.18-59.19.1.aarch64",
"product_id": "dtb-arm-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-broadcom-5.3.18-59.19.1.aarch64",
"product_id": "dtb-broadcom-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-cavium-5.3.18-59.19.1.aarch64",
"product_id": "dtb-cavium-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-exynos-5.3.18-59.19.1.aarch64",
"product_id": "dtb-exynos-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-freescale-5.3.18-59.19.1.aarch64",
"product_id": "dtb-freescale-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-hisilicon-5.3.18-59.19.1.aarch64",
"product_id": "dtb-hisilicon-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-lg-5.3.18-59.19.1.aarch64",
"product_id": "dtb-lg-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-marvell-5.3.18-59.19.1.aarch64",
"product_id": "dtb-marvell-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-mediatek-5.3.18-59.19.1.aarch64",
"product_id": "dtb-mediatek-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-nvidia-5.3.18-59.19.1.aarch64",
"product_id": "dtb-nvidia-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-qcom-5.3.18-59.19.1.aarch64",
"product_id": "dtb-qcom-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-renesas-5.3.18-59.19.1.aarch64",
"product_id": "dtb-renesas-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-rockchip-5.3.18-59.19.1.aarch64",
"product_id": "dtb-rockchip-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-socionext-5.3.18-59.19.1.aarch64",
"product_id": "dtb-socionext-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-sprd-5.3.18-59.19.1.aarch64",
"product_id": "dtb-sprd-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-xilinx-5.3.18-59.19.1.aarch64",
"product_id": "dtb-xilinx-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-zte-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-zte-5.3.18-59.19.1.aarch64",
"product_id": "dtb-zte-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-extra-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-optional-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-extra-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-optional-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.aarch64",
"product_id": "kernel-obs-build-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.aarch64",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-extra-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-optional-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.aarch64",
"product_id": "kernel-syms-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-59.19.1.noarch",
"product_id": "kernel-devel-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-59.19.1.noarch",
"product_id": "kernel-docs-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-59.19.1.noarch",
"product_id": "kernel-docs-html-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-59.19.1.noarch",
"product_id": "kernel-macros-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-source-5.3.18-59.19.1.noarch",
"product_id": "kernel-source-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-59.19.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-59.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-debug-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-debug-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-debug-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-extra-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-optional-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-obs-build-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-syms-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-devel-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-extra-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-optional-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"product_id": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.s390x",
"product_id": "kernel-obs-build-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.s390x",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.s390x",
"product_id": "kernel-syms-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-zfcpdump-5.3.18-59.19.1.s390x",
"product_id": "kernel-zfcpdump-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-59.19.1.x86_64",
"product_id": "kernel-debug-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-extra-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-optional-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-59_19-preempt-1-7.3.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-59_19-preempt-1-7.3.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-59_19-preempt-1-7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-extra-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-optional-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.x86_64",
"product_id": "kernel-syms-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-59.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-59.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-zfcpdump-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-59.19.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-59.19.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-source-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-extra-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21781"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u0027s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21781",
"url": "https://www.suse.com/security/cve/CVE-2021-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1188445 for CVE-2021-21781",
"url": "https://bugzilla.suse.com/1188445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "low"
}
],
"title": "CVE-2021-21781"
},
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
},
{
"cve": "CVE-2021-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3659"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3659",
"url": "https://www.suse.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "SUSE Bug 1188876 for CVE-2021-3659",
"url": "https://bugzilla.suse.com/1188876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "moderate"
}
],
"title": "CVE-2021-3659"
},
{
"cve": "CVE-2021-37576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37576"
}
],
"notes": [
{
"category": "general",
"text": "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37576",
"url": "https://www.suse.com/security/cve/CVE-2021-37576"
},
{
"category": "external",
"summary": "SUSE Bug 1188838 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "external",
"summary": "SUSE Bug 1188842 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1190276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-59_19-default-1-7.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-59.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:17:13Z",
"details": "important"
}
],
"title": "CVE-2021-37576"
}
]
}
suse-su-2021:2599-2
Vulnerability from csaf_suse
Published
2021-08-05 08:24
Modified
2021-08-05 08:24
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: * context changes
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: * context changes
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: * unsigned long -> uint32_t
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: * only panel-samsung-s6d16d0.c exists
- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: * context changes * GEM_WARN_ON() -> WARN_ON()
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: * context changes
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: * context changes * vc4_hdmi -> vc4->hdmi
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- mac80211: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme: fix in-casule data send for chained sgls (git-fixes).
- nvme: introduce nvme_rdma_sgl structure (git-fixes).
- nvme: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify and fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- UsrMerge the kernel (boo#1184804)
- vfio: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames
SUSE-2021-2599,SUSE-SUSE-MicroOS-5.0-2021-2599
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: \t* context changes\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: \t* context changes\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: \t* unsigned long -\u003e uint32_t\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: \t* only panel-samsung-s6d16d0.c exists\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: \t* context changes \t* GEM_WARN_ON() -\u003e WARN_ON()\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: \t* context changes\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: \t* context changes \t* vc4_hdmi -\u003e vc4-\u003ehdmi\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- mac80211: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme: fix in-casule data send for chained sgls (git-fixes).\n- nvme: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify and fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).\n- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- UsrMerge the kernel (boo#1184804)\n- vfio: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2599,SUSE-SUSE-MicroOS-5.0-2021-2599",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2599-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2599-2",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212599-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2599-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009260.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188525",
"url": "https://bugzilla.suse.com/1188525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-05T08:24:13Z",
"generator": {
"date": "2021-08-05T08:24:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2599-2",
"initial_release_date": "2021-08-05T08:24:13Z",
"revision_history": [
{
"date": "2021-08-05T08:24:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product_id": "kernel-devel-rt-5.3.18-45.3.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product_id": "kernel-source-rt-5.3.18-45.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product_id": "kernel-syms-rt-5.3.18-45.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-45.3.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:kernel-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-05T08:24:13Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
suse-su-2021:2645-1
Vulnerability from csaf_suse
Published
2021-08-10 08:03
Modified
2021-08-10 08:03
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).
The following non-security bugs were fixed:
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: DPTF: Fix reading of attributes (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).
- ALSA: pcm: Fix mmap capability check (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usx2y: Avoid camelCase (git-fixes).
- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).
- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).
- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).
- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).
- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).
- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5682: Disable irq on shutdown (git-fixes).
- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).
- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).
- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).
- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).
- Bluetooth: Remove spurious error message (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).
- Bluetooth: btintel: Check firmware version before download (bsc#1188893).
- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).
- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).
- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).
- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).
- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).
- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).
- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).
- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).
- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).
- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).
- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).
- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).
- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).
- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).
- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).
- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).
- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).
- Bluetooth: hci_intel: enable on new platform (bsc#1188893).
- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).
- Bluetooth: hci_qca: fix potential GPF (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).
- KVM: nVMX: Consult only the 'basic' exit reason when routing nested exit (bsc#1188773).
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).
- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).
- RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).
- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).
- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).
- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).
- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
- Revert 'ACPI: resources: Add checks for ACPI IRQ override' (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'Bluetooth: btintel: Fix endianness issue for TLV version information' (bsc#1188893).
- Revert 'USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem' (git-fixes).
- Revert 'be2net: disable bh with spin_lock in be_process_mcc' (git-fixes).
- Revert 'drm/i915: Propagate errors on awaiting already signaled fences' (git-fixes).
- Revert 'drm: add a locked version of drm_is_current_master' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'iwlwifi: remove wide_cmd_header field' (bsc#1187495).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- bcache: avoid oversized read request in cache missing code path (bsc#1184631).
- bcache: remove bcache device self-defined readahead (bsc#1184631).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: do not disable an already disabled PCI device (git-fixes).
- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).
- bonding: fix build issue (git-fixes).
- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).
- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- cadence: force nonlinear buffers to be cloned (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- coresight: Propagate symlink failure (git-fixes).
- coresight: core: Fix use of uninitialized pointer (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: Revert unnecessary patches that fix unreal use-after-free bugs (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- docs: virt/kvm: close inline string literal (bsc#1188703).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).
- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).
- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
- drm/amd/display: Fix build warnings (git-fixes).
- drm/amd/display: Fix off-by-one error in DML (git-fixes).
- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).
- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).
- drm/amdgpu: wait for moving fence after pinning (git-fixes).
- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge/sii8620: fix dependency on extcon (git-fixes).
- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm/bridge: nwl-dsi: Force a full modeset when crtc_state->active is changed to be true (git-fixes).
- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).
- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).
- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/rockchip: lvds: Fix an error handling path (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/scheduler: Fix hang when sched_entity released (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).
- drm/vc4: crtc: Skip the TXP (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).
- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: add a locked version of drm_is_current_master (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm: bridge: add missing word in Analogix help text (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm: rockchip: add missing registers for RK3066 (git-fixes).
- drm: rockchip: add missing registers for RK3188 (git-fixes).
- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).
- i40e: fix PTP on 5Gb links (jsc#SLE-13701).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).
- intel_th: Wait until port is in reset before programming it (git-fixes).
- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).
- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).
- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).
- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).
- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).
- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).
- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).
- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).
- iwlwifi: add trans op to set PNVM (bsc#1187495).
- iwlwifi: align RX status flags with firmware (bsc#1187495).
- iwlwifi: api: fix u32 -> __le32 (bsc#1187495).
- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).
- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).
- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).
- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).
- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).
- iwlwifi: dbg: add dumping special device memory (bsc#1187495).
- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).
- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).
- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).
- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: enable twt by default (bsc#1187495).
- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).
- iwlwifi: fix sar geo table initialization (bsc#1187495).
- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).
- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).
- iwlwifi: increase PNVM load timeout (bsc#1187495).
- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).
- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).
- iwlwifi: move PNVM implementation to common code (bsc#1187495).
- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).
- iwlwifi: move bc_pool to a common trans header (bsc#1187495).
- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).
- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).
- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).
- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).
- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).
- iwlwifi: mvm: add a get lmac id function (bsc#1187495).
- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).
- iwlwifi: mvm: add d3 prints (bsc#1187495).
- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).
- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).
- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).
- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).
- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).
- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).
- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).
- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).
- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).
- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).
- iwlwifi: mvm: fix error print when session protection ends (git-fixes).
- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).
- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).
- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).
- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).
- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).
- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).
- iwlwifi: mvm: ops: Remove unused static struct 'iwl_mvm_debug_names' (bsc#1187495).
- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).
- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).
- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).
- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).
- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).
- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).
- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).
- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).
- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).
- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).
- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).
- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).
- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).
- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).
- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).
- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).
- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).
- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).
- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).
- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).
- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).
- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).
- iwlwifi: pcie: fix context info freeing (git-fixes).
- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).
- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).
- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).
- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).
- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).
- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).
- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).
- iwlwifi: provide gso_type to GSO packets (bsc#1187495).
- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).
- iwlwifi: read and parse PNVM file (bsc#1187495).
- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).
- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).
- iwlwifi: remove wide_cmd_header field (bsc#1187495).
- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: rs: align to new TLC config command API (bsc#1187495).
- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).
- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).
- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).
- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).
- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).
- iwlwifi: support version 5 of the alive notification (bsc#1187495).
- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).
- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).
- iwlwifi: use correct group for alive notification (bsc#1187495).
- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).
- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).
- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- kABI compatibility fix for max98373_priv struct (git-fixes).
- kABI workaround for btintel symbol changes (bsc#1188893).
- kABI workaround for intel_th_driver (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let's ignore kABI checks of those.
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).
- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: consider per-CPU statistics if present (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- mac80211: reset profile_periodicity/ema_ap (git-fixes).
- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).
- mt76: mt7615: increase MCU command timeout (git-fixes).
- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mvpp2: suppress warning (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).
- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).
- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).
- net: marvell: Fix OF_MDIO config check (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).
- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- powerpc/stacktrace: Fix spurious 'stale' traces in raise_backtrace_ipi() (bsc#1156395).
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Do not disable clocks at device remove time (git-fixes).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
- rbd: always kick acquire on 'acquired' and 'released' notifications (bsc#1188746).
- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- replaced with upstream security mitigation cleanup
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- rtw88: 8822c: fix lc calibration timing (git-fixes).
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: 8250_pci: Add support for new HPE serial device (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- sfp: Fix error handing in sfp_probe() (git-fixes).
- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).
- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).
- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).
- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- virtio_net: move tx vq operation under tx queue lock (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen/events: reset active flag for lateeoi events later (git-fixes).
- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).
- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).
Patchnames
SUSE-2021-2645,SUSE-SLE-Module-Public-Cloud-15-SP3-2021-2645
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).\n- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).\n- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).\n- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).\n\nThe following non-security bugs were fixed:\n\n- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: DPTF: Fix reading of attributes (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).\n- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).\n- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).\n- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).\n- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).\n- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).\n- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).\n- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).\n- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).\n- ALSA: pcm: Fix mmap capability check (git-fixes).\n- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).\n- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).\n- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).\n- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).\n- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).\n- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- ALSA: usx2y: Avoid camelCase (git-fixes).\n- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).\n- ARM: ensure the signal page contains defined contents (bsc#1188445).\n- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).\n- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).\n- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).\n- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).\n- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).\n- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).\n- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).\n- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).\n- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).\n- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5682: Disable irq on shutdown (git-fixes).\n- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).\n- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).\n- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).\n- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).\n- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).\n- Bluetooth: Remove spurious error message (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).\n- Bluetooth: btintel: Check firmware version before download (bsc#1188893).\n- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).\n- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).\n- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).\n- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).\n- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).\n- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).\n- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).\n- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).\n- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).\n- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).\n- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).\n- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).\n- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).\n- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).\n- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).\n- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).\n- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).\n- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).\n- Bluetooth: hci_intel: enable on new platform (bsc#1188893).\n- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).\n- Bluetooth: hci_qca: fix potential GPF (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).\n- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).\n- KVM: nVMX: Consult only the \u0027basic\u0027 exit reason when routing nested exit (bsc#1188773).\n- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).\n- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).\n- RDMA/cma: Protect RMW with qp_mutex (git-fixes).\n- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).\n- RDMA/rtrs-clt: Fix memory leak of not-freed sess-\u003estats and stats-\u003epcpu_stats (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).\n- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).\n- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).\n- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).\n- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).\n- Revert \u0027ACPI: resources: Add checks for ACPI IRQ override\u0027 (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027Bluetooth: btintel: Fix endianness issue for TLV version information\u0027 (bsc#1188893).\n- Revert \u0027USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem\u0027 (git-fixes).\n- Revert \u0027be2net: disable bh with spin_lock in be_process_mcc\u0027 (git-fixes).\n- Revert \u0027drm/i915: Propagate errors on awaiting already signaled fences\u0027 (git-fixes).\n- Revert \u0027drm: add a locked version of drm_is_current_master\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027iwlwifi: remove wide_cmd_header field\u0027 (bsc#1187495).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).\n- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).\n- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).\n- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).\n- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- bcache: avoid oversized read request in cache missing code path (bsc#1184631).\n- bcache: remove bcache device self-defined readahead (bsc#1184631).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: do not disable an already disabled PCI device (git-fixes).\n- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).\n- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).\n- bonding: fix build issue (git-fixes).\n- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).\n- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).\n- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- cadence: force nonlinear buffers to be cloned (git-fixes).\n- can: ems_usb: fix memory leak (git-fixes).\n- can: esd_usb2: fix memory leak (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: mcba_usb_start(): add missing urb-\u003etransfer_dma initialization (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).\n- can: usb_8dev: fix memory leak (git-fixes).\n- ceph: do not WARN if we\u0027re still opening a session to an MDS (bsc#1188748).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- cifs: Fix preauth hash corruption (git-fixes).\n- cifs: Return correct error code from smb2_get_enc_key (git-fixes).\n- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).\n- cifs: fix interrupted close commands (git-fixes).\n- cifs: fix memory leak in smb2_copychunk_range (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).\n- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: si5341: Update initialization magic (git-fixes).\n- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- coresight: Propagate symlink failure (git-fixes).\n- coresight: core: Fix use of uninitialized pointer (git-fixes).\n- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).\n- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).\n- crypto: sun4i-ss - initialize need_fallback (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- cw1200: Revert unnecessary patches that fix unreal use-after-free bugs (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- cxgb4: fix IRQ free race during driver unload (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).\n- docs: virt/kvm: close inline string literal (bsc#1188703).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).\n- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).\n- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).\n- drm/amd/display: Fix build warnings (git-fixes).\n- drm/amd/display: Fix off-by-one error in DML (git-fixes).\n- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).\n- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).\n- drm/amd/display: Verify Gamma \u0026 Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).\n- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).\n- drm/amd/display: fix incorrrect valid irq check (git-fixes).\n- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).\n- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).\n- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).\n- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).\n- drm/amdgpu: wait for moving fence after pinning (git-fixes).\n- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).\n- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).\n- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).\n- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).\n- drm/arm/malidp: Always list modifiers (git-fixes).\n- drm/bridge/sii8620: fix dependency on extcon (git-fixes).\n- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).\n- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).\n- drm/bridge: nwl-dsi: Force a full modeset when crtc_state-\u003eactive is changed to be true (git-fixes).\n- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).\n- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).\n- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).\n- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).\n- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).\n- drm/msm/mdp4: Fix modifier support enabling (git-fixes).\n- drm/msm: Fix error return code in msm_drm_init() (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).\n- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/rockchip: lvds: Fix an error handling path (git-fixes).\n- drm/sched: Avoid data corruptions (git-fixes).\n- drm/scheduler: Fix hang when sched_entity released (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).\n- drm/vc4: crtc: Skip the TXP (git-fixes).\n- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).\n- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).\n- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).\n- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).\n- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).\n- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm: Return -ENOTTY for non-drm ioctls (git-fixes).\n- drm: add a locked version of drm_is_current_master (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm: bridge: add missing word in Analogix help text (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm: rockchip: add missing registers for RK3066 (git-fixes).\n- drm: rockchip: add missing registers for RK3188 (git-fixes).\n- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).\n- e1000e: Check the PCIm state (git-fixes).\n- e1000e: Fix an error handling path in \u0027e1000_probe()\u0027 (git-fixes).\n- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: Do not delete the mode that is still in use (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).\n- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).\n- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).\n- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).\n- gtp: fix an use-before-init in gtp_newlink() (git-fixes).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: core: Disable client irq on reboot/shutdown (git-fixes).\n- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).\n- i40e: Fix error handling in i40e_vsi_open (git-fixes).\n- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).\n- i40e: fix PTP on 5Gb links (jsc#SLE-13701).\n- iavf: Fix an error handling path in \u0027iavf_probe()\u0027 (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).\n- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).\n- igb: Fix an error handling path in \u0027igb_probe()\u0027 (git-fixes).\n- igb: Fix position of assignment to *ring (git-fixes).\n- igb: Fix use-after-free error during reset (git-fixes).\n- igc: Fix an error handling path in \u0027igc_probe()\u0027 (git-fixes).\n- igc: Fix use-after-free error during reset (git-fixes).\n- igc: change default return of igc_read_phy_reg() (git-fixes).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma180: Use explicit member assignment (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).\n- intel_th: Wait until port is in reset before programming it (git-fixes).\n- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).\n- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).\n- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).\n- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).\n- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).\n- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).\n- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).\n- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).\n- iwlwifi: add trans op to set PNVM (bsc#1187495).\n- iwlwifi: align RX status flags with firmware (bsc#1187495).\n- iwlwifi: api: fix u32 -\u003e __le32 (bsc#1187495).\n- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).\n- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).\n- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).\n- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).\n- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).\n- iwlwifi: dbg: add dumping special device memory (bsc#1187495).\n- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).\n- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).\n- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).\n- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: enable twt by default (bsc#1187495).\n- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).\n- iwlwifi: fix sar geo table initialization (bsc#1187495).\n- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).\n- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).\n- iwlwifi: increase PNVM load timeout (bsc#1187495).\n- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).\n- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).\n- iwlwifi: move PNVM implementation to common code (bsc#1187495).\n- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).\n- iwlwifi: move bc_pool to a common trans header (bsc#1187495).\n- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).\n- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).\n- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).\n- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).\n- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).\n- iwlwifi: mvm: add a get lmac id function (bsc#1187495).\n- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).\n- iwlwifi: mvm: add d3 prints (bsc#1187495).\n- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).\n- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).\n- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).\n- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).\n- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).\n- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).\n- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).\n- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).\n- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).\n- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).\n- iwlwifi: mvm: fix error print when session protection ends (git-fixes).\n- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).\n- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).\n- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).\n- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).\n- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).\n- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).\n- iwlwifi: mvm: ops: Remove unused static struct \u0027iwl_mvm_debug_names\u0027 (bsc#1187495).\n- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).\n- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).\n- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).\n- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).\n- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).\n- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).\n- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).\n- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).\n- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).\n- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).\n- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).\n- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).\n- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).\n- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).\n- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).\n- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).\n- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).\n- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).\n- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).\n- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).\n- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).\n- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).\n- iwlwifi: pcie: fix context info freeing (git-fixes).\n- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).\n- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).\n- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).\n- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).\n- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).\n- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).\n- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).\n- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).\n- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).\n- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).\n- iwlwifi: provide gso_type to GSO packets (bsc#1187495).\n- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).\n- iwlwifi: read and parse PNVM file (bsc#1187495).\n- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).\n- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).\n- iwlwifi: remove wide_cmd_header field (bsc#1187495).\n- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: rs: align to new TLC config command API (bsc#1187495).\n- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).\n- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).\n- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).\n- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).\n- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).\n- iwlwifi: support version 5 of the alive notification (bsc#1187495).\n- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).\n- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).\n- iwlwifi: use correct group for alive notification (bsc#1187495).\n- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).\n- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).\n- ixgbe: Fix an error handling path in \u0027ixgbe_probe()\u0027 (git-fixes).\n- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).\n- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- kABI compatibility fix for max98373_priv struct (git-fixes).\n- kABI workaround for btintel symbol changes (bsc#1188893).\n- kABI workaround for intel_th_driver (git-fixes).\n- kABI workaround for pci/quirks.c (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let\u0027s ignore kABI checks of those.\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- kernel-binary.spec: Fix up usrmerge for non-modular kernels.\n- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel\n- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).\n- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).\n- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).\n- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).\n- kprobes: fix kill kprobe which has been marked as gone (git-fixes).\n- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).\n- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mac80211: consider per-CPU statistics if present (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- mac80211: reset profile_periodicity/ema_ap (git-fixes).\n- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media, bpf: Do not copy more entries than user space requested (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).\n- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).\n- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).\n- misc: alcor_pci: fix inverted branch condition (git-fixes).\n- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mt76: mt7603: set 0 as min coverage_class value (git-fixes).\n- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).\n- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).\n- mt76: mt7615: increase MCU command timeout (git-fixes).\n- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).\n- mt76: set dma-done flag for flushed descriptors (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mvpp2: suppress warning (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).\n- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).\n- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).\n- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).\n- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).\n- net: dp83867: Fix OF_MDIO config check (git-fixes).\n- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).\n- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).\n- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).\n- net: marvell: Fix OF_MDIO config check (git-fixes).\n- net: mvpp2: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).\n- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).\n- nfc: nfcsim: fix use after free during module unload (git-fixes).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).\n- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).\n- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).\n- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).\n- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).\n- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).\n- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).\n- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: ab8500: Avoid NULL pointers (git-fixes).\n- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).\n- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).\n- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).\n- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).\n- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).\n- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).\n- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).\n- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).\n- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).\n- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).\n- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).\n- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).\n- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).\n- powerpc/stacktrace: Fix spurious \u0027stale\u0027 traces in raise_backtrace_ipi() (bsc#1156395).\n- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).\n- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).\n- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).\n- pwm: imx1: Do not disable clocks at device remove time (git-fixes).\n- pwm: spear: Do not modify HW state in .remove callback (git-fixes).\n- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).\n- r8152: Fix potential PM refcount imbalance (bsc#1186194).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).\n- rbd: always kick acquire on \u0027acquired\u0027 and \u0027released\u0027 notifications (bsc#1188746).\n- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi6421: Fix getting wrong drvdata (git-fixes).\n- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- replaced with upstream security mitigation cleanup\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).\n- rtw88: 8822c: fix lc calibration timing (git-fixes).\n- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).\n- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: 8250_pci: Add support for new HPE serial device (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- sfp: Fix error handing in sfp_probe() (git-fixes).\n- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).\n- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).\n- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: cadence: Correct initialisation of runtime PM again (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121). \n- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).\n- spi: mediatek: fix fifo rx mode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).\n- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).\n- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).\n- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tpm: efi: Use local variable for calculating final log size (git-fixes).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Do not reference char * as a string in histograms (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify \u0026 fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).\n- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).\n- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).\n- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).\n- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).\n- usb: max-3421: Prevent corruption of freed memory (git-fixes).\n- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(\u0026port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: update power supply once partner accepts (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- virtio_console: Assure used length from device is limited (git-fixes).\n- virtio_net: move tx vq operation under tx queue lock (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).\n- w1: ds2438: fixing bug that would always get page0 (git-fixes).\n- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).\n- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).\n- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).\n- wireless: carl9170: fix LEDS build errors \u0026 warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xen/events: reset active flag for lateeoi events later (git-fixes).\n- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).\n- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).\n- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).\n- xhci: Fix lost USB 2 remote wake (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2645,SUSE-SLE-Module-Public-Cloud-15-SP3-2021-2645",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2645-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2645-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212645-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2645-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009276.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1153274",
"url": "https://bugzilla.suse.com/1153274"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176447",
"url": "https://bugzilla.suse.com/1176447"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1180814",
"url": "https://bugzilla.suse.com/1180814"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1184631",
"url": "https://bugzilla.suse.com/1184631"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185377",
"url": "https://bugzilla.suse.com/1185377"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186194",
"url": "https://bugzilla.suse.com/1186194"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1186483",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187476",
"url": "https://bugzilla.suse.com/1187476"
},
{
"category": "self",
"summary": "SUSE Bug 1187495",
"url": "https://bugzilla.suse.com/1187495"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188101",
"url": "https://bugzilla.suse.com/1188101"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188126",
"url": "https://bugzilla.suse.com/1188126"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188323",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "self",
"summary": "SUSE Bug 1188366",
"url": "https://bugzilla.suse.com/1188366"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188445",
"url": "https://bugzilla.suse.com/1188445"
},
{
"category": "self",
"summary": "SUSE Bug 1188504",
"url": "https://bugzilla.suse.com/1188504"
},
{
"category": "self",
"summary": "SUSE Bug 1188620",
"url": "https://bugzilla.suse.com/1188620"
},
{
"category": "self",
"summary": "SUSE Bug 1188683",
"url": "https://bugzilla.suse.com/1188683"
},
{
"category": "self",
"summary": "SUSE Bug 1188703",
"url": "https://bugzilla.suse.com/1188703"
},
{
"category": "self",
"summary": "SUSE Bug 1188720",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "self",
"summary": "SUSE Bug 1188746",
"url": "https://bugzilla.suse.com/1188746"
},
{
"category": "self",
"summary": "SUSE Bug 1188747",
"url": "https://bugzilla.suse.com/1188747"
},
{
"category": "self",
"summary": "SUSE Bug 1188748",
"url": "https://bugzilla.suse.com/1188748"
},
{
"category": "self",
"summary": "SUSE Bug 1188752",
"url": "https://bugzilla.suse.com/1188752"
},
{
"category": "self",
"summary": "SUSE Bug 1188770",
"url": "https://bugzilla.suse.com/1188770"
},
{
"category": "self",
"summary": "SUSE Bug 1188771",
"url": "https://bugzilla.suse.com/1188771"
},
{
"category": "self",
"summary": "SUSE Bug 1188772",
"url": "https://bugzilla.suse.com/1188772"
},
{
"category": "self",
"summary": "SUSE Bug 1188773",
"url": "https://bugzilla.suse.com/1188773"
},
{
"category": "self",
"summary": "SUSE Bug 1188774",
"url": "https://bugzilla.suse.com/1188774"
},
{
"category": "self",
"summary": "SUSE Bug 1188777",
"url": "https://bugzilla.suse.com/1188777"
},
{
"category": "self",
"summary": "SUSE Bug 1188838",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "self",
"summary": "SUSE Bug 1188876",
"url": "https://bugzilla.suse.com/1188876"
},
{
"category": "self",
"summary": "SUSE Bug 1188885",
"url": "https://bugzilla.suse.com/1188885"
},
{
"category": "self",
"summary": "SUSE Bug 1188893",
"url": "https://bugzilla.suse.com/1188893"
},
{
"category": "self",
"summary": "SUSE Bug 1188973",
"url": "https://bugzilla.suse.com/1188973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37576/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-10T08:03:30Z",
"generator": {
"date": "2021-08-10T08:03:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2645-1",
"initial_release_date": "2021-08-10T08:03:30Z",
"revision_history": [
{
"date": "2021-08-10T08:03:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-5.3.18-38.17.1.noarch",
"product": {
"name": "kernel-devel-azure-5.3.18-38.17.1.noarch",
"product_id": "kernel-devel-azure-5.3.18-38.17.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-5.3.18-38.17.1.noarch",
"product": {
"name": "kernel-source-azure-5.3.18-38.17.1.noarch",
"product_id": "kernel-source-azure-5.3.18-38.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "dlm-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-devel-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-devel-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-extra-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-extra-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-optional-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-optional-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-syms-azure-5.3.18-38.17.1.x86_64",
"product_id": "kernel-syms-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.3.18-38.17.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.3.18-38.17.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.3.18-38.17.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch"
},
"product_reference": "kernel-devel-azure-5.3.18-38.17.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.3.18-38.17.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch"
},
"product_reference": "kernel-source-azure-5.3.18-38.17.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.3.18-38.17.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21781"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u0027s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21781",
"url": "https://www.suse.com/security/cve/CVE-2021-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1188445 for CVE-2021-21781",
"url": "https://bugzilla.suse.com/1188445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "low"
}
],
"title": "CVE-2021-21781"
},
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
},
{
"cve": "CVE-2021-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3659"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3659",
"url": "https://www.suse.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "SUSE Bug 1188876 for CVE-2021-3659",
"url": "https://bugzilla.suse.com/1188876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "moderate"
}
],
"title": "CVE-2021-3659"
},
{
"cve": "CVE-2021-37576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37576"
}
],
"notes": [
{
"category": "general",
"text": "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37576",
"url": "https://www.suse.com/security/cve/CVE-2021-37576"
},
{
"category": "external",
"summary": "SUSE Bug 1188838 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "external",
"summary": "SUSE Bug 1188842 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1190276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-38.17.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:30Z",
"details": "important"
}
],
"title": "CVE-2021-37576"
}
]
}
suse-su-2021:2408-1
Vulnerability from csaf_suse
Published
2021-07-20 12:40
Modified
2021-07-20 12:40
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116).
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- Blacklist already cherry-picked ASoC commits
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify and fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- UsrMerge the kernel (boo#1184804)
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
Patchnames
SUSE-2021-2408,SUSE-SLE-Module-Public-Cloud-15-SP2-2021-2408
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c (bnc#1188116).\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- Blacklist already cherry-picked ASoC commits\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- kernel-binary.spec: Fix up usrmerge for non-modular kernels.\n- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify and fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- UsrMerge the kernel (boo#1184804)\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2408,SUSE-SLE-Module-Public-Cloud-15-SP2-2021-2408",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2408-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2408-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212408-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2408-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009160.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-20T12:40:34Z",
"generator": {
"date": "2021-07-20T12:40:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2408-1",
"initial_release_date": "2021-07-20T12:40:34Z",
"revision_history": [
{
"date": "2021-07-20T12:40:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-5.3.18-18.58.1.noarch",
"product": {
"name": "kernel-devel-azure-5.3.18-18.58.1.noarch",
"product_id": "kernel-devel-azure-5.3.18-18.58.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-5.3.18-18.58.1.noarch",
"product": {
"name": "kernel-source-azure-5.3.18-18.58.1.noarch",
"product_id": "kernel-source-azure-5.3.18-18.58.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-5.3.18-18.58.1.x86_64",
"product_id": "cluster-md-kmp-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "dlm-kmp-azure-5.3.18-18.58.1.x86_64",
"product_id": "dlm-kmp-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-5.3.18-18.58.1.x86_64",
"product_id": "gfs2-kmp-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "kernel-azure-5.3.18-18.58.1.x86_64",
"product_id": "kernel-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.3.18-18.58.1.x86_64",
"product": {
"name": "kernel-azure-devel-5.3.18-18.58.1.x86_64",
"product_id": "kernel-azure-devel-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.3.18-18.58.1.x86_64",
"product": {
"name": "kernel-azure-extra-5.3.18-18.58.1.x86_64",
"product_id": "kernel-azure-extra-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.3.18-18.58.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-5.3.18-18.58.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "kernel-syms-azure-5.3.18-18.58.1.x86_64",
"product_id": "kernel-syms-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-5.3.18-18.58.1.x86_64",
"product_id": "kselftests-kmp-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-5.3.18-18.58.1.x86_64",
"product_id": "ocfs2-kmp-azure-5.3.18-18.58.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.3.18-18.58.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-5.3.18-18.58.1.x86_64",
"product_id": "reiserfs-kmp-azure-5.3.18-18.58.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.3.18-18.58.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64"
},
"product_reference": "kernel-azure-5.3.18-18.58.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.3.18-18.58.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.3.18-18.58.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.3.18-18.58.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch"
},
"product_reference": "kernel-devel-azure-5.3.18-18.58.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.3.18-18.58.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch"
},
"product_reference": "kernel-source-azure-5.3.18-18.58.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.3.18-18.58.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.3.18-18.58.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:34Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:34Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:34Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-azure-devel-5.3.18-18.58.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-devel-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-source-azure-5.3.18-18.58.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:kernel-syms-azure-5.3.18-18.58.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:34Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
suse-su-2021:2407-1
Vulnerability from csaf_suse
Published
2021-07-20 12:40
Modified
2021-07-20 12:40
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bnc#1188116)
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation (bsc#1187050).
The following non-security bugs were fixed:
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: flexcan: disable completely the ECC mechanism (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (12sp5).
- cxgb4: fix wrong shift (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188273).
- fuse: reject internal errno (bsc#1188274).
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: trigger: fix potential deadlock with libata (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lpfc: Decouple port_template and vport_template (bsc#1185032).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
- mlxsw: spectrum: Do not process learned records with a dummy FID (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net: caif: Fix debugfs on 64-bit platforms (git-fixes).
- net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes).
- net: stmmac: Correctly take timestamp for PTPv2 (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- netsec: restore phy power state after controller reset (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
- Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- sched/numa: Fix a possible divide-by-zero (git-fixes)
- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1188010).
- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
Patchnames
SUSE-2021-2407,SUSE-SLE-SERVER-12-SP5-2021-2407
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bnc#1188116)\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges (bsc#1188062).\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation (bsc#1187050).\n\nThe following non-security bugs were fixed:\n\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).\n- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: flexcan: disable completely the ECC mechanism (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- crypto: cavium/nitrox - Fix an error rhandling path in \u0027nitrox_probe()\u0027 (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (12sp5).\n- cxgb4: fix wrong shift (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188273).\n- fuse: reject internal errno (bsc#1188274).\n- genirq: Disable interrupts for force threaded handlers (git-fixes)\n- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)\n- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)\n- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).\n- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).\n- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).\n- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: trigger: fix potential deadlock with libata (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lpfc: Decouple port_template and vport_template (bsc#1185032).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).\n- mlxsw: spectrum: Do not process learned records with a dummy FID (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net: caif: Fix debugfs on 64-bit platforms (git-fixes).\n- net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes).\n- net: stmmac: Correctly take timestamp for PTPv2 (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- netsec: restore phy power state after controller reset (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).\n- PCI: Mark TI C667X to avoid bus reset (git-fixes).\n- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027hwmon: (lm80) fix a missing check of bus read in lm80 probe\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027PCI: PM: Do not read power state in pci_enable_device_flags()\u0027 (git-fixes).\n- Revert \u0027USB: cdc-acm: fix rounding error in TIOCSSERIAL\u0027 (git-fixes).\n- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)\n- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)\n- sched/fair: Fix unfairness caused by missing load decay (git-fixes)\n- sched/numa: Fix a possible divide-by-zero (git-fixes)\n- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1188010).\n- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2407,SUSE-SLE-SERVER-12-SP5-2021-2407",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2407-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2407-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212407-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2407-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009167.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1153720",
"url": "https://bugzilla.suse.com/1153720"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1185032",
"url": "https://bugzilla.suse.com/1185032"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1185995",
"url": "https://bugzilla.suse.com/1185995"
},
{
"category": "self",
"summary": "SUSE Bug 1187050",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1187934",
"url": "https://bugzilla.suse.com/1187934"
},
{
"category": "self",
"summary": "SUSE Bug 1188010",
"url": "https://bugzilla.suse.com/1188010"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188273",
"url": "https://bugzilla.suse.com/1188273"
},
{
"category": "self",
"summary": "SUSE Bug 1188274",
"url": "https://bugzilla.suse.com/1188274"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-20T12:40:21Z",
"generator": {
"date": "2021-07-20T12:40:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2407-1",
"initial_release_date": "2021-07-20T12:40:21Z",
"revision_history": [
{
"date": "2021-07-20T12:40:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.65.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.65.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.65.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.65.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.65.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.65.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.65.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.65.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.65.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.65.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.65.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T12:40:21Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
suse-su-2021:2416-1
Vulnerability from csaf_suse
Published
2021-07-20 14:13
Modified
2021-07-20 14:13
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)
The following non-security bugs were fixed:
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
- cxgb4: fix wrong shift (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188273).
- fuse: reject internal errno (bsc#1188274).
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).>
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: trigger: fix potential deadlock with libata (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lpfc: Decouple port_template and vport_template (bsc#1185032).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- netsec: restore phy power state after controller reset (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
- Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- sched/numa: Fix a possible divide-by-zero (git-fixes)
- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
Patchnames
SUSE-2021-2416,SUSE-SLE-HA-12-SP5-2021-2416,SUSE-SLE-Live-Patching-12-SP5-2021-2416,SUSE-SLE-SDK-12-SP5-2021-2416,SUSE-SLE-SERVER-12-SP5-2021-2416,SUSE-SLE-WE-12-SP5-2021-2416
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)\n\nThe following non-security bugs were fixed:\n\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).\n- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- crypto: cavium/nitrox - Fix an error rhandling path in \u0027nitrox_probe()\u0027 (git-fixes).\n- cxgb4: fix wrong shift (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188273).\n- fuse: reject internal errno (bsc#1188274).\n- genirq: Disable interrupts for force threaded handlers (git-fixes)\n- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)\n- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)\n- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).\n- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).\n- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).\n- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\u003e\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: trigger: fix potential deadlock with libata (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lpfc: Decouple port_template and vport_template (bsc#1185032).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- netsec: restore phy power state after controller reset (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).\n- PCI: Mark TI C667X to avoid bus reset (git-fixes).\n- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027hwmon: (lm80) fix a missing check of bus read in lm80 probe\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027PCI: PM: Do not read power state in pci_enable_device_flags()\u0027 (git-fixes).\n- Revert \u0027USB: cdc-acm: fix rounding error in TIOCSSERIAL\u0027 (git-fixes).\n- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)\n- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)\n- sched/fair: Fix unfairness caused by missing load decay (git-fixes)\n- sched/numa: Fix a possible divide-by-zero (git-fixes)\n- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2416,SUSE-SLE-HA-12-SP5-2021-2416,SUSE-SLE-Live-Patching-12-SP5-2021-2416,SUSE-SLE-SDK-12-SP5-2021-2416,SUSE-SLE-SERVER-12-SP5-2021-2416,SUSE-SLE-WE-12-SP5-2021-2416",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2416-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2416-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212416-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2416-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009169.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1153720",
"url": "https://bugzilla.suse.com/1153720"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1185032",
"url": "https://bugzilla.suse.com/1185032"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1185995",
"url": "https://bugzilla.suse.com/1185995"
},
{
"category": "self",
"summary": "SUSE Bug 1187050",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1187934",
"url": "https://bugzilla.suse.com/1187934"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188273",
"url": "https://bugzilla.suse.com/1188273"
},
{
"category": "self",
"summary": "SUSE Bug 1188274",
"url": "https://bugzilla.suse.com/1188274"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-20T14:13:25Z",
"generator": {
"date": "2021-07-20T14:13:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2416-1",
"initial_release_date": "2021-07-20T14:13:25Z",
"revision_history": [
{
"date": "2021-07-20T14:13:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.80.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.80.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.80.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.80.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.80.1.aarch64",
"product_id": "kernel-default-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.80.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.80.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.80.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.aarch64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.80.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.80.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.80.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.80.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.80.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.80.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.aarch64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.aarch64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.80.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.80.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.80.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.80.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.80.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.80.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.80.1.noarch",
"product_id": "kernel-devel-4.12.14-122.80.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.80.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.80.1.noarch",
"product_id": "kernel-docs-4.12.14-122.80.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.80.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.80.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.80.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.80.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.80.1.noarch",
"product_id": "kernel-macros-4.12.14-122.80.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.80.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.80.1.noarch",
"product_id": "kernel-source-4.12.14-122.80.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.80.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.80.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.80.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.ppc64le",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.80.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.80.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.80.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.80.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.80.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.80.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.80.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.80.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.80.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.80.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.80.1.s390x",
"product_id": "kernel-syms-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.80.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.80.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.80.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.s390x",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.80.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.80.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.80.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.80.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.80.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.80.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.80.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.80.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.80.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.80.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-debug-kgraft-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.80.1.x86_64",
"product_id": "kernel-default-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.80.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.80.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.80.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.80.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-kvmsmall-kgraft-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-kvmsmall-kgraft-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.80.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.80.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.80.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.80.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.80.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.x86_64",
"product": {
"name": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.x86_64",
"product_id": "kernel-vanilla-kgraft-devel-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.80.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.80.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.80.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP5",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.80.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.80.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-122.80.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-122.80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T14:13:25Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T14:13:25Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T14:13:25Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T14:13:25Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:cluster-md-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:dlm-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:gfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP5:ocfs2-kmp-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_80-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-base-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-devel-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-default-man-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-macros-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-docs-4.12.14-122.80.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:kernel-obs-build-4.12.14-122.80.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP5:kernel-default-extra-4.12.14-122.80.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-20T14:13:25Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
suse-su-2021:2643-1
Vulnerability from csaf_suse
Published
2021-08-10 08:03
Modified
2021-08-10 08:03
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. (bsc#1176724).
- CVE-2020-36386: Fixed a slab out-of-bounds read in hci_extended_inquiry_result_evt (bsc#1187038).
- CVE-2021-22543: Fixed an improper handling of VM_IO|VM_PFNMAP vmas in KVM that allows users to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (bnc#1186482)
- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)
The following non-security bugs were fixed:
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
- Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
- Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: move many drivers to use DEVICE_ATTR_WO (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: sja1000: sja1000_err(): do not count arbitration lose as an error (git-fixes).
- can: sun4i_can: sun4i_can_err(): do not count arbitration lose as an error (git-fixes).
- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188750).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- cosa: Add missing kfree in error path of cosa_write (git-fixes).
- crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
- crypto: do not free algorithm before using (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix wrong shift (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- e100: handle eeprom as little endian (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188273).
- fuse: reject internal errno (bsc#1188274).
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add NULL pointer checks when freeing irqs (bsc#1176940).
- gve: Add basic driver framework for Compute Engine Virtual NIC (jsc#SLE-10538).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add ethtool support (jsc#SLE-10538).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Add workqueue and reset support (jsc#SLE-10538).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: Copy and paste bug in gve_get_stats() (jsc#SLE-10538).
- gve: Correct SKB queue index validation (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (bsc#1176940).
- gve: Fix case where desc_cnt and data_cnt can get out of sync (jsc#SLE-10538).
- gve: Fix error return code in gve_alloc_qpls() (jsc#SLE-10538).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix the queue page list allocated pages count (bsc#1176940).
- gve: Fix u64_stats_sync to initialize start (jsc#SLE-10538).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Fixes DMA synchronization (jsc#SLE-10538).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Remove the exporting of gve_probe (jsc#SLE-10538).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Update mgmt_msix_idx if num_ntfy changes (bsc#1176940).
- gve: Upgrade memory barrier in poll routine (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: fix -ENOMEM null check on a page allocation (jsc#SLE-10538).
- gve: fix dma sync bug where not all pages synced (bsc#1176940).
- gve: fix unused variable/label warnings (jsc#SLE-10538).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- gve: replace kfree with kvfree (jsc#SLE-10538).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- kabi: fix nvme_wait_freeze_timeout() return type (bsc#1181161).
- kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: trigger: fix potential deadlock with libata (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lpfc: Decouple port_template and vport_template (bsc#1185032).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- mlxsw: core: Use variable timeout for EMAD retries (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Disable QoS when min_rates on all VFs are zero (git-fixes).
- net/mlx5: Query PPS pin operational status before registering it (git-fixes).
- net/mlx5: Verify Hardware supports requested ptp function on a given pin (git-fixes).
- net: Google gve: Remove dma_wmb() before ringing doorbell (bsc#1176940).
- net: b44: fix error return code in b44_init_one() (git-fixes).
- net: broadcom CNIC: requires MMU (git-fixes).
- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- netsec: restore phy power state after controller reset (git-fixes).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-core: add cancel tagset helpers (bsc#1181161).
- nvme-multipath: fix double initialization of ANA state (bsc#1181161).
- nvme-rdma: add clean action for failed reconnection (bsc#1181161).
- nvme-rdma: fix reset hang if controller died in the middle of a reset (bsc#1181161).
- nvme-rdma: use cancel tagset helper for tear down (bsc#1181161).
- nvme: have nvme_wait_freeze_timeout return if it timed out (bsc#1181161).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- nvmet: use new ana_log_size instead the old one (bsc#1181161).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries/scm: Use a specific endian format for storing uuid from the device tree (bsc#1113295, git-fixes).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- sched/numa: Fix a possible divide-by-zero (git-fixes)
- scripts/git_sort/git_sort.py: add bpf git repo
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- scsi: smartpqi: create module parameters for LUN reset (bsc#1179195).
- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: move many drivers to use DEVICE_ATTR_WO (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usbip: Fix incorrect double assignment to udc->ud.tcp_rx (git-fixes).
- usbip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes).
- usbip: vudc synchronize sysfs code paths (git-fixes).
- usbip: vudc: fix missing unlock on error in usbip_sockfd_store() (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen-pciback: reconfigure also from backend watch handler (git-fixes).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
Patchnames
SUSE-2021-2643,SUSE-SLE-RT-12-SP5-2021-2643
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).\n- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. (bsc#1176724).\n- CVE-2020-36386: Fixed a slab out-of-bounds read in hci_extended_inquiry_result_evt (bsc#1187038).\n- CVE-2021-22543: Fixed an improper handling of VM_IO|VM_PFNMAP vmas in KVM that allows users to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (bnc#1186482)\n- CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)\n\nThe following non-security bugs were fixed:\n\n- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).\n- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).\n- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).\n- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).\n- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).\n- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).\n- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Mark TI C667X to avoid bus reset (git-fixes).\n- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).\n- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027PCI: PM: Do not read power state in pci_enable_device_flags()\u0027 (git-fixes).\n- Revert \u0027USB: cdc-acm: fix rounding error in TIOCSSERIAL\u0027 (git-fixes).\n- Revert \u0027hwmon: (lm80) fix a missing check of bus read in lm80 probe\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- USB: move many drivers to use DEVICE_ATTR_WO (git-fixes).\n- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).\n- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).\n- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).\n- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).\n- arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).\n- arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: ems_usb: fix memory leak (git-fixes).\n- can: esd_usb2: fix memory leak (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: mcba_usb_start(): add missing urb-\u003etransfer_dma initialization (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).\n- can: sja1000: sja1000_err(): do not count arbitration lose as an error (git-fixes).\n- can: sun4i_can: sun4i_can_err(): do not count arbitration lose as an error (git-fixes).\n- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).\n- can: usb_8dev: fix memory leak (git-fixes).\n- ceph: do not WARN if we\u0027re still opening a session to an MDS (bsc#1188750).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- cifs: Fix preauth hash corruption (git-fixes).\n- cifs: Return correct error code from smb2_get_enc_key (git-fixes).\n- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb-\u003eprepath (git-fixes).\n- cifs: fix interrupted close commands (git-fixes).\n- cifs: fix memory leak in smb2_copychunk_range (git-fixes).\n- cosa: Add missing kfree in error path of cosa_write (git-fixes).\n- crypto: cavium/nitrox - Fix an error rhandling path in \u0027nitrox_probe()\u0027 (git-fixes).\n- crypto: do not free algorithm before using (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- cxgb4: fix wrong shift (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm: Return -ENOTTY for non-drm ioctls (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- e100: handle eeprom as little endian (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188273).\n- fuse: reject internal errno (bsc#1188274).\n- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)\n- genirq: Disable interrupts for force threaded handlers (git-fixes)\n- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)\n- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)\n- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add NULL pointer checks when freeing irqs (bsc#1176940).\n- gve: Add basic driver framework for Compute Engine Virtual NIC (jsc#SLE-10538).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add ethtool support (jsc#SLE-10538).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: Add workqueue and reset support (jsc#SLE-10538).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: Copy and paste bug in gve_get_stats() (jsc#SLE-10538).\n- gve: Correct SKB queue index validation (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (bsc#1176940).\n- gve: Fix case where desc_cnt and data_cnt can get out of sync (jsc#SLE-10538).\n- gve: Fix error return code in gve_alloc_qpls() (jsc#SLE-10538).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix the queue page list allocated pages count (bsc#1176940).\n- gve: Fix u64_stats_sync to initialize start (jsc#SLE-10538).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Fixes DMA synchronization (jsc#SLE-10538).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Remove the exporting of gve_probe (jsc#SLE-10538).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Update mgmt_msix_idx if num_ntfy changes (bsc#1176940).\n- gve: Upgrade memory barrier in poll routine (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: fix -ENOMEM null check on a page allocation (jsc#SLE-10538).\n- gve: fix dma sync bug where not all pages synced (bsc#1176940).\n- gve: fix unused variable/label warnings (jsc#SLE-10538).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- gve: replace kfree with kvfree (jsc#SLE-10538).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma180: Use explicit member assignment (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- kabi: fix nvme_wait_freeze_timeout() return type (bsc#1181161).\n- kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: trigger: fix potential deadlock with libata (git-fixes).\n- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lpfc: Decouple port_template and vport_template (bsc#1185032).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).\n- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).\n- mlxsw: core: Use variable timeout for EMAD retries (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net/mlx5: Disable QoS when min_rates on all VFs are zero (git-fixes).\n- net/mlx5: Query PPS pin operational status before registering it (git-fixes).\n- net/mlx5: Verify Hardware supports requested ptp function on a given pin (git-fixes).\n- net: Google gve: Remove dma_wmb() before ringing doorbell (bsc#1176940).\n- net: b44: fix error return code in b44_init_one() (git-fixes).\n- net: broadcom CNIC: requires MMU (git-fixes).\n- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- netsec: restore phy power state after controller reset (git-fixes).\n- nfc: nfcsim: fix use after free during module unload (git-fixes).\n- nvme-core: add cancel tagset helpers (bsc#1181161).\n- nvme-multipath: fix double initialization of ANA state (bsc#1181161).\n- nvme-rdma: add clean action for failed reconnection (bsc#1181161).\n- nvme-rdma: fix reset hang if controller died in the middle of a reset (bsc#1181161).\n- nvme-rdma: use cancel tagset helper for tear down (bsc#1181161).\n- nvme: have nvme_wait_freeze_timeout return if it timed out (bsc#1181161).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- nvmet: use new ana_log_size instead the old one (bsc#1181161).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: ab8500: Avoid NULL pointers (git-fixes).\n- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).\n- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).\n- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).\n- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).\n- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries/scm: Use a specific endian format for storing uuid from the device tree (bsc#1113295, git-fixes).\n- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).\n- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).\n- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).\n- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).\n- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).\n- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).\n- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).\n- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).\n- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).\n- pwm: spear: Do not modify HW state in .remove callback (git-fixes).\n- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: sti: reset-syscfg: fix struct description warnings (git-fixes).\n- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)\n- sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)\n- sched/fair: Fix unfairness caused by missing load decay (git-fixes)\n- sched/numa: Fix a possible divide-by-zero (git-fixes)\n- scripts/git_sort/git_sort.py: add bpf git repo\n- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).\n- scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- scsi: smartpqi: create module parameters for LUN reset (bsc#1179195).\n- serial: mvebu-uart: clarify the baud rate derivation (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- smb3: Fix out-of-bounds bug in SMB2_negotiate() (git-fixes).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: mediatek: fix fifo rx mode (git-fixes).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- tracing: Do not reference char * as a string in histograms (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).\n- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).\n- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).\n- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).\n- usb: max-3421: Prevent corruption of freed memory (git-fixes).\n- usb: move many drivers to use DEVICE_ATTR_WO (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usbip: Fix incorrect double assignment to udc-\u003eud.tcp_rx (git-fixes).\n- usbip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes).\n- usbip: vudc synchronize sysfs code paths (git-fixes).\n- usbip: vudc: fix missing unlock on error in usbip_sockfd_store() (git-fixes).\n- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).\n- virtio_console: Assure used length from device is limited (git-fixes).\n- w1: ds2438: fixing bug that would always get page0 (git-fixes).\n- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).\n- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).\n- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).\n- x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xen-pciback: reconfigure also from backend watch handler (git-fixes).\n- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).\n- xhci: Fix lost USB 2 remote wake (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2643,SUSE-SLE-RT-12-SP5-2021-2643",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2643-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2643-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212643-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2643-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009279.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1153720",
"url": "https://bugzilla.suse.com/1153720"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176724",
"url": "https://bugzilla.suse.com/1176724"
},
{
"category": "self",
"summary": "SUSE Bug 1176931",
"url": "https://bugzilla.suse.com/1176931"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179195",
"url": "https://bugzilla.suse.com/1179195"
},
{
"category": "self",
"summary": "SUSE Bug 1181161",
"url": "https://bugzilla.suse.com/1181161"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185032",
"url": "https://bugzilla.suse.com/1185032"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185377",
"url": "https://bugzilla.suse.com/1185377"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1185995",
"url": "https://bugzilla.suse.com/1185995"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1186672",
"url": "https://bugzilla.suse.com/1186672"
},
{
"category": "self",
"summary": "SUSE Bug 1187038",
"url": "https://bugzilla.suse.com/1187038"
},
{
"category": "self",
"summary": "SUSE Bug 1187050",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187476",
"url": "https://bugzilla.suse.com/1187476"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1187846",
"url": "https://bugzilla.suse.com/1187846"
},
{
"category": "self",
"summary": "SUSE Bug 1188026",
"url": "https://bugzilla.suse.com/1188026"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188101",
"url": "https://bugzilla.suse.com/1188101"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188273",
"url": "https://bugzilla.suse.com/1188273"
},
{
"category": "self",
"summary": "SUSE Bug 1188274",
"url": "https://bugzilla.suse.com/1188274"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188620",
"url": "https://bugzilla.suse.com/1188620"
},
{
"category": "self",
"summary": "SUSE Bug 1188750",
"url": "https://bugzilla.suse.com/1188750"
},
{
"category": "self",
"summary": "SUSE Bug 1188838",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "self",
"summary": "SUSE Bug 1188842",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "self",
"summary": "SUSE Bug 1188876",
"url": "https://bugzilla.suse.com/1188876"
},
{
"category": "self",
"summary": "SUSE Bug 1188885",
"url": "https://bugzilla.suse.com/1188885"
},
{
"category": "self",
"summary": "SUSE Bug 1188973",
"url": "https://bugzilla.suse.com/1188973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0429 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36385 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36386 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37576/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-10T08:03:06Z",
"generator": {
"date": "2021-08-10T08:03:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2643-1",
"initial_release_date": "2021-08-10T08:03:06Z",
"revision_history": [
{
"date": "2021-08-10T08:03:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.54.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.54.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.54.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.54.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.54.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.54.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.54.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.54.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.54.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.54.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.54.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0429"
}
],
"notes": [
{
"category": "general",
"text": "In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0429",
"url": "https://www.suse.com/security/cve/CVE-2020-0429"
},
{
"category": "external",
"summary": "SUSE Bug 1176724 for CVE-2020-0429",
"url": "https://bugzilla.suse.com/1176724"
},
{
"category": "external",
"summary": "SUSE Bug 1176931 for CVE-2020-0429",
"url": "https://bugzilla.suse.com/1176931"
},
{
"category": "external",
"summary": "SUSE Bug 1188026 for CVE-2020-0429",
"url": "https://bugzilla.suse.com/1188026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2020-0429"
},
{
"cve": "CVE-2020-36385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36385"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36385",
"url": "https://www.suse.com/security/cve/CVE-2020-36385"
},
{
"category": "external",
"summary": "SUSE Bug 1187050 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187050"
},
{
"category": "external",
"summary": "SUSE Bug 1187052 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1187052"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1196174 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196174"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196810"
},
{
"category": "external",
"summary": "SUSE Bug 1196914 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1196914"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1200084"
},
{
"category": "external",
"summary": "SUSE Bug 1201734 for CVE-2020-36385",
"url": "https://bugzilla.suse.com/1201734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2020-36386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36386"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36386",
"url": "https://www.suse.com/security/cve/CVE-2020-36386"
},
{
"category": "external",
"summary": "SUSE Bug 1187038 for CVE-2020-36386",
"url": "https://bugzilla.suse.com/1187038"
},
{
"category": "external",
"summary": "SUSE Bug 1192868 for CVE-2020-36386",
"url": "https://bugzilla.suse.com/1192868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2020-36386"
},
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
},
{
"cve": "CVE-2021-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3659"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3659",
"url": "https://www.suse.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "SUSE Bug 1188876 for CVE-2021-3659",
"url": "https://bugzilla.suse.com/1188876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "moderate"
}
],
"title": "CVE-2021-3659"
},
{
"cve": "CVE-2021-37576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37576"
}
],
"notes": [
{
"category": "general",
"text": "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37576",
"url": "https://www.suse.com/security/cve/CVE-2021-37576"
},
{
"category": "external",
"summary": "SUSE Bug 1188838 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "external",
"summary": "SUSE Bug 1188842 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1190276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.54.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.54.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:06Z",
"details": "important"
}
],
"title": "CVE-2021-37576"
}
]
}
suse-su-2021:2599-1
Vulnerability from csaf_suse
Published
2021-08-03 12:46
Modified
2021-08-03 12:46
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: * context changes
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: * context changes
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: * unsigned long -> uint32_t
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: * only panel-samsung-s6d16d0.c exists
- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: * context changes * GEM_WARN_ON() -> WARN_ON()
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: * context changes
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: * context changes * vc4_hdmi -> vc4->hdmi
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- mac80211: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme: fix in-casule data send for chained sgls (git-fixes).
- nvme: introduce nvme_rdma_sgl structure (git-fixes).
- nvme: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify and fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- UsrMerge the kernel (boo#1184804)
- vfio: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames
SUSE-2021-2599,SUSE-SLE-Module-RT-15-SP2-2021-2599
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: \t* context changes\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: \t* context changes\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: \t* unsigned long -\u003e uint32_t\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: \t* only panel-samsung-s6d16d0.c exists\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: \t* context changes \t* GEM_WARN_ON() -\u003e WARN_ON()\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: \t* context changes\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: \t* context changes \t* vc4_hdmi -\u003e vc4-\u003ehdmi\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- mac80211: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme: fix in-casule data send for chained sgls (git-fixes).\n- nvme: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify and fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).\n- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- UsrMerge the kernel (boo#1184804)\n- vfio: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2599,SUSE-SLE-Module-RT-15-SP2-2021-2599",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2599-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2599-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212599-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2599-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009244.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188525",
"url": "https://bugzilla.suse.com/1188525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-03T12:46:44Z",
"generator": {
"date": "2021-08-03T12:46:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2599-1",
"initial_release_date": "2021-08-03T12:46:44Z",
"revision_history": [
{
"date": "2021-08-03T12:46:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product_id": "kernel-devel-rt-5.3.18-45.3.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product_id": "kernel-source-rt-5.3.18-45.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product_id": "kernel-syms-rt-5.3.18-45.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP2",
"product": {
"name": "SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-45.3.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt_debug-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-45.3.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-45.3.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-45.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
opensuse-su-2021:2687-1
Vulnerability from csaf_opensuse
Published
2021-08-14 08:16
Modified
2021-08-14 08:16
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).
The following non-security bugs were fixed:
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: DPTF: Fix reading of attributes (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).
- ALSA: pcm: Fix mmap capability check (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usx2y: Avoid camelCase (git-fixes).
- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).
- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).
- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).
- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).
- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).
- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5682: Disable irq on shutdown (git-fixes).
- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).
- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).
- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).
- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).
- Bluetooth: Remove spurious error message (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).
- Bluetooth: btintel: Check firmware version before download (bsc#1188893).
- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).
- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).
- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).
- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).
- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).
- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).
- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).
- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).
- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).
- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).
- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).
- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).
- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).
- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).
- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).
- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).
- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).
- Bluetooth: hci_intel: enable on new platform (bsc#1188893).
- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).
- Bluetooth: hci_qca: fix potential GPF (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).
- KVM: nVMX: Consult only the 'basic' exit reason when routing nested exit (bsc#1188773).
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).
- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).
- RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).
- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).
- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).
- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).
- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
- Revert 'ACPI: resources: Add checks for ACPI IRQ override' (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'Bluetooth: btintel: Fix endianness issue for TLV version information' (bsc#1188893).
- Revert 'USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem' (git-fixes).
- Revert 'be2net: disable bh with spin_lock in be_process_mcc' (git-fixes).
- Revert 'drm/i915: Propagate errors on awaiting already signaled fences' (git-fixes).
- Revert 'drm: add a locked version of drm_is_current_master' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'iwlwifi: remove wide_cmd_header field' (bsc#1187495).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- bcache: avoid oversized read request in cache missing code path (bsc#1184631).
- bcache: remove bcache device self-defined readahead (bsc#1184631).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: do not disable an already disabled PCI device (git-fixes).
- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).
- bonding: fix build issue (git-fixes).
- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).
- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- cadence: force nonlinear buffers to be cloned (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- coresight: Propagate symlink failure (git-fixes).
- coresight: core: Fix use of uninitialized pointer (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- docs: virt/kvm: close inline string literal (bsc#1188703).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).
- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).
- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
- drm/amd/display: Fix build warnings (git-fixes).
- drm/amd/display: Fix off-by-one error in DML (git-fixes).
- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).
- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).
- drm/amdgpu: wait for moving fence after pinning (git-fixes).
- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge/sii8620: fix dependency on extcon (git-fixes).
- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm/bridge: nwl-dsi: Force a full modeset when crtc_state->active is changed to be true (git-fixes).
- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).
- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).
- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/rockchip: lvds: Fix an error handling path (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/scheduler: Fix hang when sched_entity released (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).
- drm/vc4: crtc: Skip the TXP (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).
- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: add a locked version of drm_is_current_master (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm: bridge: add missing word in Analogix help text (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm: rockchip: add missing registers for RK3066 (git-fixes).
- drm: rockchip: add missing registers for RK3188 (git-fixes).
- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).
- i40e: fix PTP on 5Gb links (jsc#SLE-13701).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).
- intel_th: Wait until port is in reset before programming it (git-fixes).
- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).
- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).
- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).
- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).
- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).
- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).
- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).
- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).
- iwlwifi: add trans op to set PNVM (bsc#1187495).
- iwlwifi: align RX status flags with firmware (bsc#1187495).
- iwlwifi: api: fix u32 -> __le32 (bsc#1187495).
- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).
- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).
- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).
- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).
- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).
- iwlwifi: dbg: add dumping special device memory (bsc#1187495).
- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).
- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).
- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).
- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: enable twt by default (bsc#1187495).
- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).
- iwlwifi: fix sar geo table initialization (bsc#1187495).
- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).
- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).
- iwlwifi: increase PNVM load timeout (bsc#1187495).
- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).
- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).
- iwlwifi: move PNVM implementation to common code (bsc#1187495).
- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).
- iwlwifi: move bc_pool to a common trans header (bsc#1187495).
- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).
- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).
- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).
- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).
- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).
- iwlwifi: mvm: add a get lmac id function (bsc#1187495).
- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).
- iwlwifi: mvm: add d3 prints (bsc#1187495).
- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).
- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).
- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).
- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).
- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).
- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).
- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).
- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).
- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).
- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).
- iwlwifi: mvm: fix error print when session protection ends (git-fixes).
- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).
- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).
- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).
- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).
- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).
- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).
- iwlwifi: mvm: ops: Remove unused static struct 'iwl_mvm_debug_names' (bsc#1187495).
- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).
- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).
- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).
- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).
- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).
- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).
- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).
- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).
- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).
- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).
- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).
- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).
- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).
- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).
- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).
- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).
- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).
- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).
- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).
- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).
- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).
- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).
- iwlwifi: pcie: fix context info freeing (git-fixes).
- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).
- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).
- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).
- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).
- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).
- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).
- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).
- iwlwifi: provide gso_type to GSO packets (bsc#1187495).
- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).
- iwlwifi: read and parse PNVM file (bsc#1187495).
- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).
- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).
- iwlwifi: remove wide_cmd_header field (bsc#1187495).
- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: rs: align to new TLC config command API (bsc#1187495).
- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).
- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).
- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).
- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).
- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).
- iwlwifi: support version 5 of the alive notification (bsc#1187495).
- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).
- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).
- iwlwifi: use correct group for alive notification (bsc#1187495).
- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).
- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).
- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- kABI compatibility fix for max98373_priv struct (git-fixes).
- kABI workaround for btintel symbol changes (bsc#1188893).
- kABI workaround for intel_th_driver (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let's ignore kABI checks of those.
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).
- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: consider per-CPU statistics if present (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- mac80211: reset profile_periodicity/ema_ap (git-fixes).
- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).
- mt76: mt7615: increase MCU command timeout (git-fixes).
- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mvpp2: suppress warning (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).
- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).
- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).
- net: marvell: Fix OF_MDIO config check (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).
- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- powerpc/stacktrace: Fix spurious 'stale' traces in raise_backtrace_ipi() (bsc#1156395).
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Do not disable clocks at device remove time (git-fixes).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
- rbd: always kick acquire on 'acquired' and 'released' notifications (bsc#1188746).
- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- replaced with upstream security mitigation cleanup
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- rtw88: 8822c: fix lc calibration timing (git-fixes).
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: 8250_pci: Add support for new HPE serial device (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- sfp: Fix error handing in sfp_probe() (git-fixes).
- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).
- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).
- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).
- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- virtio_net: move tx vq operation under tx queue lock (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen/events: reset active flag for lateeoi events later (git-fixes).
- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).
- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).
Patchnames
openSUSE-SLE-15.3-2021-2687
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).\n- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).\n- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).\n- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).\n\nThe following non-security bugs were fixed:\n\n- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: DPTF: Fix reading of attributes (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).\n- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).\n- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).\n- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).\n- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).\n- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).\n- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).\n- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).\n- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).\n- ALSA: pcm: Fix mmap capability check (git-fixes).\n- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).\n- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).\n- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).\n- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).\n- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).\n- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- ALSA: usx2y: Avoid camelCase (git-fixes).\n- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).\n- ARM: ensure the signal page contains defined contents (bsc#1188445).\n- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).\n- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).\n- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).\n- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).\n- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).\n- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).\n- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).\n- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).\n- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).\n- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5682: Disable irq on shutdown (git-fixes).\n- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).\n- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).\n- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).\n- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).\n- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).\n- Bluetooth: Remove spurious error message (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).\n- Bluetooth: btintel: Check firmware version before download (bsc#1188893).\n- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).\n- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).\n- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).\n- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).\n- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).\n- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).\n- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).\n- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).\n- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).\n- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).\n- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).\n- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).\n- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).\n- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).\n- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).\n- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).\n- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).\n- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).\n- Bluetooth: hci_intel: enable on new platform (bsc#1188893).\n- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).\n- Bluetooth: hci_qca: fix potential GPF (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).\n- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).\n- KVM: nVMX: Consult only the \u0027basic\u0027 exit reason when routing nested exit (bsc#1188773).\n- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).\n- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).\n- RDMA/cma: Protect RMW with qp_mutex (git-fixes).\n- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).\n- RDMA/rtrs-clt: Fix memory leak of not-freed sess-\u003estats and stats-\u003epcpu_stats (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).\n- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).\n- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).\n- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).\n- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).\n- Revert \u0027ACPI: resources: Add checks for ACPI IRQ override\u0027 (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027Bluetooth: btintel: Fix endianness issue for TLV version information\u0027 (bsc#1188893).\n- Revert \u0027USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem\u0027 (git-fixes).\n- Revert \u0027be2net: disable bh with spin_lock in be_process_mcc\u0027 (git-fixes).\n- Revert \u0027drm/i915: Propagate errors on awaiting already signaled fences\u0027 (git-fixes).\n- Revert \u0027drm: add a locked version of drm_is_current_master\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027iwlwifi: remove wide_cmd_header field\u0027 (bsc#1187495).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).\n- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).\n- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).\n- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- bcache: avoid oversized read request in cache missing code path (bsc#1184631).\n- bcache: remove bcache device self-defined readahead (bsc#1184631).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: do not disable an already disabled PCI device (git-fixes).\n- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).\n- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).\n- bonding: fix build issue (git-fixes).\n- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).\n- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).\n- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- cadence: force nonlinear buffers to be cloned (git-fixes).\n- can: ems_usb: fix memory leak (git-fixes).\n- can: esd_usb2: fix memory leak (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: mcba_usb_start(): add missing urb-\u003etransfer_dma initialization (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).\n- can: usb_8dev: fix memory leak (git-fixes).\n- ceph: do not WARN if we\u0027re still opening a session to an MDS (bsc#1188748).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- cifs: Fix preauth hash corruption (git-fixes).\n- cifs: Return correct error code from smb2_get_enc_key (git-fixes).\n- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).\n- cifs: fix interrupted close commands (git-fixes).\n- cifs: fix memory leak in smb2_copychunk_range (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).\n- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: si5341: Update initialization magic (git-fixes).\n- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- coresight: Propagate symlink failure (git-fixes).\n- coresight: core: Fix use of uninitialized pointer (git-fixes).\n- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).\n- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).\n- crypto: sun4i-ss - initialize need_fallback (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- cxgb4: fix IRQ free race during driver unload (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).\n- docs: virt/kvm: close inline string literal (bsc#1188703).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).\n- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).\n- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).\n- drm/amd/display: Fix build warnings (git-fixes).\n- drm/amd/display: Fix off-by-one error in DML (git-fixes).\n- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).\n- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).\n- drm/amd/display: Update scaling settings on modeset (git-fixes).\n- drm/amd/display: Verify Gamma \u0026 Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).\n- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).\n- drm/amd/display: fix incorrrect valid irq check (git-fixes).\n- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).\n- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).\n- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).\n- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).\n- drm/amdgpu: wait for moving fence after pinning (git-fixes).\n- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).\n- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).\n- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).\n- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).\n- drm/arm/malidp: Always list modifiers (git-fixes).\n- drm/bridge/sii8620: fix dependency on extcon (git-fixes).\n- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).\n- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).\n- drm/bridge: nwl-dsi: Force a full modeset when crtc_state-\u003eactive is changed to be true (git-fixes).\n- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).\n- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).\n- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).\n- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).\n- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).\n- drm/msm/mdp4: Fix modifier support enabling (git-fixes).\n- drm/msm: Fix error return code in msm_drm_init() (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).\n- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/rockchip: lvds: Fix an error handling path (git-fixes).\n- drm/sched: Avoid data corruptions (git-fixes).\n- drm/scheduler: Fix hang when sched_entity released (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).\n- drm/vc4: crtc: Skip the TXP (git-fixes).\n- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).\n- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).\n- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).\n- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).\n- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).\n- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm: Return -ENOTTY for non-drm ioctls (git-fixes).\n- drm: add a locked version of drm_is_current_master (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm: bridge: add missing word in Analogix help text (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm: rockchip: add missing registers for RK3066 (git-fixes).\n- drm: rockchip: add missing registers for RK3188 (git-fixes).\n- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).\n- e1000e: Check the PCIm state (git-fixes).\n- e1000e: Fix an error handling path in \u0027e1000_probe()\u0027 (git-fixes).\n- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: Do not delete the mode that is still in use (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).\n- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).\n- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).\n- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).\n- gtp: fix an use-before-init in gtp_newlink() (git-fixes).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: core: Disable client irq on reboot/shutdown (git-fixes).\n- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).\n- i40e: Fix error handling in i40e_vsi_open (git-fixes).\n- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).\n- i40e: fix PTP on 5Gb links (jsc#SLE-13701).\n- iavf: Fix an error handling path in \u0027iavf_probe()\u0027 (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).\n- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).\n- igb: Fix an error handling path in \u0027igb_probe()\u0027 (git-fixes).\n- igb: Fix position of assignment to *ring (git-fixes).\n- igb: Fix use-after-free error during reset (git-fixes).\n- igc: Fix an error handling path in \u0027igc_probe()\u0027 (git-fixes).\n- igc: Fix use-after-free error during reset (git-fixes).\n- igc: change default return of igc_read_phy_reg() (git-fixes).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma180: Use explicit member assignment (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).\n- intel_th: Wait until port is in reset before programming it (git-fixes).\n- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).\n- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).\n- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).\n- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).\n- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).\n- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).\n- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).\n- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).\n- iwlwifi: add trans op to set PNVM (bsc#1187495).\n- iwlwifi: align RX status flags with firmware (bsc#1187495).\n- iwlwifi: api: fix u32 -\u003e __le32 (bsc#1187495).\n- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).\n- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).\n- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).\n- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).\n- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).\n- iwlwifi: dbg: add dumping special device memory (bsc#1187495).\n- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).\n- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).\n- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).\n- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: enable twt by default (bsc#1187495).\n- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).\n- iwlwifi: fix sar geo table initialization (bsc#1187495).\n- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).\n- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).\n- iwlwifi: increase PNVM load timeout (bsc#1187495).\n- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).\n- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).\n- iwlwifi: move PNVM implementation to common code (bsc#1187495).\n- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).\n- iwlwifi: move bc_pool to a common trans header (bsc#1187495).\n- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).\n- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).\n- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).\n- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).\n- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).\n- iwlwifi: mvm: add a get lmac id function (bsc#1187495).\n- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).\n- iwlwifi: mvm: add d3 prints (bsc#1187495).\n- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).\n- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).\n- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).\n- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).\n- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).\n- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).\n- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).\n- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).\n- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).\n- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).\n- iwlwifi: mvm: fix error print when session protection ends (git-fixes).\n- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).\n- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).\n- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).\n- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).\n- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).\n- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).\n- iwlwifi: mvm: ops: Remove unused static struct \u0027iwl_mvm_debug_names\u0027 (bsc#1187495).\n- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).\n- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).\n- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).\n- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).\n- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).\n- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).\n- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).\n- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).\n- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).\n- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).\n- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).\n- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).\n- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).\n- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).\n- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).\n- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).\n- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).\n- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).\n- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).\n- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).\n- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).\n- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).\n- iwlwifi: pcie: fix context info freeing (git-fixes).\n- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).\n- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).\n- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).\n- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).\n- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).\n- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).\n- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).\n- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).\n- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).\n- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).\n- iwlwifi: provide gso_type to GSO packets (bsc#1187495).\n- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).\n- iwlwifi: read and parse PNVM file (bsc#1187495).\n- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).\n- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).\n- iwlwifi: remove wide_cmd_header field (bsc#1187495).\n- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: rs: align to new TLC config command API (bsc#1187495).\n- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).\n- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).\n- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).\n- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).\n- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).\n- iwlwifi: support version 5 of the alive notification (bsc#1187495).\n- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).\n- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).\n- iwlwifi: use correct group for alive notification (bsc#1187495).\n- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).\n- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).\n- ixgbe: Fix an error handling path in \u0027ixgbe_probe()\u0027 (git-fixes).\n- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).\n- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- kABI compatibility fix for max98373_priv struct (git-fixes).\n- kABI workaround for btintel symbol changes (bsc#1188893).\n- kABI workaround for intel_th_driver (git-fixes).\n- kABI workaround for pci/quirks.c (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let\u0027s ignore kABI checks of those.\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- kernel-binary.spec: Fix up usrmerge for non-modular kernels.\n- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel\n- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).\n- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).\n- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).\n- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).\n- kprobes: fix kill kprobe which has been marked as gone (git-fixes).\n- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).\n- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mac80211: consider per-CPU statistics if present (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- mac80211: reset profile_periodicity/ema_ap (git-fixes).\n- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media, bpf: Do not copy more entries than user space requested (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).\n- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).\n- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).\n- misc: alcor_pci: fix inverted branch condition (git-fixes).\n- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mt76: mt7603: set 0 as min coverage_class value (git-fixes).\n- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).\n- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).\n- mt76: mt7615: increase MCU command timeout (git-fixes).\n- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).\n- mt76: set dma-done flag for flushed descriptors (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mvpp2: suppress warning (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).\n- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).\n- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).\n- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).\n- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).\n- net: dp83867: Fix OF_MDIO config check (git-fixes).\n- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).\n- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).\n- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).\n- net: marvell: Fix OF_MDIO config check (git-fixes).\n- net: mvpp2: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).\n- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).\n- nfc: nfcsim: fix use after free during module unload (git-fixes).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).\n- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).\n- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).\n- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).\n- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).\n- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).\n- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).\n- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: ab8500: Avoid NULL pointers (git-fixes).\n- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).\n- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).\n- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).\n- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).\n- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).\n- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).\n- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).\n- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).\n- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).\n- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).\n- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).\n- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).\n- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).\n- powerpc/stacktrace: Fix spurious \u0027stale\u0027 traces in raise_backtrace_ipi() (bsc#1156395).\n- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).\n- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).\n- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).\n- pwm: imx1: Do not disable clocks at device remove time (git-fixes).\n- pwm: spear: Do not modify HW state in .remove callback (git-fixes).\n- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).\n- r8152: Fix potential PM refcount imbalance (bsc#1186194).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).\n- rbd: always kick acquire on \u0027acquired\u0027 and \u0027released\u0027 notifications (bsc#1188746).\n- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi6421: Fix getting wrong drvdata (git-fixes).\n- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- replaced with upstream security mitigation cleanup\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).\n- rtw88: 8822c: fix lc calibration timing (git-fixes).\n- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).\n- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: 8250_pci: Add support for new HPE serial device (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- sfp: Fix error handing in sfp_probe() (git-fixes).\n- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).\n- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).\n- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: cadence: Correct initialisation of runtime PM again (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).\n- spi: mediatek: fix fifo rx mode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).\n- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).\n- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).\n- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tpm: efi: Use local variable for calculating final log size (git-fixes).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Do not reference char * as a string in histograms (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify \u0026 fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).\n- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).\n- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).\n- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).\n- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).\n- usb: max-3421: Prevent corruption of freed memory (git-fixes).\n- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(\u0026port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: update power supply once partner accepts (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- virtio_console: Assure used length from device is limited (git-fixes).\n- virtio_net: move tx vq operation under tx queue lock (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).\n- w1: ds2438: fixing bug that would always get page0 (git-fixes).\n- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).\n- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).\n- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).\n- wireless: carl9170: fix LEDS build errors \u0026 warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xen/events: reset active flag for lateeoi events later (git-fixes).\n- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).\n- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).\n- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).\n- xhci: Fix lost USB 2 remote wake (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-2687",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_2687-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:2687-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GDBOWLDJQ4K7JKRHIM7AOCKTJO5BY6C5/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:2687-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GDBOWLDJQ4K7JKRHIM7AOCKTJO5BY6C5/"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1153274",
"url": "https://bugzilla.suse.com/1153274"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176447",
"url": "https://bugzilla.suse.com/1176447"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1180814",
"url": "https://bugzilla.suse.com/1180814"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1184631",
"url": "https://bugzilla.suse.com/1184631"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185377",
"url": "https://bugzilla.suse.com/1185377"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186194",
"url": "https://bugzilla.suse.com/1186194"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1186483",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187476",
"url": "https://bugzilla.suse.com/1187476"
},
{
"category": "self",
"summary": "SUSE Bug 1187495",
"url": "https://bugzilla.suse.com/1187495"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188101",
"url": "https://bugzilla.suse.com/1188101"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188126",
"url": "https://bugzilla.suse.com/1188126"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188323",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "self",
"summary": "SUSE Bug 1188366",
"url": "https://bugzilla.suse.com/1188366"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188445",
"url": "https://bugzilla.suse.com/1188445"
},
{
"category": "self",
"summary": "SUSE Bug 1188504",
"url": "https://bugzilla.suse.com/1188504"
},
{
"category": "self",
"summary": "SUSE Bug 1188620",
"url": "https://bugzilla.suse.com/1188620"
},
{
"category": "self",
"summary": "SUSE Bug 1188683",
"url": "https://bugzilla.suse.com/1188683"
},
{
"category": "self",
"summary": "SUSE Bug 1188703",
"url": "https://bugzilla.suse.com/1188703"
},
{
"category": "self",
"summary": "SUSE Bug 1188720",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "self",
"summary": "SUSE Bug 1188746",
"url": "https://bugzilla.suse.com/1188746"
},
{
"category": "self",
"summary": "SUSE Bug 1188747",
"url": "https://bugzilla.suse.com/1188747"
},
{
"category": "self",
"summary": "SUSE Bug 1188748",
"url": "https://bugzilla.suse.com/1188748"
},
{
"category": "self",
"summary": "SUSE Bug 1188752",
"url": "https://bugzilla.suse.com/1188752"
},
{
"category": "self",
"summary": "SUSE Bug 1188770",
"url": "https://bugzilla.suse.com/1188770"
},
{
"category": "self",
"summary": "SUSE Bug 1188771",
"url": "https://bugzilla.suse.com/1188771"
},
{
"category": "self",
"summary": "SUSE Bug 1188772",
"url": "https://bugzilla.suse.com/1188772"
},
{
"category": "self",
"summary": "SUSE Bug 1188773",
"url": "https://bugzilla.suse.com/1188773"
},
{
"category": "self",
"summary": "SUSE Bug 1188774",
"url": "https://bugzilla.suse.com/1188774"
},
{
"category": "self",
"summary": "SUSE Bug 1188777",
"url": "https://bugzilla.suse.com/1188777"
},
{
"category": "self",
"summary": "SUSE Bug 1188838",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "self",
"summary": "SUSE Bug 1188876",
"url": "https://bugzilla.suse.com/1188876"
},
{
"category": "self",
"summary": "SUSE Bug 1188885",
"url": "https://bugzilla.suse.com/1188885"
},
{
"category": "self",
"summary": "SUSE Bug 1188893",
"url": "https://bugzilla.suse.com/1188893"
},
{
"category": "self",
"summary": "SUSE Bug 1188973",
"url": "https://bugzilla.suse.com/1188973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37576/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-14T08:16:56Z",
"generator": {
"date": "2021-08-14T08:16:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:2687-1",
"initial_release_date": "2021-08-14T08:16:56Z",
"revision_history": [
{
"date": "2021-08-14T08:16:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-al-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-al-5.3.18-59.19.1.aarch64",
"product_id": "dtb-al-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-allwinner-5.3.18-59.19.1.aarch64",
"product_id": "dtb-allwinner-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-altera-5.3.18-59.19.1.aarch64",
"product_id": "dtb-altera-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-amd-5.3.18-59.19.1.aarch64",
"product_id": "dtb-amd-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-amlogic-5.3.18-59.19.1.aarch64",
"product_id": "dtb-amlogic-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-apm-5.3.18-59.19.1.aarch64",
"product_id": "dtb-apm-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-arm-5.3.18-59.19.1.aarch64",
"product_id": "dtb-arm-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-broadcom-5.3.18-59.19.1.aarch64",
"product_id": "dtb-broadcom-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-cavium-5.3.18-59.19.1.aarch64",
"product_id": "dtb-cavium-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-exynos-5.3.18-59.19.1.aarch64",
"product_id": "dtb-exynos-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-freescale-5.3.18-59.19.1.aarch64",
"product_id": "dtb-freescale-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-hisilicon-5.3.18-59.19.1.aarch64",
"product_id": "dtb-hisilicon-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-lg-5.3.18-59.19.1.aarch64",
"product_id": "dtb-lg-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-marvell-5.3.18-59.19.1.aarch64",
"product_id": "dtb-marvell-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-mediatek-5.3.18-59.19.1.aarch64",
"product_id": "dtb-mediatek-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-nvidia-5.3.18-59.19.1.aarch64",
"product_id": "dtb-nvidia-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-qcom-5.3.18-59.19.1.aarch64",
"product_id": "dtb-qcom-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-renesas-5.3.18-59.19.1.aarch64",
"product_id": "dtb-renesas-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-rockchip-5.3.18-59.19.1.aarch64",
"product_id": "dtb-rockchip-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-socionext-5.3.18-59.19.1.aarch64",
"product_id": "dtb-socionext-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-sprd-5.3.18-59.19.1.aarch64",
"product_id": "dtb-sprd-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-xilinx-5.3.18-59.19.1.aarch64",
"product_id": "dtb-xilinx-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-zte-5.3.18-59.19.1.aarch64",
"product": {
"name": "dtb-zte-5.3.18-59.19.1.aarch64",
"product_id": "dtb-zte-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-extra-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"product_id": "kernel-64kb-optional-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-extra-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.aarch64",
"product_id": "kernel-default-optional-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.aarch64",
"product_id": "kernel-obs-build-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.aarch64",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-extra-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"product_id": "kernel-preempt-optional-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.aarch64",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.aarch64",
"product_id": "kernel-syms-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"product_id": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"product_id": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-59.19.1.noarch",
"product_id": "kernel-devel-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-59.19.1.noarch",
"product_id": "kernel-docs-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-59.19.1.noarch",
"product_id": "kernel-docs-html-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-59.19.1.noarch",
"product_id": "kernel-macros-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-source-5.3.18-59.19.1.noarch",
"product_id": "kernel-source-5.3.18-59.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-59.19.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-59.19.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-59.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-debug-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-debug-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-debug-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-extra-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-default-optional-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-obs-build-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.ppc64le",
"product_id": "kernel-syms-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-devel-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-extra-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.s390x",
"product_id": "kernel-default-optional-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.s390x",
"product_id": "kernel-obs-build-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.s390x",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.s390x",
"product_id": "kernel-syms-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-5.3.18-59.19.1.s390x",
"product": {
"name": "kernel-zfcpdump-5.3.18-59.19.1.s390x",
"product_id": "kernel-zfcpdump-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "dlm-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "dlm-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "gfs2-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-59.19.1.x86_64",
"product_id": "kernel-debug-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"product_id": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-extra-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-extra-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-livepatch-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-default-optional-5.3.18-59.19.1.x86_64",
"product_id": "kernel-default-optional-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-59.19.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-59.19.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-extra-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"product_id": "kernel-preempt-optional-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-59.19.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-59.19.1.x86_64",
"product_id": "kernel-syms-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "kselftests-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"product_id": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64",
"product_id": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "dlm-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-al-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-al-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-allwinner-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-allwinner-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-altera-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-altera-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amd-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-amd-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amlogic-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-amlogic-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apm-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-apm-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-arm-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-arm-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-broadcom-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-broadcom-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-cavium-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-cavium-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-exynos-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-exynos-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-freescale-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-freescale-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-hisilicon-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-hisilicon-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-lg-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-lg-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-marvell-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-marvell-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-mediatek-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-mediatek-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-nvidia-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-nvidia-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-qcom-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-qcom-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-renesas-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-renesas-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-rockchip-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-rockchip-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-socionext-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-socionext-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-sprd-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-sprd-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-xilinx-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-xilinx-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-zte-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64"
},
"product_reference": "dtb-zte-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-extra-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-optional-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-debug-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-debug-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-debug-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-extra-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-extra-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-extra-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-extra-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-default-optional-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-default-optional-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-default-optional-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-default-optional-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-59.19.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-59.19.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-5.3.18-59.19.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-docs-html-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-59.19.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-obs-qa-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-obs-qa-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-obs-qa-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-extra-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-optional-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-optional-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-59.19.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-source-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-5.3.18-59.19.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch"
},
"product_reference": "kernel-source-vanilla-5.3.18-59.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x"
},
"product_reference": "kernel-zfcpdump-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "kselftests-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64"
},
"product_reference": "reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64"
},
"product_reference": "reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
},
"product_reference": "reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21781"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u0027s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21781",
"url": "https://www.suse.com/security/cve/CVE-2021-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1188445 for CVE-2021-21781",
"url": "https://bugzilla.suse.com/1188445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "low"
}
],
"title": "CVE-2021-21781"
},
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
},
{
"cve": "CVE-2021-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3659"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3659",
"url": "https://www.suse.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "SUSE Bug 1188876 for CVE-2021-3659",
"url": "https://bugzilla.suse.com/1188876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "moderate"
}
],
"title": "CVE-2021-3659"
},
{
"cve": "CVE-2021-37576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37576"
}
],
"notes": [
{
"category": "general",
"text": "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37576",
"url": "https://www.suse.com/security/cve/CVE-2021-37576"
},
{
"category": "external",
"summary": "SUSE Bug 1188838 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "external",
"summary": "SUSE Bug 1188842 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1190276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:dlm-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:dtb-al-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-allwinner-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-altera-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-amlogic-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-apm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-arm-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-broadcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-cavium-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-exynos-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-freescale-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-hisilicon-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-lg-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-marvell-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-mediatek-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-nvidia-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-qcom-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-renesas-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-rockchip-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-socionext-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-sprd-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-xilinx-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:dtb-zte-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.aarch64",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.s390x",
"openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-59.19.1.18.10.1.x86_64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-default-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-docs-html-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-macros-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-build-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-obs-qa-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-source-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-59.19.1.noarch",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kernel-syms-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.ppc64le",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.s390x",
"openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-59.19.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.aarch64",
"openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-59.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-14T08:16:56Z",
"details": "important"
}
],
"title": "CVE-2021-37576"
}
]
}
opensuse-su-2021:1076-1
Vulnerability from csaf_opensuse
Published
2021-07-22 06:35
Modified
2021-07-22 06:35
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: A heap out-of-bounds write affecting Linux was discovered in net/netfilter/x_tables.c (bnc#1188116).
- CVE-2021-33909: fs/seq_file.c did not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05 (bnc#1188062).
- CVE-2021-3609: A use-after-free in can/bcm could have led to privilege escalation (bsc#1187215).
- CVE-2021-3612: An out-of-bounds memory write flaw was found in the joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (bnc#1187585 ).
- CVE-2021-35039: kernel/module.c in the Linux kernel mishandled Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bnc#1188080).
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames
openSUSE-2021-1076
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: A heap out-of-bounds write affecting Linux was discovered in net/netfilter/x_tables.c (bnc#1188116).\n- CVE-2021-33909: fs/seq_file.c did not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05 (bnc#1188062).\n- CVE-2021-3609: A use-after-free in can/bcm could have led to privilege escalation (bsc#1187215).\n- CVE-2021-3612: An out-of-bounds memory write flaw was found in the joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (bnc#1187585 ).\n- CVE-2021-35039: kernel/module.c in the Linux kernel mishandled Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bnc#1188080).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)\n- ARM: ensure the signal page contains defined contents (bsc#1188445).\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).\n- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: si5341: Update initialization magic (git-fixes).\n- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).\n- crypto: sun4i-ss - initialize need_fallback (git-fixes).\n- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/amd/display: fix incorrrect valid irq check (git-fixes).\n- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).\n- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).\n- drm/amd/display: Update scaling settings on modeset (git-fixes).\n- drm/amd/display: Verify Gamma \u0026 Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).\n- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).\n- drm/arm/malidp: Always list modifiers (git-fixes).\n- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm/mdp4: Fix modifier support enabling (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/sched: Avoid data corruptions (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- fbmem: Do not delete the mode that is still in use (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kABI workaround for pci/quirks.c (git-fixes).\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- kernel-binary.spec: Fix up usrmerge for non-modular kernels.\n- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).\n- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).\n- kprobes: fix kill kprobe which has been marked as gone (git-fixes).\n- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).\n- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media, bpf: Do not copy more entries than user space requested (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).\n- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).\n- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm: efi: Use local variable for calculating final log size (git-fixes).\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify \u0026 fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(\u0026port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: tcpm: update power supply once partner accepts (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors \u0026 warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2021-1076",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1076-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:1076-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WT3TYNEJZ7FKJMTYO3DX3Z7B2YCYPEJZ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:1076-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WT3TYNEJZ7FKJMTYO3DX3Z7B2YCYPEJZ/"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188062",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188445",
"url": "https://bugzilla.suse.com/1188445"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33909 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-07-22T06:35:11Z",
"generator": {
"date": "2021-07-22T06:35:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:1076-1",
"initial_release_date": "2021-07-22T06:35:11Z",
"revision_history": [
{
"date": "2021-07-22T06:35:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-lp152.84.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-lp152.84.1.noarch",
"product_id": "kernel-devel-5.3.18-lp152.84.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-lp152.84.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-lp152.84.1.noarch",
"product_id": "kernel-docs-5.3.18-lp152.84.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-lp152.84.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-lp152.84.1.noarch",
"product_id": "kernel-docs-html-5.3.18-lp152.84.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-lp152.84.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-lp152.84.1.noarch",
"product_id": "kernel-macros-5.3.18-lp152.84.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-lp152.84.1.noarch",
"product": {
"name": "kernel-source-5.3.18-lp152.84.1.noarch",
"product_id": "kernel-source-5.3.18-lp152.84.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-lp152.84.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-debug-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-default-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"product_id": "kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-preempt-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-lp152.84.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-lp152.84.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-lp152.84.1.x86_64",
"product_id": "kernel-syms-5.3.18-lp152.84.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-debug-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64"
},
"product_reference": "kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-lp152.84.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-lp152.84.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-lp152.84.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-lp152.84.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-5.3.18-lp152.84.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch"
},
"product_reference": "kernel-docs-html-5.3.18-lp152.84.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-lp152.84.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-lp152.84.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-lp152.84.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch"
},
"product_reference": "kernel-source-5.3.18-lp152.84.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-5.3.18-lp152.84.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch"
},
"product_reference": "kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-lp152.84.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-lp152.84.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-22T06:35:11Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-33909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33909"
}
],
"notes": [
{
"category": "general",
"text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33909",
"url": "https://www.suse.com/security/cve/CVE-2021-33909"
},
{
"category": "external",
"summary": "SUSE Bug 1188062 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188062"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188063"
},
{
"category": "external",
"summary": "SUSE Bug 1188257 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1188257"
},
{
"category": "external",
"summary": "SUSE Bug 1189302 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1189302"
},
{
"category": "external",
"summary": "SUSE Bug 1190859 for CVE-2021-33909",
"url": "https://bugzilla.suse.com/1190859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-22T06:35:11Z",
"details": "important"
}
],
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-22T06:35:11Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-22T06:35:11Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.84.1.lp152.8.38.1.x86_64",
"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.84.1.x86_64",
"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.84.1.noarch",
"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.84.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-07-22T06:35:11Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
}
]
}
opensuse-su-2021:2645-1
Vulnerability from csaf_opensuse
Published
2021-08-10 08:03
Modified
2021-08-10 08:03
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).
The following non-security bugs were fixed:
- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: DPTF: Fix reading of attributes (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).
- ALSA: pcm: Fix mmap capability check (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usx2y: Avoid camelCase (git-fixes).
- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).
- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).
- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).
- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).
- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).
- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5682: Disable irq on shutdown (git-fixes).
- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).
- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).
- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).
- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).
- Bluetooth: Remove spurious error message (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).
- Bluetooth: btintel: Check firmware version before download (bsc#1188893).
- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).
- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).
- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).
- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).
- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).
- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).
- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).
- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).
- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).
- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).
- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).
- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).
- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).
- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).
- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).
- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).
- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).
- Bluetooth: hci_intel: enable on new platform (bsc#1188893).
- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).
- Bluetooth: hci_qca: fix potential GPF (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).
- KVM: nVMX: Consult only the 'basic' exit reason when routing nested exit (bsc#1188773).
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).
- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).
- RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).
- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).
- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).
- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).
- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
- Revert 'ACPI: resources: Add checks for ACPI IRQ override' (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'Bluetooth: btintel: Fix endianness issue for TLV version information' (bsc#1188893).
- Revert 'USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem' (git-fixes).
- Revert 'be2net: disable bh with spin_lock in be_process_mcc' (git-fixes).
- Revert 'drm/i915: Propagate errors on awaiting already signaled fences' (git-fixes).
- Revert 'drm: add a locked version of drm_is_current_master' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'iwlwifi: remove wide_cmd_header field' (bsc#1187495).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- bcache: avoid oversized read request in cache missing code path (bsc#1184631).
- bcache: remove bcache device self-defined readahead (bsc#1184631).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: do not disable an already disabled PCI device (git-fixes).
- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).
- bonding: fix build issue (git-fixes).
- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).
- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- cadence: force nonlinear buffers to be cloned (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- coresight: Propagate symlink failure (git-fixes).
- coresight: core: Fix use of uninitialized pointer (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: Revert unnecessary patches that fix unreal use-after-free bugs (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- docs: virt/kvm: close inline string literal (bsc#1188703).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).
- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).
- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
- drm/amd/display: Fix build warnings (git-fixes).
- drm/amd/display: Fix off-by-one error in DML (git-fixes).
- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).
- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).
- drm/amdgpu: wait for moving fence after pinning (git-fixes).
- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge/sii8620: fix dependency on extcon (git-fixes).
- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm/bridge: nwl-dsi: Force a full modeset when crtc_state->active is changed to be true (git-fixes).
- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).
- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).
- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/rockchip: lvds: Fix an error handling path (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/scheduler: Fix hang when sched_entity released (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).
- drm/vc4: crtc: Skip the TXP (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).
- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: add a locked version of drm_is_current_master (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm: bridge: add missing word in Analogix help text (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm: rockchip: add missing registers for RK3066 (git-fixes).
- drm: rockchip: add missing registers for RK3188 (git-fixes).
- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).
- i40e: fix PTP on 5Gb links (jsc#SLE-13701).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).
- intel_th: Wait until port is in reset before programming it (git-fixes).
- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).
- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).
- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).
- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).
- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).
- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).
- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).
- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).
- iwlwifi: add trans op to set PNVM (bsc#1187495).
- iwlwifi: align RX status flags with firmware (bsc#1187495).
- iwlwifi: api: fix u32 -> __le32 (bsc#1187495).
- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).
- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).
- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).
- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).
- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).
- iwlwifi: dbg: add dumping special device memory (bsc#1187495).
- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).
- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).
- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).
- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: enable twt by default (bsc#1187495).
- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).
- iwlwifi: fix sar geo table initialization (bsc#1187495).
- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).
- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).
- iwlwifi: increase PNVM load timeout (bsc#1187495).
- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).
- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).
- iwlwifi: move PNVM implementation to common code (bsc#1187495).
- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).
- iwlwifi: move bc_pool to a common trans header (bsc#1187495).
- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).
- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).
- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).
- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).
- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).
- iwlwifi: mvm: add a get lmac id function (bsc#1187495).
- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).
- iwlwifi: mvm: add d3 prints (bsc#1187495).
- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).
- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).
- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).
- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).
- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).
- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).
- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).
- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).
- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).
- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).
- iwlwifi: mvm: fix error print when session protection ends (git-fixes).
- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).
- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).
- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).
- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).
- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).
- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).
- iwlwifi: mvm: ops: Remove unused static struct 'iwl_mvm_debug_names' (bsc#1187495).
- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).
- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).
- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).
- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).
- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).
- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).
- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).
- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).
- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).
- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).
- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).
- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).
- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).
- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).
- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).
- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).
- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).
- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).
- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).
- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).
- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).
- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).
- iwlwifi: pcie: fix context info freeing (git-fixes).
- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).
- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).
- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).
- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).
- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).
- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).
- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).
- iwlwifi: provide gso_type to GSO packets (bsc#1187495).
- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).
- iwlwifi: read and parse PNVM file (bsc#1187495).
- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).
- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).
- iwlwifi: remove wide_cmd_header field (bsc#1187495).
- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: rs: align to new TLC config command API (bsc#1187495).
- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).
- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).
- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).
- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).
- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).
- iwlwifi: support version 5 of the alive notification (bsc#1187495).
- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).
- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).
- iwlwifi: use correct group for alive notification (bsc#1187495).
- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).
- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).
- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- kABI compatibility fix for max98373_priv struct (git-fixes).
- kABI workaround for btintel symbol changes (bsc#1188893).
- kABI workaround for intel_th_driver (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let's ignore kABI checks of those.
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).
- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: consider per-CPU statistics if present (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- mac80211: reset profile_periodicity/ema_ap (git-fixes).
- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).
- mt76: mt7615: increase MCU command timeout (git-fixes).
- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mvpp2: suppress warning (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).
- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).
- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).
- net: marvell: Fix OF_MDIO config check (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).
- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- powerpc/stacktrace: Fix spurious 'stale' traces in raise_backtrace_ipi() (bsc#1156395).
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Do not disable clocks at device remove time (git-fixes).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
- rbd: always kick acquire on 'acquired' and 'released' notifications (bsc#1188746).
- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- replaced with upstream security mitigation cleanup
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- rtw88: 8822c: fix lc calibration timing (git-fixes).
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: 8250_pci: Add support for new HPE serial device (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- sfp: Fix error handing in sfp_probe() (git-fixes).
- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).
- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).
- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).
- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- virtio_net: move tx vq operation under tx queue lock (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen/events: reset active flag for lateeoi events later (git-fixes).
- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).
- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).
Patchnames
openSUSE-SLE-15.3-2021-2645
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).\n- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).\n- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).\n- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).\n- CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).\n\nThe following non-security bugs were fixed:\n\n- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: DPTF: Fix reading of attributes (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).\n- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).\n- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).\n- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).\n- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).\n- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).\n- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).\n- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).\n- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).\n- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).\n- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).\n- ALSA: pcm: Fix mmap capability check (git-fixes).\n- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).\n- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).\n- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).\n- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).\n- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).\n- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- ALSA: usx2y: Avoid camelCase (git-fixes).\n- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).\n- ARM: ensure the signal page contains defined contents (bsc#1188445).\n- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).\n- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).\n- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).\n- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).\n- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).\n- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).\n- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).\n- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).\n- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).\n- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt5682: Disable irq on shutdown (git-fixes).\n- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).\n- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).\n- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).\n- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).\n- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).\n- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).\n- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).\n- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).\n- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).\n- Bluetooth: Remove spurious error message (git-fixes).\n- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).\n- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).\n- Bluetooth: btintel: Check firmware version before download (bsc#1188893).\n- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).\n- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).\n- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).\n- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).\n- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).\n- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).\n- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).\n- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).\n- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).\n- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).\n- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).\n- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).\n- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).\n- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).\n- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).\n- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).\n- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).\n- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).\n- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).\n- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).\n- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).\n- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).\n- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).\n- Bluetooth: hci_intel: enable on new platform (bsc#1188893).\n- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).\n- Bluetooth: hci_qca: fix potential GPF (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).\n- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).\n- KVM: nVMX: Consult only the \u0027basic\u0027 exit reason when routing nested exit (bsc#1188773).\n- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).\n- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).\n- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).\n- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: intel-gw: Fix INTx enable (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).\n- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).\n- PCI: quirks: fix false kABI positive (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).\n- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).\n- RDMA/cma: Protect RMW with qp_mutex (git-fixes).\n- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).\n- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).\n- RDMA/rtrs-clt: Fix memory leak of not-freed sess-\u003estats and stats-\u003epcpu_stats (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).\n- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).\n- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).\n- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).\n- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).\n- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).\n- Revert \u0027ACPI: resources: Add checks for ACPI IRQ override\u0027 (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027Bluetooth: btintel: Fix endianness issue for TLV version information\u0027 (bsc#1188893).\n- Revert \u0027USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem\u0027 (git-fixes).\n- Revert \u0027be2net: disable bh with spin_lock in be_process_mcc\u0027 (git-fixes).\n- Revert \u0027drm/i915: Propagate errors on awaiting already signaled fences\u0027 (git-fixes).\n- Revert \u0027drm: add a locked version of drm_is_current_master\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- Revert \u0027iwlwifi: remove wide_cmd_header field\u0027 (bsc#1187495).\n- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).\n- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).\n- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).\n- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).\n- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).\n- [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- bcache: avoid oversized read request in cache missing code path (bsc#1184631).\n- bcache: remove bcache device self-defined readahead (bsc#1184631).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).\n- bnxt_en: do not disable an already disabled PCI device (git-fixes).\n- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).\n- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).\n- bonding: fix build issue (git-fixes).\n- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).\n- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).\n- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).\n- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- cadence: force nonlinear buffers to be cloned (git-fixes).\n- can: ems_usb: fix memory leak (git-fixes).\n- can: esd_usb2: fix memory leak (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: mcba_usb_start(): add missing urb-\u003etransfer_dma initialization (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).\n- can: usb_8dev: fix memory leak (git-fixes).\n- ceph: do not WARN if we\u0027re still opening a session to an MDS (bsc#1188748).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- cifs: Fix preauth hash corruption (git-fixes).\n- cifs: Return correct error code from smb2_get_enc_key (git-fixes).\n- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).\n- cifs: fix interrupted close commands (git-fixes).\n- cifs: fix memory leak in smb2_copychunk_range (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).\n- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: si5341: Update initialization magic (git-fixes).\n- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- coresight: Propagate symlink failure (git-fixes).\n- coresight: core: Fix use of uninitialized pointer (git-fixes).\n- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).\n- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).\n- crypto: sun4i-ss - initialize need_fallback (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).\n- cw1200: Revert unnecessary patches that fix unreal use-after-free bugs (git-fixes).\n- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).\n- cxgb4: fix IRQ free race during driver unload (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).\n- docs: virt/kvm: close inline string literal (bsc#1188703).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).\n- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).\n- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).\n- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).\n- drm/amd/display: Fix build warnings (git-fixes).\n- drm/amd/display: Fix off-by-one error in DML (git-fixes).\n- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).\n- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).\n- drm/amd/display: Verify Gamma \u0026 Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).\n- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).\n- drm/amd/display: fix incorrrect valid irq check (git-fixes).\n- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)\n- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).\n- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).\n- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).\n- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).\n- drm/amdgpu: wait for moving fence after pinning (git-fixes).\n- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).\n- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).\n- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).\n- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).\n- drm/arm/malidp: Always list modifiers (git-fixes).\n- drm/bridge/sii8620: fix dependency on extcon (git-fixes).\n- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).\n- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).\n- drm/bridge: nwl-dsi: Force a full modeset when crtc_state-\u003eactive is changed to be true (git-fixes).\n- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).\n- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).\n- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).\n- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).\n- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)\n- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).\n- drm/msm/mdp4: Fix modifier support enabling (git-fixes).\n- drm/msm: Fix error return code in msm_drm_init() (git-fixes).\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489)\n- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).\n- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).\n- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).\n- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/rockchip: lvds: Fix an error handling path (git-fixes).\n- drm/sched: Avoid data corruptions (git-fixes).\n- drm/scheduler: Fix hang when sched_entity released (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).\n- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).\n- drm/vc4: crtc: Skip the TXP (git-fixes).\n- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).\n- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).\n- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)\n- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).\n- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).\n- drm/virtio: Fix double free on probe failure (git-fixes).\n- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).\n- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).\n- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).\n- drm: Return -ENOTTY for non-drm ioctls (git-fixes).\n- drm: add a locked version of drm_is_current_master (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)\n- drm: bridge: add missing word in Analogix help text (git-fixes).\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm: rockchip: add missing registers for RK3066 (git-fixes).\n- drm: rockchip: add missing registers for RK3188 (git-fixes).\n- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).\n- e1000e: Check the PCIm state (git-fixes).\n- e1000e: Fix an error handling path in \u0027e1000_probe()\u0027 (git-fixes).\n- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: Do not delete the mode that is still in use (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).\n- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).\n- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).\n- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).\n- gtp: fix an use-before-init in gtp_newlink() (git-fixes).\n- gve: Add DQO fields for core data structures (bsc#1176940).\n- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).\n- gve: Add dqo descriptors (bsc#1176940).\n- gve: Add stats for gve (bsc#1176940).\n- gve: Add support for DQO RX PTYPE map (bsc#1176940).\n- gve: Add support for raw addressing device option (bsc#1176940).\n- gve: Add support for raw addressing in the tx path (bsc#1176940).\n- gve: Add support for raw addressing to the rx path (bsc#1176940).\n- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).\n- gve: Check TX QPL was actually assigned (bsc#1176940).\n- gve: DQO: Add RX path (bsc#1176940).\n- gve: DQO: Add TX path (bsc#1176940).\n- gve: DQO: Add core netdev features (bsc#1176940).\n- gve: DQO: Add ring allocation and initialization (bsc#1176940).\n- gve: DQO: Configure interrupts on device up (bsc#1176940).\n- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).\n- gve: DQO: Remove incorrect prefetch (bsc#1176940).\n- gve: Enable Link Speed Reporting in the driver (bsc#1176940).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- gve: Fix warnings reported for DQO patchset (bsc#1176940).\n- gve: Get and set Rx copybreak via ethtool (bsc#1176940).\n- gve: Introduce a new model for device options (bsc#1176940).\n- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).\n- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).\n- gve: Move some static functions to a common file (bsc#1176940).\n- gve: NIC stats for report-stats and for ethtool (bsc#1176940).\n- gve: Propagate error codes to caller (bsc#1176940).\n- gve: Replace zero-length array with flexible-array member (bsc#1176940).\n- gve: Rx Buffer Recycling (bsc#1176940).\n- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).\n- gve: Update adminq commands to support DQO queues (bsc#1176940).\n- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).\n- gve: Use link status register to report link status (bsc#1176940).\n- gve: adminq: DQO specific device descriptor logic (bsc#1176940).\n- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: core: Disable client irq on reboot/shutdown (git-fixes).\n- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).\n- i40e: Fix error handling in i40e_vsi_open (git-fixes).\n- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).\n- i40e: fix PTP on 5Gb links (jsc#SLE-13701).\n- iavf: Fix an error handling path in \u0027iavf_probe()\u0027 (git-fixes).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).\n- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).\n- igb: Fix an error handling path in \u0027igb_probe()\u0027 (git-fixes).\n- igb: Fix position of assignment to *ring (git-fixes).\n- igb: Fix use-after-free error during reset (git-fixes).\n- igc: Fix an error handling path in \u0027igc_probe()\u0027 (git-fixes).\n- igc: Fix use-after-free error during reset (git-fixes).\n- igc: change default return of igc_read_phy_reg() (git-fixes).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma180: Use explicit member assignment (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).\n- intel_th: Wait until port is in reset before programming it (git-fixes).\n- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).\n- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).\n- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).\n- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).\n- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).\n- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).\n- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).\n- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).\n- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).\n- iwlwifi: add trans op to set PNVM (bsc#1187495).\n- iwlwifi: align RX status flags with firmware (bsc#1187495).\n- iwlwifi: api: fix u32 -\u003e __le32 (bsc#1187495).\n- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).\n- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).\n- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).\n- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).\n- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).\n- iwlwifi: dbg: add dumping special device memory (bsc#1187495).\n- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).\n- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).\n- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).\n- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).\n- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: enable twt by default (bsc#1187495).\n- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).\n- iwlwifi: fix sar geo table initialization (bsc#1187495).\n- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).\n- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).\n- iwlwifi: increase PNVM load timeout (bsc#1187495).\n- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).\n- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).\n- iwlwifi: move PNVM implementation to common code (bsc#1187495).\n- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).\n- iwlwifi: move bc_pool to a common trans header (bsc#1187495).\n- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).\n- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).\n- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).\n- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).\n- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).\n- iwlwifi: mvm: add a get lmac id function (bsc#1187495).\n- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).\n- iwlwifi: mvm: add d3 prints (bsc#1187495).\n- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).\n- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).\n- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).\n- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).\n- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).\n- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).\n- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).\n- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).\n- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).\n- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).\n- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).\n- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).\n- iwlwifi: mvm: fix error print when session protection ends (git-fixes).\n- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).\n- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).\n- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).\n- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).\n- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).\n- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).\n- iwlwifi: mvm: ops: Remove unused static struct \u0027iwl_mvm_debug_names\u0027 (bsc#1187495).\n- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).\n- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).\n- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).\n- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).\n- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).\n- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).\n- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).\n- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).\n- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).\n- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).\n- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).\n- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).\n- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).\n- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).\n- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).\n- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).\n- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).\n- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).\n- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).\n- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).\n- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).\n- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).\n- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).\n- iwlwifi: pcie: fix context info freeing (git-fixes).\n- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).\n- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).\n- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).\n- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).\n- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).\n- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).\n- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).\n- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).\n- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).\n- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).\n- iwlwifi: provide gso_type to GSO packets (bsc#1187495).\n- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).\n- iwlwifi: read and parse PNVM file (bsc#1187495).\n- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).\n- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).\n- iwlwifi: remove wide_cmd_header field (bsc#1187495).\n- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).\n- iwlwifi: rs: align to new TLC config command API (bsc#1187495).\n- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).\n- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).\n- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).\n- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).\n- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).\n- iwlwifi: support version 5 of the alive notification (bsc#1187495).\n- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).\n- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).\n- iwlwifi: use correct group for alive notification (bsc#1187495).\n- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).\n- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).\n- ixgbe: Fix an error handling path in \u0027ixgbe_probe()\u0027 (git-fixes).\n- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).\n- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- kABI compatibility fix for max98373_priv struct (git-fixes).\n- kABI workaround for btintel symbol changes (bsc#1188893).\n- kABI workaround for intel_th_driver (git-fixes).\n- kABI workaround for pci/quirks.c (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let\u0027s ignore kABI checks of those.\n- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).\n- kernel-binary.spec: Fix up usrmerge for non-modular kernels.\n- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel\n- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).\n- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).\n- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).\n- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).\n- kprobes: fix kill kprobe which has been marked as gone (git-fixes).\n- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).\n- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).\n- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).\n- mac80211: consider per-CPU statistics if present (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- mac80211: reset profile_periodicity/ema_ap (git-fixes).\n- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).\n- mac80211_hwsim: drop pending frames on stop (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media, bpf: Do not copy more entries than user space requested (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).\n- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).\n- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).\n- misc: alcor_pci: fix inverted branch condition (git-fixes).\n- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).\n- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mt76: mt7603: set 0 as min coverage_class value (git-fixes).\n- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).\n- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).\n- mt76: mt7615: increase MCU command timeout (git-fixes).\n- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).\n- mt76: set dma-done flag for flushed descriptors (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mvpp2: suppress warning (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).\n- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).\n- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).\n- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).\n- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).\n- net: dp83867: Fix OF_MDIO config check (git-fixes).\n- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).\n- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).\n- net: gve: convert strlcpy to strscpy (bsc#1176940).\n- net: gve: remove duplicated allowed (bsc#1176940).\n- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).\n- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).\n- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).\n- net: marvell: Fix OF_MDIO config check (git-fixes).\n- net: mvpp2: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).\n- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).\n- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).\n- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).\n- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).\n- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).\n- nfc: nfcsim: fix use after free during module unload (git-fixes).\n- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).\n- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).\n- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).\n- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).\n- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).\n- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).\n- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).\n- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).\n- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: ab8500: Avoid NULL pointers (git-fixes).\n- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).\n- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).\n- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).\n- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).\n- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).\n- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).\n- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).\n- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).\n- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).\n- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).\n- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).\n- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).\n- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).\n- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).\n- powerpc/stacktrace: Fix spurious \u0027stale\u0027 traces in raise_backtrace_ipi() (bsc#1156395).\n- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).\n- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).\n- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).\n- pwm: imx1: Do not disable clocks at device remove time (git-fixes).\n- pwm: spear: Do not modify HW state in .remove callback (git-fixes).\n- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).\n- r8152: Fix potential PM refcount imbalance (bsc#1186194).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).\n- rbd: always kick acquire on \u0027acquired\u0027 and \u0027released\u0027 notifications (bsc#1188746).\n- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi6421: Fix getting wrong drvdata (git-fixes).\n- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- replaced with upstream security mitigation cleanup\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).\n- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).\n- rtw88: 8822c: fix lc calibration timing (git-fixes).\n- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).\n- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: 8250_pci: Add support for new HPE serial device (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- sfp: Fix error handing in sfp_probe() (git-fixes).\n- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).\n- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).\n- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: cadence: Correct initialisation of runtime PM again (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121). \n- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).\n- spi: mediatek: fix fifo rx mode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).\n- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).\n- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).\n- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)\n- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tpm: efi: Use local variable for calculating final log size (git-fixes).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing/histograms: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Do not reference char * as a string in histograms (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify \u0026 fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).\n- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).\n- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).\n- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).\n- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).\n- usb: max-3421: Prevent corruption of freed memory (git-fixes).\n- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(\u0026port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: update power supply once partner accepts (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).\n- vfio/pci: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- virtio_console: Assure used length from device is limited (git-fixes).\n- virtio_net: move tx vq operation under tx queue lock (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).\n- w1: ds2438: fixing bug that would always get page0 (git-fixes).\n- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).\n- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).\n- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).\n- wireless: carl9170: fix LEDS build errors \u0026 warnings (git-fixes).\n- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).\n- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).\n- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).\n- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xen/events: reset active flag for lateeoi events later (git-fixes).\n- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).\n- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).\n- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).\n- xhci: Fix lost USB 2 remote wake (git-fixes).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-2645",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_2645-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:2645-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2WMUIJQF7RUSXDRXECLPMVDE6YOS5WIN/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:2645-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2WMUIJQF7RUSXDRXECLPMVDE6YOS5WIN/"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1153274",
"url": "https://bugzilla.suse.com/1153274"
},
{
"category": "self",
"summary": "SUSE Bug 1154353",
"url": "https://bugzilla.suse.com/1154353"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1176447",
"url": "https://bugzilla.suse.com/1176447"
},
{
"category": "self",
"summary": "SUSE Bug 1176940",
"url": "https://bugzilla.suse.com/1176940"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1180814",
"url": "https://bugzilla.suse.com/1180814"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1184631",
"url": "https://bugzilla.suse.com/1184631"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185377",
"url": "https://bugzilla.suse.com/1185377"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186194",
"url": "https://bugzilla.suse.com/1186194"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1186482",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "self",
"summary": "SUSE Bug 1186483",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187476",
"url": "https://bugzilla.suse.com/1187476"
},
{
"category": "self",
"summary": "SUSE Bug 1187495",
"url": "https://bugzilla.suse.com/1187495"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188101",
"url": "https://bugzilla.suse.com/1188101"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188126",
"url": "https://bugzilla.suse.com/1188126"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188323",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "self",
"summary": "SUSE Bug 1188366",
"url": "https://bugzilla.suse.com/1188366"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188445",
"url": "https://bugzilla.suse.com/1188445"
},
{
"category": "self",
"summary": "SUSE Bug 1188504",
"url": "https://bugzilla.suse.com/1188504"
},
{
"category": "self",
"summary": "SUSE Bug 1188620",
"url": "https://bugzilla.suse.com/1188620"
},
{
"category": "self",
"summary": "SUSE Bug 1188683",
"url": "https://bugzilla.suse.com/1188683"
},
{
"category": "self",
"summary": "SUSE Bug 1188703",
"url": "https://bugzilla.suse.com/1188703"
},
{
"category": "self",
"summary": "SUSE Bug 1188720",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "self",
"summary": "SUSE Bug 1188746",
"url": "https://bugzilla.suse.com/1188746"
},
{
"category": "self",
"summary": "SUSE Bug 1188747",
"url": "https://bugzilla.suse.com/1188747"
},
{
"category": "self",
"summary": "SUSE Bug 1188748",
"url": "https://bugzilla.suse.com/1188748"
},
{
"category": "self",
"summary": "SUSE Bug 1188752",
"url": "https://bugzilla.suse.com/1188752"
},
{
"category": "self",
"summary": "SUSE Bug 1188770",
"url": "https://bugzilla.suse.com/1188770"
},
{
"category": "self",
"summary": "SUSE Bug 1188771",
"url": "https://bugzilla.suse.com/1188771"
},
{
"category": "self",
"summary": "SUSE Bug 1188772",
"url": "https://bugzilla.suse.com/1188772"
},
{
"category": "self",
"summary": "SUSE Bug 1188773",
"url": "https://bugzilla.suse.com/1188773"
},
{
"category": "self",
"summary": "SUSE Bug 1188774",
"url": "https://bugzilla.suse.com/1188774"
},
{
"category": "self",
"summary": "SUSE Bug 1188777",
"url": "https://bugzilla.suse.com/1188777"
},
{
"category": "self",
"summary": "SUSE Bug 1188838",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "self",
"summary": "SUSE Bug 1188876",
"url": "https://bugzilla.suse.com/1188876"
},
{
"category": "self",
"summary": "SUSE Bug 1188885",
"url": "https://bugzilla.suse.com/1188885"
},
{
"category": "self",
"summary": "SUSE Bug 1188893",
"url": "https://bugzilla.suse.com/1188893"
},
{
"category": "self",
"summary": "SUSE Bug 1188973",
"url": "https://bugzilla.suse.com/1188973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2021-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22543 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-37576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-37576/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-10T08:03:32Z",
"generator": {
"date": "2021-08-10T08:03:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:2645-1",
"initial_release_date": "2021-08-10T08:03:32Z",
"revision_history": [
{
"date": "2021-08-10T08:03:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-5.3.18-38.17.1.noarch",
"product": {
"name": "kernel-devel-azure-5.3.18-38.17.1.noarch",
"product_id": "kernel-devel-azure-5.3.18-38.17.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-5.3.18-38.17.1.noarch",
"product": {
"name": "kernel-source-azure-5.3.18-38.17.1.noarch",
"product_id": "kernel-source-azure-5.3.18-38.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "dlm-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-devel-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-devel-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-extra-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-extra-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-azure-optional-5.3.18-38.17.1.x86_64",
"product_id": "kernel-azure-optional-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "kernel-syms-azure-5.3.18-38.17.1.x86_64",
"product_id": "kernel-syms-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64",
"product_id": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-extra-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-azure-optional-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.3.18-38.17.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch"
},
"product_reference": "kernel-devel-azure-5.3.18-38.17.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.3.18-38.17.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch"
},
"product_reference": "kernel-source-azure-5.3.18-38.17.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-5.3.18-38.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-21781"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u0027s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-21781",
"url": "https://www.suse.com/security/cve/CVE-2021-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1188445 for CVE-2021-21781",
"url": "https://bugzilla.suse.com/1188445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "low"
}
],
"title": "CVE-2021-21781"
},
{
"cve": "CVE-2021-22543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22543"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22543",
"url": "https://www.suse.com/security/cve/CVE-2021-22543"
},
{
"category": "external",
"summary": "SUSE Bug 1186482 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186482"
},
{
"category": "external",
"summary": "SUSE Bug 1186483 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1186483"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1197660 for CVE-2021-22543",
"url": "https://bugzilla.suse.com/1197660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "important"
}
],
"title": "CVE-2021-22543"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "moderate"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "low"
}
],
"title": "CVE-2021-3612"
},
{
"cve": "CVE-2021-3659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3659"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3659",
"url": "https://www.suse.com/security/cve/CVE-2021-3659"
},
{
"category": "external",
"summary": "SUSE Bug 1188876 for CVE-2021-3659",
"url": "https://bugzilla.suse.com/1188876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "moderate"
}
],
"title": "CVE-2021-3659"
},
{
"cve": "CVE-2021-37576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-37576"
}
],
"notes": [
{
"category": "general",
"text": "arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-37576",
"url": "https://www.suse.com/security/cve/CVE-2021-37576"
},
{
"category": "external",
"summary": "SUSE Bug 1188838 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188838"
},
{
"category": "external",
"summary": "SUSE Bug 1188842 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1188842"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-37576",
"url": "https://bugzilla.suse.com/1190276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-extra-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-azure-optional-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kernel-devel-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-source-azure-5.3.18-38.17.1.noarch",
"openSUSE Leap 15.3:kernel-syms-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-38.17.1.x86_64",
"openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-38.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T08:03:32Z",
"details": "important"
}
],
"title": "CVE-2021-37576"
}
]
}
gsd-2021-3612
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-3612",
"description": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"id": "GSD-2021-3612",
"references": [
"https://www.suse.com/security/cve/CVE-2021-3612.html",
"https://ubuntu.com/security/CVE-2021-3612",
"https://security.archlinux.org/CVE-2021-3612",
"https://linux.oracle.com/cve/CVE-2021-3612.html",
"https://access.redhat.com/errata/RHSA-2022:1975",
"https://access.redhat.com/errata/RHSA-2022:1988"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-3612"
],
"details": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"id": "GSD-2021-3612",
"modified": "2023-12-13T01:23:34.319676Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.9-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20-\u003eCWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"name": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"refsource": "MISC",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210805-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3612"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"refsource": "MISC",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"name": "FEDORA-2021-a95108d156",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210805-0005/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-01-11T17:10Z",
"publishedDate": "2021-07-09T11:15Z"
}
}
}
RHSA-2022:1975
Vulnerability from csaf_redhat
Published
2022-05-10 13:43
Modified
2025-06-11 15:26
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)
* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)
* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)
* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)
* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)
* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)
* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)
* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)
* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)
* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)
* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)
* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)
* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)
* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)
* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)
* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
* kernel: information leak in the IPv6 implementation (CVE-2021-45485)
* kernel: information leak in the IPv4 implementation (CVE-2021-45486)
* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)
* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)
* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)\n\n* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)\n\n* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)\n\n* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)\n\n* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)\n\n* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)\n\n* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)\n\n* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)\n\n* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)\n\n* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)\n\n* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\n* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)\n\n* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)\n\n* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)\n\n* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)\n\n* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)\n\n* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)\n\n* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)\n\n* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)\n\n* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)\n\n* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)\n\n* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)\n\n* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)\n\n* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)\n\n* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)\n\n* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)\n\n* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)\n\n* kernel: information leak in the IPv6 implementation (CVE-2021-45485)\n\n* kernel: information leak in the IPv4 implementation (CVE-2021-45486)\n\n* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)\n\n* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)\n\n* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)\n\n* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)\n\n* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)\n\n* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1975",
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "1903578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903578"
},
{
"category": "external",
"summary": "1905749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905749"
},
{
"category": "external",
"summary": "1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1975.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2025-06-11T15:26:06+00:00",
"generator": {
"date": "2025-06-11T15:26:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.1"
}
},
"id": "RHSA-2022:1975",
"initial_release_date": "2022-05-10T13:43:14+00:00",
"revision_history": [
{
"date": "2022-05-10T13:43:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T13:43:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-06-11T15:26:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product_id": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0404",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: avoid cyclic entity chains due to malformed USB descriptors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0404"
},
{
"category": "external",
"summary": "RHBZ#1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0404",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module uvcvideo from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: avoid cyclic entity chains due to malformed USB descriptors"
},
{
"cve": "CVE-2020-13974",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2016169"
}
],
"notes": [
{
"category": "description",
"text": "A flaw integer overflow in the Linux kernel\u0027s virtual terminal keyboard driver was found in the way the user sends some specific keyboard code multiple times. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No code depends on this integer overflow so it is unlikely that the vulnerability can be used for anything apart from crashing the system. The impact has been reduced to Moderate from Important based on this analysis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13974"
},
{
"category": "external",
"summary": "RHBZ#2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13974"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
}
],
"release_date": "2020-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c"
},
{
"acknowledgments": [
{
"names": [
"Jeremy Cline"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-27820",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1901726"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\u0027s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in nouveau kernel module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Low impact because the issue can only be triggered by an privileged local user (or user with physical access) as the issue only happens during unbinding the driver or removing the device.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27820"
},
{
"category": "external",
"summary": "RHBZ#1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27820",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/"
}
],
"release_date": "2020-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module nouveau from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free in nouveau kernel module"
},
{
"cve": "CVE-2021-0941",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2018205"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in net/core/filter.c in __bpf_skb_max_len in the Linux kernel. A missing sanity check to the current MTU check may allow a local attacker with special user privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0941"
},
{
"category": "external",
"summary": "RHBZ#2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941"
},
{
"category": "external",
"summary": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0",
"url": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0"
}
],
"release_date": "2021-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free"
},
{
"acknowledgments": [
{
"names": [
"Murray McAllister"
]
}
],
"cve": "CVE-2021-3612",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-06-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1974079"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s joystick devices subsystem, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact because for the Red Hat Enterprise Linux the patch that made it possible writing memory out of bounds not applied yet, but still before that patch possible read out of bounds. Both in the default configuration of Red Hat Enterprise Linux the joysticks devices driver is disabled, so only privileged local user can enable it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "RHBZ#1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3612"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
}
],
"release_date": "2021-06-20T12:28:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module joydev from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()"
},
{
"cve": "CVE-2021-3669",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1986473"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3669"
},
{
"category": "external",
"summary": "RHBZ#1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3669",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3669"
}
],
"release_date": "2021-08-02T06:02:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts"
},
{
"acknowledgments": [
{
"names": [
"Active Defense Lab"
],
"organization": "Venustech"
}
],
"cve": "CVE-2021-3743",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997961"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There was no shipped kernel version that was seen affected by this problem. These files are not built in our source code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3743"
},
{
"category": "external",
"summary": "RHBZ#1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3743",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3743"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"category": "external",
"summary": "https://lists.openwall.net/netdev/2021/08/17/124",
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
}
],
"release_date": "2021-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c"
},
{
"cve": "CVE-2021-3744",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2000627"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3744"
},
{
"category": "external",
"summary": "RHBZ#2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3744"
},
{
"category": "external",
"summary": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0",
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
}
],
"release_date": "2021-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()"
},
{
"acknowledgments": [
{
"names": [
"Likang Luo"
],
"organization": "NSFOCUS Security Team"
}
],
"cve": "CVE-2021-3752",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999544"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible use-after-free in bluetooth module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because Only local users with privileges to access the sock_dgram Bluetooth socket can trigger this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3752"
},
{
"category": "external",
"summary": "RHBZ#1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3752"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/09/15/4",
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
}
],
"release_date": "2021-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability. The possible solution is to disable Bluetooth completely: https://access.redhat.com/solutions/2682931",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible use-after-free in bluetooth module"
},
{
"acknowledgments": [
{
"names": [
"Yutian Yang"
],
"organization": "Zhejiang University"
}
],
"cve": "CVE-2021-3759",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999675"
}
],
"notes": [
{
"category": "description",
"text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3759"
},
{
"category": "external",
"summary": "RHBZ#1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3759",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3759"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3759",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3759"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/",
"url": "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/"
}
],
"release_date": "2021-07-15T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks"
},
{
"cve": "CVE-2021-3764",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997467"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in ccp_run_aes_gcm_cmd() function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3764"
},
{
"category": "external",
"summary": "RHBZ#1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3764",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3764"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe"
}
],
"release_date": "2021-08-20T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in ccp_run_aes_gcm_cmd() function"
},
{
"cve": "CVE-2021-3772",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2021-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2000694"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: Invalid chunks may be used to remotely remove existing associations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3772"
},
{
"category": "external",
"summary": "RHBZ#2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3772"
}
],
"release_date": "2021-09-08T06:38:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "As the SCTP module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\nif\n# echo \"install sctp /bin/true\" \u003e\u003e /etc/modprobe.d/disable-sctp.conf\n\nThe system will need to be restarted if the SCTP modules are loaded. In most circumstances, the SCTP kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: Invalid chunks may be used to remotely remove existing associations"
},
{
"cve": "CVE-2021-3773",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3773"
},
{
"category": "external",
"summary": "RHBZ#2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3773"
}
],
"release_date": "2021-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients"
},
{
"acknowledgments": [
{
"names": [
"elijahbai, jitxie, huntazhang."
]
}
],
"cve": "CVE-2021-3923",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-11-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019643"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack information leak in infiniband RDMA",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3923"
},
{
"category": "external",
"summary": "RHBZ#2019643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3923"
}
],
"release_date": "2021-12-01T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack information leak in infiniband RDMA"
},
{
"cve": "CVE-2021-4002",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025726"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible leak or coruption of data residing on hugetlbfs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4002"
},
{
"category": "external",
"summary": "RHBZ#2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4002"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/11/25/1",
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
}
],
"release_date": "2021-11-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible leak or coruption of data residing on hugetlbfs"
},
{
"cve": "CVE-2021-4037",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-11-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2027239"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: security regression for CVE-2018-13405",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Impact is Moderate, because if no configuration problems with the system, then unlikely higher impact than unauthorized read access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4037"
},
{
"category": "external",
"summary": "RHBZ#2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4037"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4037",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4037"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848"
}
],
"release_date": "2021-09-16T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: security regression for CVE-2018-13405"
},
{
"cve": "CVE-2021-4083",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2029923"
}
],
"notes": [
{
"category": "description",
"text": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fget: check that the fd still exists after getting a ref to it",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4083"
},
{
"category": "external",
"summary": "RHBZ#2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4083"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
}
],
"release_date": "2021-12-03T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: fget: check that the fd still exists after getting a ref to it"
},
{
"cve": "CVE-2021-4093",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2028584"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM\u0027s AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "AMD Secure Encrypted Virtualization (SEV) is currently provided as a Technology Preview in RHEL and, therefore, unsupported for production use. For additional details please see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4093"
},
{
"category": "external",
"summary": "RHBZ#2028584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4093"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2222",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2222"
}
],
"release_date": "2021-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io"
},
{
"cve": "CVE-2021-4157",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034342"
}
],
"notes": [
{
"category": "description",
"text": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Buffer overwrite in decode_nfs_fh function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4157"
},
{
"category": "external",
"summary": "RHBZ#2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4157"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/"
}
],
"release_date": "2021-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Buffer overwrite in decode_nfs_fh function"
},
{
"cve": "CVE-2021-4197",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035652"
}
],
"notes": [
{
"category": "description",
"text": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: cgroup: Use open-time creds and namespace for migration perm checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4197"
},
{
"category": "external",
"summary": "RHBZ#2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4197"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/",
"url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/"
}
],
"release_date": "2021-09-12T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "The mitigation not known. However, for the default configuration of the Red Hat Enterprise Linux it is not possible to trigger this vulnerability: if control groups (cgroups) not being used or being used with the default configuration or being used some other configuration where for example similar privileges for all processes (both for parent and for child processes), then no way to trigger this vulnerability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: cgroup: Use open-time creds and namespace for migration perm checks"
},
{
"cve": "CVE-2021-4203",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2036934"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "RHBZ#2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4203"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/",
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/"
}
],
"release_date": "2021-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses"
},
{
"acknowledgments": [
{
"names": [
"Keyu Man, Xin\u0027an Zhou and Zhiyun Qian"
],
"organization": "University of California, Riverside"
}
],
"cve": "CVE-2021-20322",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2021-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014230"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because of the attack scenario limitation. It is possible to harm the networking services only, but not for the overall system under attack, and impossible to get access to this remote system under attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20322"
},
{
"category": "external",
"summary": "RHBZ#2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20322",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20322"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
}
],
"release_date": "2021-08-26T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies"
},
{
"acknowledgments": [
{
"names": [
"AMD"
]
}
],
"cve": "CVE-2021-26401",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061700"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26401"
},
{
"category": "external",
"summary": "RHBZ#2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26401"
},
{
"category": "external",
"summary": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "AMD recommends mitigation that uses generic retpoline.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715"
},
{
"cve": "CVE-2021-29154",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1946684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can abuse a flaw in eBPF to corrupt memory. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Moderate impact as eBPF requires a privileged user on Red Hat Enterprise Linux to correctly load eBPF instructions that can be exploited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29154"
},
{
"category": "external",
"summary": "RHBZ#1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29154"
}
],
"release_date": "2021-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "This issue does not affect most systems by default. An administrator would need to have enabled the BPF JIT to be affected.\n\nIt can be disabled immediately with the command:\n\n# echo 0 \u003e /proc/sys/net/core/bpf_jit_enable\n\nOr it can be disabled for all subsequent boots of the system by setting a value in /etc/sysctl.d/44-bpf-jit-disable\n\n## start file ##\n\nnet.core.bpf_jit_enable=0\n\n## end file ##",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation"
},
{
"cve": "CVE-2021-37159",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-07-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1985353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw use-after-free in the Linux kernel USB High Speed Mobile Devices functionality was found in the way user detaches USB device. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37159"
},
{
"category": "external",
"summary": "RHBZ#1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37159"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/linux-usb/msg202228.html",
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
}
],
"release_date": "2020-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module hso from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c"
},
{
"cve": "CVE-2021-41864",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2010463"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory write flaw was found in prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the bpf in the Linux kernel. In this flaw, the multiplication to calculate the size could lead to an integer overflow which could allow a local attacker, with a special user privilege, to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41864"
},
{
"category": "external",
"summary": "RHBZ#2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41864"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a",
"url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a"
}
],
"release_date": "2021-09-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write"
},
{
"cve": "CVE-2021-42739",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1951739"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap buffer overflow in firedtv driver",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42739"
},
{
"category": "external",
"summary": "RHBZ#1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42739",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42739"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/",
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/"
}
],
"release_date": "2021-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module firedtv from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap buffer overflow in firedtv driver"
},
{
"acknowledgments": [
{
"names": [
"Active Defense Lab"
],
"organization": "Venustech"
}
],
"cve": "CVE-2021-43389",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2013180"
}
],
"notes": [
{
"category": "description",
"text": "An improper validation of an array index and out of bounds memory read in the Linux kernel\u0027s Integrated Services Digital Network (ISDN) functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43389"
},
{
"category": "external",
"summary": "RHBZ#2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43389",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43389"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/",
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/"
}
],
"release_date": "2021-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module isdn from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c"
},
{
"cve": "CVE-2021-43976",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025003"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recv_type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43976"
},
{
"category": "external",
"summary": "RHBZ#2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43976"
},
{
"category": "external",
"summary": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/",
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/"
}
],
"release_date": "2021-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device"
},
{
"acknowledgments": [
{
"names": [
"Patrik Lantz"
],
"organization": "axis.com"
}
],
"cve": "CVE-2021-44733",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030747"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw in the Linux kernel TEE (Trusted Execution Environment) subsystem was found in the way user calls ioctl TEE_IOC_OPEN_SESSION or TEE_IOC_INVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with the CONFIG_PREEMPT option or CONFIG_CPU_SW_DOMAIN_PAN option enabled, then it is unlikely that a user can trigger this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in the TEE subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44733"
},
{
"category": "external",
"summary": "RHBZ#2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44733"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44733",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44733"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/",
"url": "https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/"
}
],
"release_date": "2021-12-14T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the modules tee, trusted_tee from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in the TEE subsystem"
},
{
"cve": "CVE-2021-45485",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2021-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039911"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u2019s IPv6 implementation in the __ipv6_select_ident in net/ipv6/output_core.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in the IPv6 implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45485"
},
{
"category": "external",
"summary": "RHBZ#2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45485"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/",
"url": "https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/"
}
],
"release_date": "2021-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in the IPv6 implementation"
},
{
"cve": "CVE-2021-45486",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039914"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u2019s IPv4 implementation in the ip_rt_init in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in the IPv4 implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45486"
},
{
"category": "external",
"summary": "RHBZ#2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45486",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45486"
},
{
"category": "external",
"summary": "https://arxiv.org/pdf/2112.09604.pdf",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
}
],
"release_date": "2021-03-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in the IPv4 implementation"
},
{
"cve": "CVE-2021-47435",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2282879"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dm: fix mempool NULL pointer race when completing IO",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "RHBZ#2282879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47435",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47435"
}
],
"release_date": "2024-05-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: dm: fix mempool NULL pointer race when completing IO"
},
{
"cve": "CVE-2021-47544",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283406"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tcp: fix page frag corruption on page fault",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47544"
},
{
"category": "external",
"summary": "RHBZ#2283406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47544",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47544"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T"
}
],
"release_date": "2024-05-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tcp: fix page frag corruption on page fault"
},
{
"cve": "CVE-2021-47556",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283393"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()\n\nethtool_set_coalesce() now uses both the .get_coalesce() and\n.set_coalesce() callbacks. But the check for their availability is\nbuggy, so changing the coalesce settings on a device where the driver\nprovides only _one_ of the callbacks results in a NULL pointer\ndereference instead of an -EOPNOTSUPP.\n\nFix the condition so that the availability of both callbacks is\nensured. This also matches the netlink code.\n\nNote that reproducing this requires some effort - it only affects the\nlegacy ioctl path, and needs a specific combination of driver options:\n- have .get_coalesce() and .coalesce_supported but no\n .set_coalesce(), or\n- have .set_coalesce() but no .get_coalesce(). Here eg. ethtool doesn\u0027t\n cause the crash as it first attempts to call ethtool_get_coalesce()\n and bails out on error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47556"
},
{
"category": "external",
"summary": "RHBZ#2283393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283393"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47556"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T"
}
],
"release_date": "2024-05-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()"
},
{
"cve": "CVE-2021-47590",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293237"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix deadlock in __mptcp_push_pending()\n\n__mptcp_push_pending() may call mptcp_flush_join_list() with subflow\nsocket lock held. If such call hits mptcp_sockopt_sync_all() then\nsubsequently __mptcp_sockopt_sync() could try to lock the subflow\nsocket for itself, causing a deadlock.\n\nsysrq: Show Blocked State\ntask:ss-server state:D stack: 0 pid: 938 ppid: 1 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2d6/0x10c0\n ? __mod_memcg_state+0x4d/0x70\n ? csum_partial+0xd/0x20\n ? _raw_spin_lock_irqsave+0x26/0x50\n schedule+0x4e/0xc0\n __lock_sock+0x69/0x90\n ? do_wait_intr_irq+0xa0/0xa0\n __lock_sock_fast+0x35/0x50\n mptcp_sockopt_sync_all+0x38/0xc0\n __mptcp_push_pending+0x105/0x200\n mptcp_sendmsg+0x466/0x490\n sock_sendmsg+0x57/0x60\n __sys_sendto+0xf0/0x160\n ? do_wait_intr_irq+0xa0/0xa0\n ? fpregs_restore_userregs+0x12/0xd0\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f9ba546c2d0\nRSP: 002b:00007ffdc3b762d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9ba56c8060 RCX: 00007f9ba546c2d0\nRDX: 000000000000077a RSI: 0000000000e5e180 RDI: 0000000000000234\nRBP: 0000000000cc57f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f9ba56c8060\nR13: 0000000000b6ba60 R14: 0000000000cc7840 R15: 41d8685b1d7901b8\n \u003c/TASK\u003e\n\nFix the issue by using __mptcp_flush_join_list() instead of plain\nmptcp_flush_join_list() inside __mptcp_push_pending(), as suggested by\nFlorian. The sockopt sync will be deferred to the workqueue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mptcp: fix deadlock in __mptcp_push_pending()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47590"
},
{
"category": "external",
"summary": "RHBZ#2293237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47590",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47590"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mptcp: fix deadlock in __mptcp_push_pending()"
},
{
"cve": "CVE-2021-47614",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293265"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s RDMA/irdma driver. Improper memory management in the add_pble_prm function fails to manage memory correctly, resulting in a user-after-free condition that can lead to exploitation. This flaw allows an attacker to manipulate memory access potentially, resulting in data corruption or system crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/irdma: Fix a user-after-free in add_pble_prm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47614"
},
{
"category": "external",
"summary": "RHBZ#2293265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293265"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47614",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47614"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: RDMA/irdma: Fix a user-after-free in add_pble_prm"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2022-0001",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061712"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The Branch History Injection (BHI) describes a specific form of intra-mode BTI. This flaw allows an unprivileged attacker to manipulate the branch history before transitioning to supervisor or VMX root mode. This issue is an effort to cause an indirect branch predictor to select a specific predictor entry for an indirect branch, and a disclosure gadget at the predicted target will transiently execute. This execution is possible since the relevant branch history may contain branches taken in previous security contexts, and in particular, in other predictor modes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Branch History Injection (BHI)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The current known mechanisms to exploit this issue rely on unprivileged eBPF functionality. Unprivileged eBPF is disabled by default on Red Hat Enterprise Linux.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0001"
},
{
"category": "external",
"summary": "RHBZ#2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0001"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/bhi-spectre-bhb/",
"url": "https://www.vusec.net/projects/bhi-spectre-bhb/"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Disabling unprivileged eBPF effectively mitigates the known attack vectors for exploiting intra-mode branch injections attacks.\n\nThe default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl.\n\nFor the Red Hat Enterprise Linux 7, the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nContinue to enable SMEP and Enhanced IBRS. This is the default setting on eligible CPUs.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Branch History Injection (BHI)"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2022-0002",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061721"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 (BTI) where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently executes. These predictor entries may contain targets corresponding to the targets of an indirect near jump, indirect near call, and near return instructions, even if these branches were only transiently executed. The managed runtimes provide an attacker with the means to create the aliasing required for intra-mode BTI attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Intra-Mode BTI",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The current known mechanisms to exploit this issue rely on unprivileged eBPF functionality. Unprivileged eBPF is disabled by default on Red Hat Enterprise Linux.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0002"
},
{
"category": "external",
"summary": "RHBZ#2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0002"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/bhi-spectre-bhb/",
"url": "https://www.vusec.net/projects/bhi-spectre-bhb/"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Disabling unprivileged eBPF effectively mitigates the known attack vectors for exploiting intra-mode branch injections attacks.\n\nThe default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nContinue to enable SMEP and Enhanced IBRS. This is the default setting on eligible CPUs.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Intra-Mode BTI"
},
{
"acknowledgments": [
{
"names": [
"De4dCr0w"
],
"organization": "360 Vulnerability Research Institute"
}
],
"cve": "CVE-2022-0286",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2037019"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s bonding driver in the way a user bonds non existing or fake device. This flaw allows a local user to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local denial of service in bond_ipsec_add_sa",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0286"
},
{
"category": "external",
"summary": "RHBZ#2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0286"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
}
],
"release_date": "2021-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module bonding from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local denial of service in bond_ipsec_add_sa"
},
{
"cve": "CVE-2022-0322",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2042822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0322"
},
{
"category": "external",
"summary": "RHBZ#2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
}
],
"release_date": "2021-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module SCTP onto the system. Until we have a fix available, this can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c"
},
{
"acknowledgments": [
{
"names": [
"elijahbai"
],
"organization": "Tencent Security Yunding Lab"
}
],
"cve": "CVE-2022-0850",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2060606"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found via ext4_extent_header in fs/ext4/extents.c in the Linux kernel. This flaw could allow a local attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in copy_page_to_iter() in iov_iter.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0850"
},
{
"category": "external",
"summary": "RHBZ#2060606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0850"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0850",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0850"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe"
},
{
"category": "external",
"summary": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"url": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8"
}
],
"release_date": "2021-05-06T19:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in copy_page_to_iter() in iov_iter.c"
},
{
"acknowledgments": [
{
"names": [
"Miklos Szeredi",
"Jann Horn"
]
}
],
"cve": "CVE-2022-1011",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064855"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For the Red Hat Enterprise Linux the issue actual if fuse or fuse3 package is installed on the system and only privileged user can install it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1011"
},
{
"category": "external",
"summary": "RHBZ#2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1011"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/"
}
],
"release_date": "2022-03-07T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3105",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153067"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3105"
},
{
"category": "external",
"summary": "RHBZ#2153067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3105"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3106",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153066"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3106"
},
{
"category": "external",
"summary": "RHBZ#2153066",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153066"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3106"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3108",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153052"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3108"
},
{
"category": "external",
"summary": "RHBZ#2153052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3108"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()"
},
{
"cve": "CVE-2023-0459",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"discovery_date": "2023-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216383"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in copy_from_user in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the \"access_ok\" sanity check and pass a kernel pointer to copy_from_user(), resulting in kernel data leaking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Copy_from_user on 64-bit versions may leak kernel information",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0459"
},
{
"category": "external",
"summary": "RHBZ#2216383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0459",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0459"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c",
"url": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c"
}
],
"release_date": "2020-02-15T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Copy_from_user on 64-bit versions may leak kernel information"
},
{
"cve": "CVE-2023-3022",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2211440"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3022"
},
{
"category": "external",
"summary": "RHBZ#2211440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022"
}
],
"release_date": "2019-04-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails"
}
]
}
rhsa-2022_1975
Vulnerability from csaf_redhat
Published
2022-05-10 13:43
Modified
2024-11-15 17:12
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)
* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)
* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)
* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)
* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)
* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)
* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)
* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)
* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)
* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)
* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)
* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)
* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)
* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)
* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)
* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
* kernel: information leak in the IPv6 implementation (CVE-2021-45485)
* kernel: information leak in the IPv4 implementation (CVE-2021-45486)
* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)
* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)
* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)\n\n* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)\n\n* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)\n\n* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)\n\n* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)\n\n* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)\n\n* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)\n\n* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)\n\n* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)\n\n* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)\n\n* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\n* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)\n\n* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)\n\n* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)\n\n* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)\n\n* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)\n\n* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)\n\n* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)\n\n* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)\n\n* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)\n\n* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)\n\n* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)\n\n* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)\n\n* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)\n\n* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)\n\n* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)\n\n* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)\n\n* kernel: information leak in the IPv6 implementation (CVE-2021-45485)\n\n* kernel: information leak in the IPv4 implementation (CVE-2021-45486)\n\n* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)\n\n* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)\n\n* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)\n\n* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)\n\n* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)\n\n* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1975",
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "1903578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903578"
},
{
"category": "external",
"summary": "1905749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905749"
},
{
"category": "external",
"summary": "1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1975.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-11-15T17:12:25+00:00",
"generator": {
"date": "2024-11-15T17:12:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:1975",
"initial_release_date": "2022-05-10T13:43:14+00:00",
"revision_history": [
{
"date": "2022-05-10T13:43:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T13:43:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T17:12:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product_id": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0404",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: avoid cyclic entity chains due to malformed USB descriptors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0404"
},
{
"category": "external",
"summary": "RHBZ#1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0404",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module uvcvideo from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: avoid cyclic entity chains due to malformed USB descriptors"
},
{
"cve": "CVE-2020-13974",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2016169"
}
],
"notes": [
{
"category": "description",
"text": "A flaw integer overflow in the Linux kernel\u0027s virtual terminal keyboard driver was found in the way the user sends some specific keyboard code multiple times. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No code depends on this integer overflow so it is unlikely that the vulnerability can be used for anything apart from crashing the system. The impact has been reduced to Moderate from Important based on this analysis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13974"
},
{
"category": "external",
"summary": "RHBZ#2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13974"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
}
],
"release_date": "2020-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c"
},
{
"acknowledgments": [
{
"names": [
"Jeremy Cline"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-27820",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1901726"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\u0027s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in nouveau kernel module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Low impact because the issue can only be triggered by an privileged local user (or user with physical access) as the issue only happens during unbinding the driver or removing the device.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27820"
},
{
"category": "external",
"summary": "RHBZ#1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27820",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/"
}
],
"release_date": "2020-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module nouveau from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free in nouveau kernel module"
},
{
"cve": "CVE-2021-0941",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2018205"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in net/core/filter.c in __bpf_skb_max_len in the Linux kernel. A missing sanity check to the current MTU check may allow a local attacker with special user privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0941"
},
{
"category": "external",
"summary": "RHBZ#2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941"
},
{
"category": "external",
"summary": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0",
"url": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0"
}
],
"release_date": "2021-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free"
},
{
"acknowledgments": [
{
"names": [
"Murray McAllister"
]
}
],
"cve": "CVE-2021-3612",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-06-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1974079"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s joystick devices subsystem, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact because for the Red Hat Enterprise Linux the patch that made it possible writing memory out of bounds not applied yet, but still before that patch possible read out of bounds. Both in the default configuration of Red Hat Enterprise Linux the joysticks devices driver is disabled, so only privileged local user can enable it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "RHBZ#1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3612"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
}
],
"release_date": "2021-06-20T12:28:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module joydev from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()"
},
{
"cve": "CVE-2021-3669",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1986473"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3669"
},
{
"category": "external",
"summary": "RHBZ#1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3669",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3669"
}
],
"release_date": "2021-08-02T06:02:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts"
},
{
"acknowledgments": [
{
"names": [
"Active Defense Lab"
],
"organization": "Venustech"
}
],
"cve": "CVE-2021-3743",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997961"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There was no shipped kernel version that was seen affected by this problem. These files are not built in our source code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3743"
},
{
"category": "external",
"summary": "RHBZ#1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3743",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3743"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"category": "external",
"summary": "https://lists.openwall.net/netdev/2021/08/17/124",
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
}
],
"release_date": "2021-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c"
},
{
"cve": "CVE-2021-3744",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2000627"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3744"
},
{
"category": "external",
"summary": "RHBZ#2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3744"
},
{
"category": "external",
"summary": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0",
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
}
],
"release_date": "2021-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()"
},
{
"acknowledgments": [
{
"names": [
"Likang Luo"
],
"organization": "NSFOCUS Security Team"
}
],
"cve": "CVE-2021-3752",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999544"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible use-after-free in bluetooth module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because Only local users with privileges to access the sock_dgram Bluetooth socket can trigger this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3752"
},
{
"category": "external",
"summary": "RHBZ#1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3752"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/09/15/4",
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
}
],
"release_date": "2021-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability. The possible solution is to disable Bluetooth completely: https://access.redhat.com/solutions/2682931",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible use-after-free in bluetooth module"
},
{
"acknowledgments": [
{
"names": [
"Yutian Yang"
],
"organization": "Zhejiang University"
}
],
"cve": "CVE-2021-3759",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999675"
}
],
"notes": [
{
"category": "description",
"text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3759"
},
{
"category": "external",
"summary": "RHBZ#1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3759",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3759"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3759",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3759"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/",
"url": "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/"
}
],
"release_date": "2021-07-15T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks"
},
{
"cve": "CVE-2021-3764",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997467"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in ccp_run_aes_gcm_cmd() function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3764"
},
{
"category": "external",
"summary": "RHBZ#1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3764",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3764"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe"
}
],
"release_date": "2021-08-20T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in ccp_run_aes_gcm_cmd() function"
},
{
"cve": "CVE-2021-3772",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2021-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2000694"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: Invalid chunks may be used to remotely remove existing associations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3772"
},
{
"category": "external",
"summary": "RHBZ#2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3772"
}
],
"release_date": "2021-09-08T06:38:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "As the SCTP module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\nif\n# echo \"install sctp /bin/true\" \u003e\u003e /etc/modprobe.d/disable-sctp.conf\n\nThe system will need to be restarted if the SCTP modules are loaded. In most circumstances, the SCTP kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: Invalid chunks may be used to remotely remove existing associations"
},
{
"cve": "CVE-2021-3773",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3773"
},
{
"category": "external",
"summary": "RHBZ#2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3773"
}
],
"release_date": "2021-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients"
},
{
"acknowledgments": [
{
"names": [
"elijahbai, jitxie, huntazhang."
]
}
],
"cve": "CVE-2021-3923",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-11-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019643"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack information leak in infiniband RDMA",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3923"
},
{
"category": "external",
"summary": "RHBZ#2019643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3923"
}
],
"release_date": "2021-12-01T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack information leak in infiniband RDMA"
},
{
"cve": "CVE-2021-4002",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025726"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible leak or coruption of data residing on hugetlbfs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4002"
},
{
"category": "external",
"summary": "RHBZ#2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4002"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/11/25/1",
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
}
],
"release_date": "2021-11-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible leak or coruption of data residing on hugetlbfs"
},
{
"cve": "CVE-2021-4037",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-11-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2027239"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: security regression for CVE-2018-13405",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Impact is Moderate, because if no configuration problems with the system, then unlikely higher impact than unauthorized read access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4037"
},
{
"category": "external",
"summary": "RHBZ#2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4037"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4037",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4037"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848"
}
],
"release_date": "2021-09-16T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: security regression for CVE-2018-13405"
},
{
"cve": "CVE-2021-4083",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2029923"
}
],
"notes": [
{
"category": "description",
"text": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fget: check that the fd still exists after getting a ref to it",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4083"
},
{
"category": "external",
"summary": "RHBZ#2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4083"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
}
],
"release_date": "2021-12-03T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: fget: check that the fd still exists after getting a ref to it"
},
{
"cve": "CVE-2021-4093",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2028584"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM\u0027s AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "AMD Secure Encrypted Virtualization (SEV) is currently provided as a Technology Preview in RHEL and, therefore, unsupported for production use. For additional details please see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4093"
},
{
"category": "external",
"summary": "RHBZ#2028584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4093"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2222",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2222"
}
],
"release_date": "2021-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io"
},
{
"cve": "CVE-2021-4157",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034342"
}
],
"notes": [
{
"category": "description",
"text": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Buffer overwrite in decode_nfs_fh function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4157"
},
{
"category": "external",
"summary": "RHBZ#2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4157"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/"
}
],
"release_date": "2021-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Buffer overwrite in decode_nfs_fh function"
},
{
"cve": "CVE-2021-4197",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035652"
}
],
"notes": [
{
"category": "description",
"text": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: cgroup: Use open-time creds and namespace for migration perm checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4197"
},
{
"category": "external",
"summary": "RHBZ#2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4197"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/",
"url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/"
}
],
"release_date": "2021-09-12T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "The mitigation not known. However, for the default configuration of the Red Hat Enterprise Linux it is not possible to trigger this vulnerability: if control groups (cgroups) not being used or being used with the default configuration or being used some other configuration where for example similar privileges for all processes (both for parent and for child processes), then no way to trigger this vulnerability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: cgroup: Use open-time creds and namespace for migration perm checks"
},
{
"cve": "CVE-2021-4203",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2036934"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "RHBZ#2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4203"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/",
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/"
}
],
"release_date": "2021-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses"
},
{
"acknowledgments": [
{
"names": [
"Keyu Man, Xin\u0027an Zhou and Zhiyun Qian"
],
"organization": "University of California, Riverside"
}
],
"cve": "CVE-2021-20322",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2021-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014230"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because of the attack scenario limitation. It is possible to harm the networking services only, but not for the overall system under attack, and impossible to get access to this remote system under attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20322"
},
{
"category": "external",
"summary": "RHBZ#2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20322",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20322"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
}
],
"release_date": "2021-08-26T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies"
},
{
"acknowledgments": [
{
"names": [
"AMD"
]
}
],
"cve": "CVE-2021-26401",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061700"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26401"
},
{
"category": "external",
"summary": "RHBZ#2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26401"
},
{
"category": "external",
"summary": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "AMD recommends mitigation that uses generic retpoline.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715"
},
{
"cve": "CVE-2021-29154",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1946684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can abuse a flaw in eBPF to corrupt memory. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Moderate impact as eBPF requires a privileged user on Red Hat Enterprise Linux to correctly load eBPF instructions that can be exploited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29154"
},
{
"category": "external",
"summary": "RHBZ#1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29154"
}
],
"release_date": "2021-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "This issue does not affect most systems by default. An administrator would need to have enabled the BPF JIT to be affected.\n\nIt can be disabled immediately with the command:\n\n# echo 0 \u003e /proc/sys/net/core/bpf_jit_enable\n\nOr it can be disabled for all subsequent boots of the system by setting a value in /etc/sysctl.d/44-bpf-jit-disable\n\n## start file ##\n\nnet.core.bpf_jit_enable=0\n\n## end file ##",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation"
},
{
"cve": "CVE-2021-37159",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-07-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1985353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw use-after-free in the Linux kernel USB High Speed Mobile Devices functionality was found in the way user detaches USB device. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37159"
},
{
"category": "external",
"summary": "RHBZ#1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37159"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/linux-usb/msg202228.html",
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
}
],
"release_date": "2020-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module hso from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c"
},
{
"cve": "CVE-2021-41864",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2010463"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory write flaw was found in prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the bpf in the Linux kernel. In this flaw, the multiplication to calculate the size could lead to an integer overflow which could allow a local attacker, with a special user privilege, to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41864"
},
{
"category": "external",
"summary": "RHBZ#2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41864"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a",
"url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a"
}
],
"release_date": "2021-09-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write"
},
{
"cve": "CVE-2021-42739",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1951739"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap buffer overflow in firedtv driver",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42739"
},
{
"category": "external",
"summary": "RHBZ#1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42739",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42739"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/",
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/"
}
],
"release_date": "2021-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module firedtv from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap buffer overflow in firedtv driver"
},
{
"acknowledgments": [
{
"names": [
"Active Defense Lab"
],
"organization": "Venustech"
}
],
"cve": "CVE-2021-43389",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2013180"
}
],
"notes": [
{
"category": "description",
"text": "An improper validation of an array index and out of bounds memory read in the Linux kernel\u0027s Integrated Services Digital Network (ISDN) functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43389"
},
{
"category": "external",
"summary": "RHBZ#2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43389",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43389"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/",
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/"
}
],
"release_date": "2021-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module isdn from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c"
},
{
"cve": "CVE-2021-43976",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025003"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recv_type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43976"
},
{
"category": "external",
"summary": "RHBZ#2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43976"
},
{
"category": "external",
"summary": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/",
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/"
}
],
"release_date": "2021-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device"
},
{
"acknowledgments": [
{
"names": [
"Patrik Lantz"
],
"organization": "axis.com"
}
],
"cve": "CVE-2021-44733",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030747"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw in the Linux kernel TEE (Trusted Execution Environment) subsystem was found in the way user calls ioctl TEE_IOC_OPEN_SESSION or TEE_IOC_INVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with the CONFIG_PREEMPT option or CONFIG_CPU_SW_DOMAIN_PAN option enabled, then it is unlikely that a user can trigger this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in the TEE subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44733"
},
{
"category": "external",
"summary": "RHBZ#2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44733"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44733",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44733"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/",
"url": "https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/"
}
],
"release_date": "2021-12-14T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the modules tee, trusted_tee from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in the TEE subsystem"
},
{
"cve": "CVE-2021-45485",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2021-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039911"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u2019s IPv6 implementation in the __ipv6_select_ident in net/ipv6/output_core.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in the IPv6 implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45485"
},
{
"category": "external",
"summary": "RHBZ#2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45485"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/",
"url": "https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/"
}
],
"release_date": "2021-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in the IPv6 implementation"
},
{
"cve": "CVE-2021-45486",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039914"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u2019s IPv4 implementation in the ip_rt_init in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in the IPv4 implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45486"
},
{
"category": "external",
"summary": "RHBZ#2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45486",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45486"
},
{
"category": "external",
"summary": "https://arxiv.org/pdf/2112.09604.pdf",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
}
],
"release_date": "2021-03-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in the IPv4 implementation"
},
{
"cve": "CVE-2021-47435",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2282879"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dm: fix mempool NULL pointer race when completing IO",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "RHBZ#2282879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47435",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47435"
}
],
"release_date": "2024-05-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: dm: fix mempool NULL pointer race when completing IO"
},
{
"cve": "CVE-2021-47544",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283406"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tcp: fix page frag corruption on page fault",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47544"
},
{
"category": "external",
"summary": "RHBZ#2283406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47544",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47544"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T"
}
],
"release_date": "2024-05-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tcp: fix page frag corruption on page fault"
},
{
"cve": "CVE-2021-47556",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283393"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()\n\nethtool_set_coalesce() now uses both the .get_coalesce() and\n.set_coalesce() callbacks. But the check for their availability is\nbuggy, so changing the coalesce settings on a device where the driver\nprovides only _one_ of the callbacks results in a NULL pointer\ndereference instead of an -EOPNOTSUPP.\n\nFix the condition so that the availability of both callbacks is\nensured. This also matches the netlink code.\n\nNote that reproducing this requires some effort - it only affects the\nlegacy ioctl path, and needs a specific combination of driver options:\n- have .get_coalesce() and .coalesce_supported but no\n .set_coalesce(), or\n- have .set_coalesce() but no .get_coalesce(). Here eg. ethtool doesn\u0027t\n cause the crash as it first attempts to call ethtool_get_coalesce()\n and bails out on error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47556"
},
{
"category": "external",
"summary": "RHBZ#2283393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283393"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47556"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T"
}
],
"release_date": "2024-05-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()"
},
{
"cve": "CVE-2021-47590",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293237"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix deadlock in __mptcp_push_pending()\n\n__mptcp_push_pending() may call mptcp_flush_join_list() with subflow\nsocket lock held. If such call hits mptcp_sockopt_sync_all() then\nsubsequently __mptcp_sockopt_sync() could try to lock the subflow\nsocket for itself, causing a deadlock.\n\nsysrq: Show Blocked State\ntask:ss-server state:D stack: 0 pid: 938 ppid: 1 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2d6/0x10c0\n ? __mod_memcg_state+0x4d/0x70\n ? csum_partial+0xd/0x20\n ? _raw_spin_lock_irqsave+0x26/0x50\n schedule+0x4e/0xc0\n __lock_sock+0x69/0x90\n ? do_wait_intr_irq+0xa0/0xa0\n __lock_sock_fast+0x35/0x50\n mptcp_sockopt_sync_all+0x38/0xc0\n __mptcp_push_pending+0x105/0x200\n mptcp_sendmsg+0x466/0x490\n sock_sendmsg+0x57/0x60\n __sys_sendto+0xf0/0x160\n ? do_wait_intr_irq+0xa0/0xa0\n ? fpregs_restore_userregs+0x12/0xd0\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f9ba546c2d0\nRSP: 002b:00007ffdc3b762d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9ba56c8060 RCX: 00007f9ba546c2d0\nRDX: 000000000000077a RSI: 0000000000e5e180 RDI: 0000000000000234\nRBP: 0000000000cc57f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f9ba56c8060\nR13: 0000000000b6ba60 R14: 0000000000cc7840 R15: 41d8685b1d7901b8\n \u003c/TASK\u003e\n\nFix the issue by using __mptcp_flush_join_list() instead of plain\nmptcp_flush_join_list() inside __mptcp_push_pending(), as suggested by\nFlorian. The sockopt sync will be deferred to the workqueue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mptcp: fix deadlock in __mptcp_push_pending()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47590"
},
{
"category": "external",
"summary": "RHBZ#2293237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47590",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47590"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mptcp: fix deadlock in __mptcp_push_pending()"
},
{
"cve": "CVE-2021-47614",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293265"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix a user-after-free in add_pble_prm\n\nWhen irdma_hmc_sd_one fails, \u0027chunk\u0027 is freed while its still on the PBLE\ninfo list.\n\nAdd the chunk entry to the PBLE info list only after successful setting of\nthe SD in irdma_hmc_sd_one.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/irdma: Fix a user-after-free in add_pble_prm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47614"
},
{
"category": "external",
"summary": "RHBZ#2293265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293265"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47614",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47614"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: RDMA/irdma: Fix a user-after-free in add_pble_prm"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2022-0001",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061712"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The Branch History Injection (BHI) describes a specific form of intra-mode BTI. This flaw allows an unprivileged attacker to manipulate the branch history before transitioning to supervisor or VMX root mode. This issue is an effort to cause an indirect branch predictor to select a specific predictor entry for an indirect branch, and a disclosure gadget at the predicted target will transiently execute. This execution is possible since the relevant branch history may contain branches taken in previous security contexts, and in particular, in other predictor modes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Branch History Injection (BHI)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The current known mechanisms to exploit this issue rely on unprivileged eBPF functionality. Unprivileged eBPF is disabled by default on Red Hat Enterprise Linux.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0001"
},
{
"category": "external",
"summary": "RHBZ#2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0001"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/bhi-spectre-bhb/",
"url": "https://www.vusec.net/projects/bhi-spectre-bhb/"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Disabling unprivileged eBPF effectively mitigates the known attack vectors for exploiting intra-mode branch injections attacks.\n\nThe default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl.\n\nFor the Red Hat Enterprise Linux 7, the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nContinue to enable SMEP and Enhanced IBRS. This is the default setting on eligible CPUs.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Branch History Injection (BHI)"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2022-0002",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061721"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 (BTI) where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently executes. These predictor entries may contain targets corresponding to the targets of an indirect near jump, indirect near call, and near return instructions, even if these branches were only transiently executed. The managed runtimes provide an attacker with the means to create the aliasing required for intra-mode BTI attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Intra-Mode BTI",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The current known mechanisms to exploit this issue rely on unprivileged eBPF functionality. Unprivileged eBPF is disabled by default on Red Hat Enterprise Linux.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0002"
},
{
"category": "external",
"summary": "RHBZ#2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0002"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/bhi-spectre-bhb/",
"url": "https://www.vusec.net/projects/bhi-spectre-bhb/"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Disabling unprivileged eBPF effectively mitigates the known attack vectors for exploiting intra-mode branch injections attacks.\n\nThe default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nContinue to enable SMEP and Enhanced IBRS. This is the default setting on eligible CPUs.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Intra-Mode BTI"
},
{
"acknowledgments": [
{
"names": [
"De4dCr0w"
],
"organization": "360 Vulnerability Research Institute"
}
],
"cve": "CVE-2022-0286",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2037019"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s bonding driver in the way a user bonds non existing or fake device. This flaw allows a local user to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local denial of service in bond_ipsec_add_sa",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0286"
},
{
"category": "external",
"summary": "RHBZ#2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0286"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
}
],
"release_date": "2021-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module bonding from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local denial of service in bond_ipsec_add_sa"
},
{
"cve": "CVE-2022-0322",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2042822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0322"
},
{
"category": "external",
"summary": "RHBZ#2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
}
],
"release_date": "2021-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module SCTP onto the system. Until we have a fix available, this can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c"
},
{
"acknowledgments": [
{
"names": [
"elijahbai"
],
"organization": "Tencent Security Yunding Lab"
}
],
"cve": "CVE-2022-0850",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2060606"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found via ext4_extent_header in fs/ext4/extents.c in the Linux kernel. This flaw could allow a local attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in copy_page_to_iter() in iov_iter.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0850"
},
{
"category": "external",
"summary": "RHBZ#2060606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0850"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0850",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0850"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe"
},
{
"category": "external",
"summary": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"url": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8"
}
],
"release_date": "2021-05-06T19:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in copy_page_to_iter() in iov_iter.c"
},
{
"acknowledgments": [
{
"names": [
"Miklos Szeredi",
"Jann Horn"
]
}
],
"cve": "CVE-2022-1011",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064855"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For the Red Hat Enterprise Linux the issue actual if fuse or fuse3 package is installed on the system and only privileged user can install it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1011"
},
{
"category": "external",
"summary": "RHBZ#2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1011"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/"
}
],
"release_date": "2022-03-07T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3105",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153067"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3105"
},
{
"category": "external",
"summary": "RHBZ#2153067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3105"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3106",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153066"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3106"
},
{
"category": "external",
"summary": "RHBZ#2153066",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153066"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3106"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3108",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153052"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3108"
},
{
"category": "external",
"summary": "RHBZ#2153052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3108"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()"
},
{
"cve": "CVE-2023-0459",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"discovery_date": "2023-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216383"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in copy_from_user in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the \"access_ok\" sanity check and pass a kernel pointer to copy_from_user(), resulting in kernel data leaking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Copy_from_user on 64-bit versions may leak kernel information",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0459"
},
{
"category": "external",
"summary": "RHBZ#2216383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0459",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0459"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c",
"url": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c"
}
],
"release_date": "2020-02-15T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Copy_from_user on 64-bit versions may leak kernel information"
},
{
"cve": "CVE-2023-3022",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2211440"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3022"
},
{
"category": "external",
"summary": "RHBZ#2211440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022"
}
],
"release_date": "2019-04-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails"
}
]
}
rhsa-2022:1975
Vulnerability from csaf_redhat
Published
2022-05-10 13:43
Modified
2025-06-11 15:26
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)
* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)
* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)
* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)
* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)
* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)
* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)
* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)
* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)
* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)
* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)
* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)
* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)
* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)
* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)
* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
* kernel: information leak in the IPv6 implementation (CVE-2021-45485)
* kernel: information leak in the IPv4 implementation (CVE-2021-45486)
* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)
* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)
* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)\n\n* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)\n\n* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)\n\n* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)\n\n* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)\n\n* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)\n\n* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)\n\n* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)\n\n* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)\n\n* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)\n\n* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\n* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)\n\n* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)\n\n* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)\n\n* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)\n\n* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)\n\n* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)\n\n* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)\n\n* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)\n\n* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)\n\n* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)\n\n* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)\n\n* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)\n\n* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)\n\n* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)\n\n* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)\n\n* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)\n\n* kernel: information leak in the IPv6 implementation (CVE-2021-45485)\n\n* kernel: information leak in the IPv4 implementation (CVE-2021-45486)\n\n* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)\n\n* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)\n\n* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)\n\n* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)\n\n* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)\n\n* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1975",
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "1903578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903578"
},
{
"category": "external",
"summary": "1905749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905749"
},
{
"category": "external",
"summary": "1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1975.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2025-06-11T15:26:06+00:00",
"generator": {
"date": "2025-06-11T15:26:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.1"
}
},
"id": "RHSA-2022:1975",
"initial_release_date": "2022-05-10T13:43:14+00:00",
"revision_history": [
{
"date": "2022-05-10T13:43:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T13:43:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-06-11T15:26:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product_id": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-372.9.1.rt7.166.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "NFV-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"relates_to_product_reference": "RT-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0404",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: avoid cyclic entity chains due to malformed USB descriptors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0404"
},
{
"category": "external",
"summary": "RHBZ#1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0404",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module uvcvideo from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: avoid cyclic entity chains due to malformed USB descriptors"
},
{
"cve": "CVE-2020-13974",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2016169"
}
],
"notes": [
{
"category": "description",
"text": "A flaw integer overflow in the Linux kernel\u0027s virtual terminal keyboard driver was found in the way the user sends some specific keyboard code multiple times. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No code depends on this integer overflow so it is unlikely that the vulnerability can be used for anything apart from crashing the system. The impact has been reduced to Moderate from Important based on this analysis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13974"
},
{
"category": "external",
"summary": "RHBZ#2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13974"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
}
],
"release_date": "2020-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c"
},
{
"acknowledgments": [
{
"names": [
"Jeremy Cline"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-27820",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1901726"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\u0027s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in nouveau kernel module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Low impact because the issue can only be triggered by an privileged local user (or user with physical access) as the issue only happens during unbinding the driver or removing the device.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27820"
},
{
"category": "external",
"summary": "RHBZ#1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27820",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/"
}
],
"release_date": "2020-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module nouveau from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free in nouveau kernel module"
},
{
"cve": "CVE-2021-0941",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2018205"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in net/core/filter.c in __bpf_skb_max_len in the Linux kernel. A missing sanity check to the current MTU check may allow a local attacker with special user privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0941"
},
{
"category": "external",
"summary": "RHBZ#2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941"
},
{
"category": "external",
"summary": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0",
"url": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0"
}
],
"release_date": "2021-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free"
},
{
"acknowledgments": [
{
"names": [
"Murray McAllister"
]
}
],
"cve": "CVE-2021-3612",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-06-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1974079"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s joystick devices subsystem, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact because for the Red Hat Enterprise Linux the patch that made it possible writing memory out of bounds not applied yet, but still before that patch possible read out of bounds. Both in the default configuration of Red Hat Enterprise Linux the joysticks devices driver is disabled, so only privileged local user can enable it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "RHBZ#1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3612"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
}
],
"release_date": "2021-06-20T12:28:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module joydev from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()"
},
{
"cve": "CVE-2021-3669",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1986473"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3669"
},
{
"category": "external",
"summary": "RHBZ#1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3669",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3669"
}
],
"release_date": "2021-08-02T06:02:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts"
},
{
"acknowledgments": [
{
"names": [
"Active Defense Lab"
],
"organization": "Venustech"
}
],
"cve": "CVE-2021-3743",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997961"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "There was no shipped kernel version that was seen affected by this problem. These files are not built in our source code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3743"
},
{
"category": "external",
"summary": "RHBZ#1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3743",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3743"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"category": "external",
"summary": "https://lists.openwall.net/netdev/2021/08/17/124",
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
}
],
"release_date": "2021-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c"
},
{
"cve": "CVE-2021-3744",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2000627"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3744"
},
{
"category": "external",
"summary": "RHBZ#2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3744"
},
{
"category": "external",
"summary": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0",
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
}
],
"release_date": "2021-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()"
},
{
"acknowledgments": [
{
"names": [
"Likang Luo"
],
"organization": "NSFOCUS Security Team"
}
],
"cve": "CVE-2021-3752",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999544"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible use-after-free in bluetooth module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because Only local users with privileges to access the sock_dgram Bluetooth socket can trigger this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3752"
},
{
"category": "external",
"summary": "RHBZ#1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3752"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/09/15/4",
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
}
],
"release_date": "2021-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability. The possible solution is to disable Bluetooth completely: https://access.redhat.com/solutions/2682931",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible use-after-free in bluetooth module"
},
{
"acknowledgments": [
{
"names": [
"Yutian Yang"
],
"organization": "Zhejiang University"
}
],
"cve": "CVE-2021-3759",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2021-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999675"
}
],
"notes": [
{
"category": "description",
"text": "A memory overflow vulnerability was found in the Linux kernel\u2019s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3759"
},
{
"category": "external",
"summary": "RHBZ#1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3759",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3759"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3759",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3759"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/",
"url": "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/"
}
],
"release_date": "2021-07-15T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks"
},
{
"cve": "CVE-2021-3764",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2021-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1997467"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u0027s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in ccp_run_aes_gcm_cmd() function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3764"
},
{
"category": "external",
"summary": "RHBZ#1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3764",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3764"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe"
}
],
"release_date": "2021-08-20T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in ccp_run_aes_gcm_cmd() function"
},
{
"cve": "CVE-2021-3772",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2021-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2000694"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: Invalid chunks may be used to remotely remove existing associations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3772"
},
{
"category": "external",
"summary": "RHBZ#2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3772"
}
],
"release_date": "2021-09-08T06:38:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "As the SCTP module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\nif\n# echo \"install sctp /bin/true\" \u003e\u003e /etc/modprobe.d/disable-sctp.conf\n\nThe system will need to be restarted if the SCTP modules are loaded. In most circumstances, the SCTP kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: Invalid chunks may be used to remotely remove existing associations"
},
{
"cve": "CVE-2021-3773",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3773"
},
{
"category": "external",
"summary": "RHBZ#2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3773"
}
],
"release_date": "2021-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients"
},
{
"acknowledgments": [
{
"names": [
"elijahbai, jitxie, huntazhang."
]
}
],
"cve": "CVE-2021-3923",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-11-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019643"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: stack information leak in infiniband RDMA",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3923"
},
{
"category": "external",
"summary": "RHBZ#2019643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3923"
}
],
"release_date": "2021-12-01T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: stack information leak in infiniband RDMA"
},
{
"cve": "CVE-2021-4002",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025726"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible leak or coruption of data residing on hugetlbfs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4002"
},
{
"category": "external",
"summary": "RHBZ#2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4002"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/11/25/1",
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
}
],
"release_date": "2021-11-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible leak or coruption of data residing on hugetlbfs"
},
{
"cve": "CVE-2021-4037",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-11-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2027239"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: security regression for CVE-2018-13405",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Impact is Moderate, because if no configuration problems with the system, then unlikely higher impact than unauthorized read access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4037"
},
{
"category": "external",
"summary": "RHBZ#2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4037",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4037"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4037",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4037"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848"
}
],
"release_date": "2021-09-16T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: security regression for CVE-2018-13405"
},
{
"cve": "CVE-2021-4083",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2029923"
}
],
"notes": [
{
"category": "description",
"text": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fget: check that the fd still exists after getting a ref to it",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4083"
},
{
"category": "external",
"summary": "RHBZ#2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4083"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
}
],
"release_date": "2021-12-03T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: fget: check that the fd still exists after getting a ref to it"
},
{
"cve": "CVE-2021-4093",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2028584"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM\u0027s AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "AMD Secure Encrypted Virtualization (SEV) is currently provided as a Technology Preview in RHEL and, therefore, unsupported for production use. For additional details please see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4093"
},
{
"category": "external",
"summary": "RHBZ#2028584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4093"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2222",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2222"
}
],
"release_date": "2021-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io"
},
{
"cve": "CVE-2021-4157",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034342"
}
],
"notes": [
{
"category": "description",
"text": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Buffer overwrite in decode_nfs_fh function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4157"
},
{
"category": "external",
"summary": "RHBZ#2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4157"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/"
}
],
"release_date": "2021-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Buffer overwrite in decode_nfs_fh function"
},
{
"cve": "CVE-2021-4197",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035652"
}
],
"notes": [
{
"category": "description",
"text": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: cgroup: Use open-time creds and namespace for migration perm checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4197"
},
{
"category": "external",
"summary": "RHBZ#2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4197"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/",
"url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/"
}
],
"release_date": "2021-09-12T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "The mitigation not known. However, for the default configuration of the Red Hat Enterprise Linux it is not possible to trigger this vulnerability: if control groups (cgroups) not being used or being used with the default configuration or being used some other configuration where for example similar privileges for all processes (both for parent and for child processes), then no way to trigger this vulnerability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: cgroup: Use open-time creds and namespace for migration perm checks"
},
{
"cve": "CVE-2021-4203",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2036934"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4203"
},
{
"category": "external",
"summary": "RHBZ#2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4203"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/",
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/"
}
],
"release_date": "2021-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses"
},
{
"acknowledgments": [
{
"names": [
"Keyu Man, Xin\u0027an Zhou and Zhiyun Qian"
],
"organization": "University of California, Riverside"
}
],
"cve": "CVE-2021-20322",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2021-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2014230"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because of the attack scenario limitation. It is possible to harm the networking services only, but not for the overall system under attack, and impossible to get access to this remote system under attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20322"
},
{
"category": "external",
"summary": "RHBZ#2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20322",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20322"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
}
],
"release_date": "2021-08-26T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies"
},
{
"acknowledgments": [
{
"names": [
"AMD"
]
}
],
"cve": "CVE-2021-26401",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061700"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation (MITIGATION V2-2) may be large enough to be exploited on AMD CPUs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26401"
},
{
"category": "external",
"summary": "RHBZ#2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26401"
},
{
"category": "external",
"summary": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "AMD recommends mitigation that uses generic retpoline.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715"
},
{
"cve": "CVE-2021-29154",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1946684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can abuse a flaw in eBPF to corrupt memory. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Moderate impact as eBPF requires a privileged user on Red Hat Enterprise Linux to correctly load eBPF instructions that can be exploited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29154"
},
{
"category": "external",
"summary": "RHBZ#1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29154"
}
],
"release_date": "2021-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "This issue does not affect most systems by default. An administrator would need to have enabled the BPF JIT to be affected.\n\nIt can be disabled immediately with the command:\n\n# echo 0 \u003e /proc/sys/net/core/bpf_jit_enable\n\nOr it can be disabled for all subsequent boots of the system by setting a value in /etc/sysctl.d/44-bpf-jit-disable\n\n## start file ##\n\nnet.core.bpf_jit_enable=0\n\n## end file ##",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation"
},
{
"cve": "CVE-2021-37159",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-07-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1985353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw use-after-free in the Linux kernel USB High Speed Mobile Devices functionality was found in the way user detaches USB device. A local user could use this flaw to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37159"
},
{
"category": "external",
"summary": "RHBZ#1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37159"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/linux-usb/msg202228.html",
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
}
],
"release_date": "2020-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module hso from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c"
},
{
"cve": "CVE-2021-41864",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2010463"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory write flaw was found in prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the bpf in the Linux kernel. In this flaw, the multiplication to calculate the size could lead to an integer overflow which could allow a local attacker, with a special user privilege, to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41864"
},
{
"category": "external",
"summary": "RHBZ#2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41864"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a",
"url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a"
}
],
"release_date": "2021-09-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write"
},
{
"cve": "CVE-2021-42739",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-04-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1951739"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap buffer overflow in firedtv driver",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42739"
},
{
"category": "external",
"summary": "RHBZ#1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42739",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42739"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/",
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/"
}
],
"release_date": "2021-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module firedtv from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap buffer overflow in firedtv driver"
},
{
"acknowledgments": [
{
"names": [
"Active Defense Lab"
],
"organization": "Venustech"
}
],
"cve": "CVE-2021-43389",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2013180"
}
],
"notes": [
{
"category": "description",
"text": "An improper validation of an array index and out of bounds memory read in the Linux kernel\u0027s Integrated Services Digital Network (ISDN) functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43389"
},
{
"category": "external",
"summary": "RHBZ#2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43389"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43389",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43389"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/",
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/"
}
],
"release_date": "2021-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module isdn from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c"
},
{
"cve": "CVE-2021-43976",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025003"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recv_type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43976"
},
{
"category": "external",
"summary": "RHBZ#2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43976"
},
{
"category": "external",
"summary": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/",
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/"
}
],
"release_date": "2021-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device"
},
{
"acknowledgments": [
{
"names": [
"Patrik Lantz"
],
"organization": "axis.com"
}
],
"cve": "CVE-2021-44733",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030747"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw in the Linux kernel TEE (Trusted Execution Environment) subsystem was found in the way user calls ioctl TEE_IOC_OPEN_SESSION or TEE_IOC_INVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with the CONFIG_PREEMPT option or CONFIG_CPU_SW_DOMAIN_PAN option enabled, then it is unlikely that a user can trigger this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in the TEE subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44733"
},
{
"category": "external",
"summary": "RHBZ#2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44733"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44733",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44733"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/",
"url": "https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/"
}
],
"release_date": "2021-12-14T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the modules tee, trusted_tee from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in the TEE subsystem"
},
{
"cve": "CVE-2021-45485",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2021-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039911"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u2019s IPv6 implementation in the __ipv6_select_ident in net/ipv6/output_core.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in the IPv6 implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45485"
},
{
"category": "external",
"summary": "RHBZ#2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45485"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/",
"url": "https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/"
}
],
"release_date": "2021-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in the IPv6 implementation"
},
{
"cve": "CVE-2021-45486",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039914"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u2019s IPv4 implementation in the ip_rt_init in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in the IPv4 implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45486"
},
{
"category": "external",
"summary": "RHBZ#2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45486",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45486"
},
{
"category": "external",
"summary": "https://arxiv.org/pdf/2112.09604.pdf",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
}
],
"release_date": "2021-03-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in the IPv4 implementation"
},
{
"cve": "CVE-2021-47435",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2282879"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix mempool NULL pointer race when completing IO\n\ndm_io_dec_pending() calls end_io_acct() first and will then dec md\nin-flight pending count. But if a task is swapping DM table at same\ntime this can result in a crash due to mempool-\u003eelements being NULL:\n\ntask1 task2\ndo_resume\n -\u003edo_suspend\n -\u003edm_wait_for_completion\n bio_endio\n\t\t\t\t -\u003eclone_endio\n\t\t\t\t -\u003edm_io_dec_pending\n\t\t\t\t -\u003eend_io_acct\n\t\t\t\t -\u003ewakeup task1\n -\u003edm_swap_table\n -\u003e__bind\n -\u003e__bind_mempools\n -\u003ebioset_exit\n -\u003emempool_exit\n -\u003efree_io\n\n[ 67.330330] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n......\n[ 67.330494] pstate: 80400085 (Nzcv daIf +PAN -UAO)\n[ 67.330510] pc : mempool_free+0x70/0xa0\n[ 67.330515] lr : mempool_free+0x4c/0xa0\n[ 67.330520] sp : ffffff8008013b20\n[ 67.330524] x29: ffffff8008013b20 x28: 0000000000000004\n[ 67.330530] x27: ffffffa8c2ff40a0 x26: 00000000ffff1cc8\n[ 67.330535] x25: 0000000000000000 x24: ffffffdada34c800\n[ 67.330541] x23: 0000000000000000 x22: ffffffdada34c800\n[ 67.330547] x21: 00000000ffff1cc8 x20: ffffffd9a1304d80\n[ 67.330552] x19: ffffffdada34c970 x18: 000000b312625d9c\n[ 67.330558] x17: 00000000002dcfbf x16: 00000000000006dd\n[ 67.330563] x15: 000000000093b41e x14: 0000000000000010\n[ 67.330569] x13: 0000000000007f7a x12: 0000000034155555\n[ 67.330574] x11: 0000000000000001 x10: 0000000000000001\n[ 67.330579] x9 : 0000000000000000 x8 : 0000000000000000\n[ 67.330585] x7 : 0000000000000000 x6 : ffffff80148b5c1a\n[ 67.330590] x5 : ffffff8008013ae0 x4 : 0000000000000001\n[ 67.330596] x3 : ffffff80080139c8 x2 : ffffff801083bab8\n[ 67.330601] x1 : 0000000000000000 x0 : ffffffdada34c970\n[ 67.330609] Call trace:\n[ 67.330616] mempool_free+0x70/0xa0\n[ 67.330627] bio_put+0xf8/0x110\n[ 67.330638] dec_pending+0x13c/0x230\n[ 67.330644] clone_endio+0x90/0x180\n[ 67.330649] bio_endio+0x198/0x1b8\n[ 67.330655] dec_pending+0x190/0x230\n[ 67.330660] clone_endio+0x90/0x180\n[ 67.330665] bio_endio+0x198/0x1b8\n[ 67.330673] blk_update_request+0x214/0x428\n[ 67.330683] scsi_end_request+0x2c/0x300\n[ 67.330688] scsi_io_completion+0xa0/0x710\n[ 67.330695] scsi_finish_command+0xd8/0x110\n[ 67.330700] scsi_softirq_done+0x114/0x148\n[ 67.330708] blk_done_softirq+0x74/0xd0\n[ 67.330716] __do_softirq+0x18c/0x374\n[ 67.330724] irq_exit+0xb4/0xb8\n[ 67.330732] __handle_domain_irq+0x84/0xc0\n[ 67.330737] gic_handle_irq+0x148/0x1b0\n[ 67.330744] el1_irq+0xe8/0x190\n[ 67.330753] lpm_cpuidle_enter+0x4f8/0x538\n[ 67.330759] cpuidle_enter_state+0x1fc/0x398\n[ 67.330764] cpuidle_enter+0x18/0x20\n[ 67.330772] do_idle+0x1b4/0x290\n[ 67.330778] cpu_startup_entry+0x20/0x28\n[ 67.330786] secondary_start_kernel+0x160/0x170\n\nFix this by:\n1) Establishing pointers to \u0027struct dm_io\u0027 members in\ndm_io_dec_pending() so that they may be passed into end_io_acct()\n_after_ free_io() is called.\n2) Moving end_io_acct() after free_io().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dm: fix mempool NULL pointer race when completing IO",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47435"
},
{
"category": "external",
"summary": "RHBZ#2282879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47435",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47435"
}
],
"release_date": "2024-05-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: dm: fix mempool NULL pointer race when completing IO"
},
{
"cve": "CVE-2021-47544",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283406"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tcp: fix page frag corruption on page fault",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47544"
},
{
"category": "external",
"summary": "RHBZ#2283406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47544"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47544",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47544"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T"
}
],
"release_date": "2024-05-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tcp: fix page frag corruption on page fault"
},
{
"cve": "CVE-2021-47556",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283393"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()\n\nethtool_set_coalesce() now uses both the .get_coalesce() and\n.set_coalesce() callbacks. But the check for their availability is\nbuggy, so changing the coalesce settings on a device where the driver\nprovides only _one_ of the callbacks results in a NULL pointer\ndereference instead of an -EOPNOTSUPP.\n\nFix the condition so that the availability of both callbacks is\nensured. This also matches the netlink code.\n\nNote that reproducing this requires some effort - it only affects the\nlegacy ioctl path, and needs a specific combination of driver options:\n- have .get_coalesce() and .coalesce_supported but no\n .set_coalesce(), or\n- have .set_coalesce() but no .get_coalesce(). Here eg. ethtool doesn\u0027t\n cause the crash as it first attempts to call ethtool_get_coalesce()\n and bails out on error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47556"
},
{
"category": "external",
"summary": "RHBZ#2283393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283393"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47556"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T"
}
],
"release_date": "2024-05-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()"
},
{
"cve": "CVE-2021-47590",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293237"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix deadlock in __mptcp_push_pending()\n\n__mptcp_push_pending() may call mptcp_flush_join_list() with subflow\nsocket lock held. If such call hits mptcp_sockopt_sync_all() then\nsubsequently __mptcp_sockopt_sync() could try to lock the subflow\nsocket for itself, causing a deadlock.\n\nsysrq: Show Blocked State\ntask:ss-server state:D stack: 0 pid: 938 ppid: 1 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2d6/0x10c0\n ? __mod_memcg_state+0x4d/0x70\n ? csum_partial+0xd/0x20\n ? _raw_spin_lock_irqsave+0x26/0x50\n schedule+0x4e/0xc0\n __lock_sock+0x69/0x90\n ? do_wait_intr_irq+0xa0/0xa0\n __lock_sock_fast+0x35/0x50\n mptcp_sockopt_sync_all+0x38/0xc0\n __mptcp_push_pending+0x105/0x200\n mptcp_sendmsg+0x466/0x490\n sock_sendmsg+0x57/0x60\n __sys_sendto+0xf0/0x160\n ? do_wait_intr_irq+0xa0/0xa0\n ? fpregs_restore_userregs+0x12/0xd0\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f9ba546c2d0\nRSP: 002b:00007ffdc3b762d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f9ba56c8060 RCX: 00007f9ba546c2d0\nRDX: 000000000000077a RSI: 0000000000e5e180 RDI: 0000000000000234\nRBP: 0000000000cc57f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f9ba56c8060\nR13: 0000000000b6ba60 R14: 0000000000cc7840 R15: 41d8685b1d7901b8\n \u003c/TASK\u003e\n\nFix the issue by using __mptcp_flush_join_list() instead of plain\nmptcp_flush_join_list() inside __mptcp_push_pending(), as suggested by\nFlorian. The sockopt sync will be deferred to the workqueue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mptcp: fix deadlock in __mptcp_push_pending()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47590"
},
{
"category": "external",
"summary": "RHBZ#2293237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47590",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47590"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mptcp: fix deadlock in __mptcp_push_pending()"
},
{
"cve": "CVE-2021-47614",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293265"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s RDMA/irdma driver. Improper memory management in the add_pble_prm function fails to manage memory correctly, resulting in a user-after-free condition that can lead to exploitation. This flaw allows an attacker to manipulate memory access potentially, resulting in data corruption or system crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/irdma: Fix a user-after-free in add_pble_prm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47614"
},
{
"category": "external",
"summary": "RHBZ#2293265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293265"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47614",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47614"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: RDMA/irdma: Fix a user-after-free in add_pble_prm"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2022-0001",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061712"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The Branch History Injection (BHI) describes a specific form of intra-mode BTI. This flaw allows an unprivileged attacker to manipulate the branch history before transitioning to supervisor or VMX root mode. This issue is an effort to cause an indirect branch predictor to select a specific predictor entry for an indirect branch, and a disclosure gadget at the predicted target will transiently execute. This execution is possible since the relevant branch history may contain branches taken in previous security contexts, and in particular, in other predictor modes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Branch History Injection (BHI)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The current known mechanisms to exploit this issue rely on unprivileged eBPF functionality. Unprivileged eBPF is disabled by default on Red Hat Enterprise Linux.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0001"
},
{
"category": "external",
"summary": "RHBZ#2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0001"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/bhi-spectre-bhb/",
"url": "https://www.vusec.net/projects/bhi-spectre-bhb/"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Disabling unprivileged eBPF effectively mitigates the known attack vectors for exploiting intra-mode branch injections attacks.\n\nThe default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl.\n\nFor the Red Hat Enterprise Linux 7, the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nContinue to enable SMEP and Enhanced IBRS. This is the default setting on eligible CPUs.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Branch History Injection (BHI)"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2022-0002",
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061721"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 (BTI) where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently executes. These predictor entries may contain targets corresponding to the targets of an indirect near jump, indirect near call, and near return instructions, even if these branches were only transiently executed. The managed runtimes provide an attacker with the means to create the aliasing required for intra-mode BTI attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Intra-Mode BTI",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The current known mechanisms to exploit this issue rely on unprivileged eBPF functionality. Unprivileged eBPF is disabled by default on Red Hat Enterprise Linux.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0002"
},
{
"category": "external",
"summary": "RHBZ#2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0002"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/bhi-spectre-bhb/",
"url": "https://www.vusec.net/projects/bhi-spectre-bhb/"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Disabling unprivileged eBPF effectively mitigates the known attack vectors for exploiting intra-mode branch injections attacks.\n\nThe default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nContinue to enable SMEP and Enhanced IBRS. This is the default setting on eligible CPUs.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Intra-Mode BTI"
},
{
"acknowledgments": [
{
"names": [
"De4dCr0w"
],
"organization": "360 Vulnerability Research Institute"
}
],
"cve": "CVE-2022-0286",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2037019"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s bonding driver in the way a user bonds non existing or fake device. This flaw allows a local user to crash the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Local denial of service in bond_ipsec_add_sa",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0286"
},
{
"category": "external",
"summary": "RHBZ#2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0286"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
}
],
"release_date": "2021-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module bonding from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Local denial of service in bond_ipsec_add_sa"
},
{
"cve": "CVE-2022-0322",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2021-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2042822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0322"
},
{
"category": "external",
"summary": "RHBZ#2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0322"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
}
],
"release_date": "2021-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module SCTP onto the system. Until we have a fix available, this can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c"
},
{
"acknowledgments": [
{
"names": [
"elijahbai"
],
"organization": "Tencent Security Yunding Lab"
}
],
"cve": "CVE-2022-0850",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2060606"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found via ext4_extent_header in fs/ext4/extents.c in the Linux kernel. This flaw could allow a local attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak in copy_page_to_iter() in iov_iter.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0850"
},
{
"category": "external",
"summary": "RHBZ#2060606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0850"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0850",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0850"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe"
},
{
"category": "external",
"summary": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"url": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8"
}
],
"release_date": "2021-05-06T19:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: information leak in copy_page_to_iter() in iov_iter.c"
},
{
"acknowledgments": [
{
"names": [
"Miklos Szeredi",
"Jann Horn"
]
}
],
"cve": "CVE-2022-1011",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064855"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For the Red Hat Enterprise Linux the issue actual if fuse or fuse3 package is installed on the system and only privileged user can install it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1011"
},
{
"category": "external",
"summary": "RHBZ#2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1011"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/"
}
],
"release_date": "2022-03-07T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3105",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153067"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3105"
},
{
"category": "external",
"summary": "RHBZ#2153067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3105"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3106",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153066"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3106"
},
{
"category": "external",
"summary": "RHBZ#2153066",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153066"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3106"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3106",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3106"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()"
},
{
"acknowledgments": [
{
"names": [
"Jiasheng Jiang"
]
}
],
"cve": "CVE-2022-3108",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153052"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3108"
},
{
"category": "external",
"summary": "RHBZ#2153052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3108",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3108"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drm/amdkfd: NULL pointer dereference in kfd_parse_subtype_iolink()"
},
{
"cve": "CVE-2023-0459",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"discovery_date": "2023-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216383"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in copy_from_user in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the \"access_ok\" sanity check and pass a kernel pointer to copy_from_user(), resulting in kernel data leaking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Copy_from_user on 64-bit versions may leak kernel information",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0459"
},
{
"category": "external",
"summary": "RHBZ#2216383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0459",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0459"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c",
"url": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c"
}
],
"release_date": "2020-02-15T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Copy_from_user on 64-bit versions may leak kernel information"
},
{
"cve": "CVE-2023-3022",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2023-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2211440"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3022"
},
{
"category": "external",
"summary": "RHBZ#2211440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3022"
}
],
"release_date": "2019-04-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:43:14+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"NFV-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"NFV-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.src",
"RT-8.6.0.GA:kernel-rt-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-core-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-devel-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-kvm-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-0:4.18.0-372.9.1.rt7.166.el8.x86_64",
"RT-8.6.0.GA:kernel-rt-modules-extra-0:4.18.0-372.9.1.rt7.166.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails"
}
]
}
RHSA-2022:1988
Vulnerability from csaf_redhat
Published
2022-05-10 13:58
Modified
2025-06-16 20:29
Summary
Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)
* kernel: speculation on incompletely validated data on IBM Power9 (CVE-2020-4788)
* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)
* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)
* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)
* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)
* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)
* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)
* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)
* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)
* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)
* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)
* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)
* kernel: arm: SIGPAGE information disclosure vulnerability (CVE-2021-21781)
* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)
* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)
* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
* kernel: ppc: kvm: allows a malicious KVM guest to crash the host (CVE-2021-43056)
* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)
* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
* kernel: information leak in the IPv6 implementation (CVE-2021-45485)
* kernel: information leak in the IPv4 implementation (CVE-2021-45486)
* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)
* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)
* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)\n\n* kernel: avoid cyclic entity chains due to malformed USB descriptors (CVE-2020-0404)\n\n* kernel: speculation on incompletely validated data on IBM Power9 (CVE-2020-4788)\n\n* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c (CVE-2020-13974)\n\n* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free (CVE-2021-0941)\n\n* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP() (CVE-2021-3612)\n\n* kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts (CVE-2021-3669)\n\n* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743)\n\n* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (CVE-2021-3744)\n\n* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)\n\n* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks (CVE-2021-3759)\n\n* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\n* kernel: sctp: Invalid chunks may be used to remotely remove existing associations (CVE-2021-3772)\n\n* kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients (CVE-2021-3773)\n\n* kernel: possible leak or coruption of data residing on hugetlbfs (CVE-2021-4002)\n\n* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)\n\n* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)\n\n* kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)\n\n* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)\n\n* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)\n\n* kernel: arm: SIGPAGE information disclosure vulnerability (CVE-2021-21781)\n\n* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)\n\n* kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154)\n\n* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c (CVE-2021-37159)\n\n* kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write (CVE-2021-41864)\n\n* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)\n\n* kernel: ppc: kvm: allows a malicious KVM guest to crash the host (CVE-2021-43056)\n\n* kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (CVE-2021-43389)\n\n* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)\n\n* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)\n\n* kernel: information leak in the IPv6 implementation (CVE-2021-45485)\n\n* kernel: information leak in the IPv4 implementation (CVE-2021-45486)\n\n* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)\n\n* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)\n\n* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)\n\n* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c (CVE-2022-0322)\n\n* kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (CVE-2022-1011)\n\n* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1988",
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "1888433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888433"
},
{
"category": "external",
"summary": "1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "1946684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946684"
},
{
"category": "external",
"summary": "1951739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"category": "external",
"summary": "1957375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957375"
},
{
"category": "external",
"summary": "1974079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"category": "external",
"summary": "1978123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1978123"
},
{
"category": "external",
"summary": "1981950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981950"
},
{
"category": "external",
"summary": "1983894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983894"
},
{
"category": "external",
"summary": "1985353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985353"
},
{
"category": "external",
"summary": "1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
},
{
"category": "external",
"summary": "1994390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994390"
},
{
"category": "external",
"summary": "1997338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997338"
},
{
"category": "external",
"summary": "1997467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467"
},
{
"category": "external",
"summary": "1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"category": "external",
"summary": "1999544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"category": "external",
"summary": "1999675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999675"
},
{
"category": "external",
"summary": "2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"category": "external",
"summary": "2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"category": "external",
"summary": "2004949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"category": "external",
"summary": "2009312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009312"
},
{
"category": "external",
"summary": "2009521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009521"
},
{
"category": "external",
"summary": "2010463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010463"
},
{
"category": "external",
"summary": "2011104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011104"
},
{
"category": "external",
"summary": "2013180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"category": "external",
"summary": "2014230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"category": "external",
"summary": "2015525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015525"
},
{
"category": "external",
"summary": "2015755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015755"
},
{
"category": "external",
"summary": "2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "2017073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2017073"
},
{
"category": "external",
"summary": "2017796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2017796"
},
{
"category": "external",
"summary": "2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "2022814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2022814"
},
{
"category": "external",
"summary": "2025003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025003"
},
{
"category": "external",
"summary": "2025726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"category": "external",
"summary": "2027239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027239"
},
{
"category": "external",
"summary": "2029923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"category": "external",
"summary": "2030476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030476"
},
{
"category": "external",
"summary": "2030747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030747"
},
{
"category": "external",
"summary": "2031200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031200"
},
{
"category": "external",
"summary": "2034342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342"
},
{
"category": "external",
"summary": "2035652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652"
},
{
"category": "external",
"summary": "2036934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"category": "external",
"summary": "2037019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037019"
},
{
"category": "external",
"summary": "2039911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039911"
},
{
"category": "external",
"summary": "2039914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039914"
},
{
"category": "external",
"summary": "2042798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042798"
},
{
"category": "external",
"summary": "2042822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"category": "external",
"summary": "2043453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043453"
},
{
"category": "external",
"summary": "2046021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046021"
},
{
"category": "external",
"summary": "2048251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048251"
},
{
"category": "external",
"summary": "2061700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061700"
},
{
"category": "external",
"summary": "2061712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061712"
},
{
"category": "external",
"summary": "2061721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061721"
},
{
"category": "external",
"summary": "2064855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1988.json"
}
],
"title": "Red Hat Security Advisory: kernel security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-06-16T20:29:09+00:00",
"generator": {
"date": "2025-06-16T20:29:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.1"
}
},
"id": "RHSA-2022:1988",
"initial_release_date": "2022-05-10T13:58:00+00:00",
"revision_history": [
{
"date": "2022-05-10T13:58:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T13:58:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-06-16T20:29:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "bpftool-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "bpftool-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "perf-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "perf-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.9.1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.9.1.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "perf-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "perf-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.9.1.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "bpftool-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "bpftool-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "perf-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "perf-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.9.1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.9.1.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "bpftool-0:4.18.0-372.9.1.el8.s390x",
"product_id": "bpftool-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-core-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "perf-0:4.18.0-372.9.1.el8.s390x",
"product_id": "perf-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.s390x",
"product_id": "python3-perf-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.9.1.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.9.1.el8.src",
"product": {
"name": "kernel-0:4.18.0-372.9.1.el8.src",
"product_id": "kernel-0:4.18.0-372.9.1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.9.1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"product": {
"name": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"product_id": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-stablelists@4.18.0-372.9.1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"product_id": "kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-372.9.1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.src",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch"
},
"product_reference": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-372.9.1.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "bpftool-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.src",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch"
},
"product_reference": "kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-372.9.1.el8.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "perf-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"relates_to_product_reference": "CRB-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"relates_to_product_reference": "CRB-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0404",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2021-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: avoid cyclic entity chains due to malformed USB descriptors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0404"
},
{
"category": "external",
"summary": "RHBZ#1919791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0404",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0404"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:58:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module uvcvideo from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: avoid cyclic entity chains due to malformed USB descriptors"
},
{
"acknowledgments": [
{
"names": [
"Anthony Steinhauser"
],
"organization": "Google\u0027s Safeside Project"
}
],
"cve": "CVE-2020-4788",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1888433"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. IBM Power9 processors can speculatively operate on data stored in the L1 cache before it has been completely validated. The attack has limited access to memory and is only able to access memory normally permissible to the execution context. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: speculation on incompletely validated data on IBM Power9",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-4788"
},
{
"category": "external",
"summary": "RHBZ#1888433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-4788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4788"
},
{
"category": "external",
"summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linuxppc-dev/20201119231333.361771-1-dja@axtens.net/T/#me4f6a44748747e3327d27cd95200bf7a87486ffc",
"url": "https://lore.kernel.org/linuxppc-dev/20201119231333.361771-1-dja@axtens.net/T/#me4f6a44748747e3327d27cd95200bf7a87486ffc"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2020/11/20/3",
"url": "https://www.openwall.com/lists/oss-security/2020/11/20/3"
}
],
"release_date": "2020-11-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:58:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: speculation on incompletely validated data on IBM Power9"
},
{
"cve": "CVE-2020-13974",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2016169"
}
],
"notes": [
{
"category": "description",
"text": "A flaw integer overflow in the Linux kernel\u0027s virtual terminal keyboard driver was found in the way the user sends some specific keyboard code multiple times. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No code depends on this integer overflow so it is unlikely that the vulnerability can be used for anything apart from crashing the system. The impact has been reduced to Moderate from Important based on this analysis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13974"
},
{
"category": "external",
"summary": "RHBZ#2016169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13974"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae"
}
],
"release_date": "2020-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:58:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c"
},
{
"acknowledgments": [
{
"names": [
"Jeremy Cline"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-27820",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1901726"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\u0027s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in nouveau kernel module",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Low impact because the issue can only be triggered by an privileged local user (or user with physical access) as the issue only happens during unbinding the driver or removing the device.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27820"
},
{
"category": "external",
"summary": "RHBZ#1901726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27820",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27820"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/",
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/"
}
],
"release_date": "2020-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:58:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module nouveau from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free in nouveau kernel module"
},
{
"cve": "CVE-2021-0941",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2018205"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in net/core/filter.c in __bpf_skb_max_len in the Linux kernel. A missing sanity check to the current MTU check may allow a local attacker with special user privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0941"
},
{
"category": "external",
"summary": "RHBZ#2018205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0941"
},
{
"category": "external",
"summary": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0",
"url": "https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0"
}
],
"release_date": "2021-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T13:58:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",
"BaseOS-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-abi-stablelists-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-cross-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-core-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debug-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-aarch64-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-ppc64le-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-s390x-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-debuginfo-common-x86_64-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-doc-0:4.18.0-372.9.1.el8.noarch",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-headers-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-modules-extra-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-tools-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:kernel-tools-libs-devel-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:kernel-zfcpdump-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-core-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-devel-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:kernel-zfcpdump-modules-extra-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-0:4.18.0-372.9.1.el8.x86_64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"BaseOS-8.6.0.GA:python3-perf-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:bpftool-debuginfo-0:4.18.0-372.9.1.el8.x86_64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.aarch64",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.ppc64le",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.s390x",
"CRB-8.6.0.GA:kernel-0:4.18.0-372.9.1.el8.src",