var-202105-1477
Vulnerability from variot

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design. The attacker can inject selected network packets. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. 8) - x86_64

  1. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es): * kernel: out-of-bounds reads in pinctrl subsystem. Bugs fixed (https://bugzilla.redhat.com/):

2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

  1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:4356-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4356 Issue date: 2021-11-09 CVE Names: CVE-2020-0427 CVE-2020-24502 CVE-2020-24503 CVE-2020-24504 CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147 CVE-2020-27777 CVE-2020-29368 CVE-2020-29660 CVE-2020-36158 CVE-2020-36386 CVE-2021-0129 CVE-2021-3348 CVE-2021-3489 CVE-2021-3564 CVE-2021-3573 CVE-2021-3600 CVE-2021-3635 CVE-2021-3659 CVE-2021-3679 CVE-2021-3732 CVE-2021-20194 CVE-2021-20239 CVE-2021-23133 CVE-2021-28950 CVE-2021-28971 CVE-2021-29155 CVE-2021-29646 CVE-2021-29650 CVE-2021-31440 CVE-2021-31829 CVE-2021-31916 CVE-2021-33200 ==================================================================== 1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es): * kernel: out-of-bounds reads in pinctrl subsystem (CVE-2020-0427) * kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502) * kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503) * kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504) * kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586) * kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587) * kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588) * kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139) * kernel: accepting plaintext data frames in protected networks (CVE-2020-26140) * kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141) * kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143) * kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144) * kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145) * kernel: powerpc: RTAS calls can be used to compromise kernel integrity (CVE-2020-27777) * kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660) * kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158) * kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386) * kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129) * kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c (CVE-2021-3348) * kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489) * kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564) * kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573) * kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600) * kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679) * kernel: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732) * kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194) * kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133) * kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950) * kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c (CVE-2021-28971) * kernel: protection can be bypassed to leak content of kernel memory (CVE-2021-29155) * kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c (CVE-2021-29646) * kernel: lack a full memory barrier may lead to DoS (CVE-2021-29650) * kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440) * kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829) * kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200) * kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146) * kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147) * kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368) * kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 (CVE-2021-3635) * kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (CVE-2021-3659) * kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239) * kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)

  1. Solution:

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1509204 - dlm: Add ability to set SO_MARK on DLM sockets 1793880 - Unreliable RTC synchronization (11-minute mode) 1816493 - [RHEL 8.3] Discard request from mkfs.xfs takes too much time on raid10 1900844 - CVE-2020-27777 kernel: powerpc: RTAS calls can be used to compromise kernel integrity 1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check 1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free 1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() 1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value 1915825 - Allow falling back to genfscon labeling when the FS doesn't support xattrs and there is a fs_use_xattr rule for it 1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem. 1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c 1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure 1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers 1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers 1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers 1933527 - Files on cifs mount can get mixed contents when underlying file is removed but inode number is reused, when mounted with 'serverino' and 'cache=strict ' 1939341 - CNB: net: add inline function skb_csum_is_sctp 1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode 1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c 1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c 1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS 1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c 1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del 1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory 1953847 - [ethtool] The NLM_F_MULTI should be used for NLM_F_DUMP 1954588 - RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. 1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory 1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation 1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection 1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys 1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame 1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client 1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks 1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames 1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks 1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header 1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames 1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers 1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments 1960708 - please add CAP_CHECKPOINT_RESTORE to capability.h 1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs 1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails 1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability. 1965360 - kernel: get_timespec64 does not ignore padding in compat syscalls 1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier 1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl() 1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c 1971101 - ceph: potential data corruption in cephfs write_begin codepath 1972278 - libceph: allow addrvecs with a single NONE/blank address 1974627 - [TIPC] kernel BUG at lib/list_debug.c:31! 1975182 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer [rhel-8.5.0] 1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c 1976679 - blk-mq: fix/improve io scheduler batching dispatch 1976699 - [SCTP]WARNING: CPU: 29 PID: 3165 at mm/page_alloc.c:4579 __alloc_pages_slowpath+0xb74/0xd00 1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 1976969 - XFS: followup to XFS sync to upstream v5.10 (re BZ1937116) 1977162 - [XDP] test program warning: libbpf: elf: skipping unrecognized data section(16) .eh_frame 1977422 - Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel 1977537 - RHEL8.5: Update the kernel workqueue code to v5.12 level 1977850 - geneve virtual devices lack the NETIF_F_FRAGLIST feature 1978369 - dm writecache: sync with upstream 5.14 1979070 - Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?) 1979680 - Backport openvswitch tracepoints 1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod 1986138 - Lockd invalid cast to nlm_lockowner 1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty() 1989999 - ceph omnibus backport for RHEL-8.5.0 1991976 - block: fix New warning in nvme_setup_discard 1992700 - blk-mq: fix kernel panic when iterating over flush request 1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files 1996854 - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()

  1. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source: kernel-4.18.0-348.el8.src.rpm

aarch64: bpftool-4.18.0-348.el8.aarch64.rpm bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-4.18.0-348.el8.aarch64.rpm kernel-core-4.18.0-348.el8.aarch64.rpm kernel-cross-headers-4.18.0-348.el8.aarch64.rpm kernel-debug-4.18.0-348.el8.aarch64.rpm kernel-debug-core-4.18.0-348.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debug-devel-4.18.0-348.el8.aarch64.rpm kernel-debug-modules-4.18.0-348.el8.aarch64.rpm kernel-debug-modules-extra-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm kernel-devel-4.18.0-348.el8.aarch64.rpm kernel-headers-4.18.0-348.el8.aarch64.rpm kernel-modules-4.18.0-348.el8.aarch64.rpm kernel-modules-extra-4.18.0-348.el8.aarch64.rpm kernel-tools-4.18.0-348.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-tools-libs-4.18.0-348.el8.aarch64.rpm perf-4.18.0-348.el8.aarch64.rpm perf-debuginfo-4.18.0-348.el8.aarch64.rpm python3-perf-4.18.0-348.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm

noarch: kernel-abi-stablelists-4.18.0-348.el8.noarch.rpm kernel-doc-4.18.0-348.el8.noarch.rpm

ppc64le: bpftool-4.18.0-348.el8.ppc64le.rpm bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-4.18.0-348.el8.ppc64le.rpm kernel-core-4.18.0-348.el8.ppc64le.rpm kernel-cross-headers-4.18.0-348.el8.ppc64le.rpm kernel-debug-4.18.0-348.el8.ppc64le.rpm kernel-debug-core-4.18.0-348.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debug-devel-4.18.0-348.el8.ppc64le.rpm kernel-debug-modules-4.18.0-348.el8.ppc64le.rpm kernel-debug-modules-extra-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm kernel-devel-4.18.0-348.el8.ppc64le.rpm kernel-headers-4.18.0-348.el8.ppc64le.rpm kernel-modules-4.18.0-348.el8.ppc64le.rpm kernel-modules-extra-4.18.0-348.el8.ppc64le.rpm kernel-tools-4.18.0-348.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-tools-libs-4.18.0-348.el8.ppc64le.rpm perf-4.18.0-348.el8.ppc64le.rpm perf-debuginfo-4.18.0-348.el8.ppc64le.rpm python3-perf-4.18.0-348.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm

s390x: bpftool-4.18.0-348.el8.s390x.rpm bpftool-debuginfo-4.18.0-348.el8.s390x.rpm kernel-4.18.0-348.el8.s390x.rpm kernel-core-4.18.0-348.el8.s390x.rpm kernel-cross-headers-4.18.0-348.el8.s390x.rpm kernel-debug-4.18.0-348.el8.s390x.rpm kernel-debug-core-4.18.0-348.el8.s390x.rpm kernel-debug-debuginfo-4.18.0-348.el8.s390x.rpm kernel-debug-devel-4.18.0-348.el8.s390x.rpm kernel-debug-modules-4.18.0-348.el8.s390x.rpm kernel-debug-modules-extra-4.18.0-348.el8.s390x.rpm kernel-debuginfo-4.18.0-348.el8.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-348.el8.s390x.rpm kernel-devel-4.18.0-348.el8.s390x.rpm kernel-headers-4.18.0-348.el8.s390x.rpm kernel-modules-4.18.0-348.el8.s390x.rpm kernel-modules-extra-4.18.0-348.el8.s390x.rpm kernel-tools-4.18.0-348.el8.s390x.rpm kernel-tools-debuginfo-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-core-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-devel-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-modules-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-348.el8.s390x.rpm perf-4.18.0-348.el8.s390x.rpm perf-debuginfo-4.18.0-348.el8.s390x.rpm python3-perf-4.18.0-348.el8.s390x.rpm python3-perf-debuginfo-4.18.0-348.el8.s390x.rpm

x86_64: bpftool-4.18.0-348.el8.x86_64.rpm bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-4.18.0-348.el8.x86_64.rpm kernel-core-4.18.0-348.el8.x86_64.rpm kernel-cross-headers-4.18.0-348.el8.x86_64.rpm kernel-debug-4.18.0-348.el8.x86_64.rpm kernel-debug-core-4.18.0-348.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debug-devel-4.18.0-348.el8.x86_64.rpm kernel-debug-modules-4.18.0-348.el8.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm kernel-devel-4.18.0-348.el8.x86_64.rpm kernel-headers-4.18.0-348.el8.x86_64.rpm kernel-modules-4.18.0-348.el8.x86_64.rpm kernel-modules-extra-4.18.0-348.el8.x86_64.rpm kernel-tools-4.18.0-348.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-tools-libs-4.18.0-348.el8.x86_64.rpm perf-4.18.0-348.el8.x86_64.rpm perf-debuginfo-4.18.0-348.el8.x86_64.rpm python3-perf-4.18.0-348.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 8):

aarch64: bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-tools-libs-devel-4.18.0-348.el8.aarch64.rpm perf-debuginfo-4.18.0-348.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm

ppc64le: bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-tools-libs-devel-4.18.0-348.el8.ppc64le.rpm perf-debuginfo-4.18.0-348.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm

x86_64: bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.el8.x86_64.rpm perf-debuginfo-4.18.0-348.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2020-0427 https://access.redhat.com/security/cve/CVE-2020-24502 https://access.redhat.com/security/cve/CVE-2020-24503 https://access.redhat.com/security/cve/CVE-2020-24504 https://access.redhat.com/security/cve/CVE-2020-24586 https://access.redhat.com/security/cve/CVE-2020-24587 https://access.redhat.com/security/cve/CVE-2020-24588 https://access.redhat.com/security/cve/CVE-2020-26139 https://access.redhat.com/security/cve/CVE-2020-26140 https://access.redhat.com/security/cve/CVE-2020-26141 https://access.redhat.com/security/cve/CVE-2020-26143 https://access.redhat.com/security/cve/CVE-2020-26144 https://access.redhat.com/security/cve/CVE-2020-26145 https://access.redhat.com/security/cve/CVE-2020-26146 https://access.redhat.com/security/cve/CVE-2020-26147 https://access.redhat.com/security/cve/CVE-2020-27777 https://access.redhat.com/security/cve/CVE-2020-29368 https://access.redhat.com/security/cve/CVE-2020-29660 https://access.redhat.com/security/cve/CVE-2020-36158 https://access.redhat.com/security/cve/CVE-2020-36386 https://access.redhat.com/security/cve/CVE-2021-0129 https://access.redhat.com/security/cve/CVE-2021-3348 https://access.redhat.com/security/cve/CVE-2021-3489 https://access.redhat.com/security/cve/CVE-2021-3564 https://access.redhat.com/security/cve/CVE-2021-3573 https://access.redhat.com/security/cve/CVE-2021-3600 https://access.redhat.com/security/cve/CVE-2021-3635 https://access.redhat.com/security/cve/CVE-2021-3659 https://access.redhat.com/security/cve/CVE-2021-3679 https://access.redhat.com/security/cve/CVE-2021-3732 https://access.redhat.com/security/cve/CVE-2021-20194 https://access.redhat.com/security/cve/CVE-2021-20239 https://access.redhat.com/security/cve/CVE-2021-23133 https://access.redhat.com/security/cve/CVE-2021-28950 https://access.redhat.com/security/cve/CVE-2021-28971 https://access.redhat.com/security/cve/CVE-2021-29155 https://access.redhat.com/security/cve/CVE-2021-29646 https://access.redhat.com/security/cve/CVE-2021-29650 https://access.redhat.com/security/cve/CVE-2021-31440 https://access.redhat.com/security/cve/CVE-2021-31829 https://access.redhat.com/security/cve/CVE-2021-31916 https://access.redhat.com/security/cve/CVE-2021-33200 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBYYrdRdzjgjWX9erEAQhs0w//as9X4T+FCf3TAbcNIStxlOK6fbJoAlST FrgNJnRH3RmT+VxRSLWZcsJQf78kudeJWtMezbGSVREfhCMBCGhKZ7mvVp5P7J8l bobmdaap3hqkPqq66VuKxGuS+6j0rXXgGQH034yzoX+L/lx6KV9qdAnZZO+7kWcy SfX0GkLg0ARDMfsoUKwVmeUeNLhPlJ4ZH2rBdZ4FhjyEAG/5yL9JwU/VNReWHjhW HgarTuSnFR3vLQDKyjMIEEiBPOI162hS2j3Ba/A/1hJ70HOjloJnd0eWYGxSuIfC DRrzlacFNAzBPZsbRFi1plXrHh5LtNoBBWjl+xyb6jRsB8eXgS+WhzUhOXGUv01E lJTwFy5Kz71d+cAhRXgmz5gVgWuoNJw8AEImefWcy4n0EEK55vdFe0Sl7BfZiwpD Jhx97He6OurNnLrYyJJ0+TsU1L33794Ag2AJZnN1PLFUyrKKNlD1ZWtdsJg99klK dQteUTnnUhgDG5Tqulf0wX19BEkLd/O6CRyGueJcV4h4PFpSoWOh5Yy/BlokFzc8 zf14PjuVueIodaIUXtK+70Zmw7tg09Dx5Asyfuk5hWFPYv856nHlDn7PT724CU8v 1cp96h1IjLR6cF17NO2JCcbU0XZEW+aCkGkPcsY8DhBmaZqxUxXObvTD80Mm7EvN +PuV5cms0sE=2UUA -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution:

For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:

https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html

For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:

https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html

  1. Bugs fixed (https://bugzilla.redhat.com/):

1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment

  1. JIRA issues fixed (https://issues.jboss.org/):

LOG-1168 - Disable hostname verification in syslog TLS settings LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd LOG-1375 - ssl_ca_cert should be optional LOG-1378 - CLO should support sasl_plaintext(Password over http) LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate LOG-1494 - Syslog output is serializing json incorrectly LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing LOG-1735 - Regression introducing flush_at_shutdown LOG-1774 - The collector logs should be excluded in fluent.conf LOG-1776 - fluentd total_limit_size sets value beyond available space LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL LOG-1903 - Fix the Display of ClusterLogging type in OLM LOG-1911 - CLF API changes to Opt-in to multiline error detection LOG-1918 - Alert FluentdNodeDown always firing LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding

6

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202105-1477",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "c-75",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "scalance w1700 ieee 802.11ac",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "c-230",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "10.0.1-31"
      },
      {
        "model": "c-65",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-110",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "c-250",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "10.0.1-31"
      },
      {
        "model": "galaxy i9305",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "samsung",
        "version": "4.4.4"
      },
      {
        "model": "scalance w700 ieee 802.11n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "o-105",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "scalance w1750d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.7.1.3"
      },
      {
        "model": "c-200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "c-130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "c-235",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "10.0.1-31"
      },
      {
        "model": "w-68",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "w-118",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "c-100",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "c-260",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "10.0.1-31"
      },
      {
        "model": "c-120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arista",
        "version": "11.0.0-36"
      },
      {
        "model": "o-90",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-100",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-130",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-110",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-260",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-250",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "c-235",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "aterm",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u65e5\u672c\u96fb\u6c17",
        "version": null
      },
      {
        "model": "c-230",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "galaxy s3 i9305",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b5\u30e0\u30b9\u30f3",
        "version": null
      },
      {
        "model": "c-200",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "nec ai accelerator",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u65e5\u672c\u96fb\u6c17",
        "version": null
      },
      {
        "model": "c-120",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "o-105",
        "scope": null,
        "trust": 0.8,
        "vendor": "arista",
        "version": null
      },
      {
        "model": "galaxy s3 i9305",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "samsung",
        "version": "4.4.4"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mitsubishi Electric reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2020-26146",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 5.5,
            "id": "CVE-2020-26146",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 1.9,
            "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.2,
            "id": "CNVD-2021-34678",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:H/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.6,
            "id": "CVE-2020-26146",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-26146",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-26146",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-26146",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-34678",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-629",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-26146",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design. The attacker can inject selected network packets. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. 8) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nSecurity Fix(es):\n* kernel: out-of-bounds reads in pinctrl subsystem. Bugs fixed (https://bugzilla.redhat.com/):\n\n2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Moderate: kernel security, bug fix, and enhancement update\nAdvisory ID:       RHSA-2021:4356-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2021:4356\nIssue date:        2021-11-09\nCVE Names:         CVE-2020-0427 CVE-2020-24502 CVE-2020-24503\n                   CVE-2020-24504 CVE-2020-24586 CVE-2020-24587\n                   CVE-2020-24588 CVE-2020-26139 CVE-2020-26140\n                   CVE-2020-26141 CVE-2020-26143 CVE-2020-26144\n                   CVE-2020-26145 CVE-2020-26146 CVE-2020-26147\n                   CVE-2020-27777 CVE-2020-29368 CVE-2020-29660\n                   CVE-2020-36158 CVE-2020-36386 CVE-2021-0129\n                   CVE-2021-3348 CVE-2021-3489 CVE-2021-3564\n                   CVE-2021-3573 CVE-2021-3600 CVE-2021-3635\n                   CVE-2021-3659 CVE-2021-3679 CVE-2021-3732\n                   CVE-2021-20194 CVE-2021-20239 CVE-2021-23133\n                   CVE-2021-28950 CVE-2021-28971 CVE-2021-29155\n                   CVE-2021-29646 CVE-2021-29650 CVE-2021-31440\n                   CVE-2021-31829 CVE-2021-31916 CVE-2021-33200\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n* kernel: out-of-bounds reads in pinctrl subsystem (CVE-2020-0427)\n* kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter\ndrivers (CVE-2020-24502)\n* kernel: Insufficient access control in some Intel(R) Ethernet E810\nAdapter drivers (CVE-2020-24503)\n* kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810\nAdapter drivers (CVE-2020-24504)\n* kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)\n* kernel: Reassembling fragments encrypted under different keys\n(CVE-2020-24587)\n* kernel: wifi frame payload being parsed incorrectly as an L2 frame\n(CVE-2020-24588)\n* kernel: Forwarding EAPOL from unauthenticated wifi client\n(CVE-2020-26139)\n* kernel: accepting plaintext data frames in protected networks\n(CVE-2020-26140)\n* kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)\n* kernel: accepting fragmented plaintext frames in protected networks\n(CVE-2020-26143)\n* kernel: accepting unencrypted A-MSDU frames that start with RFC1042\nheader (CVE-2020-26144)\n* kernel: accepting plaintext broadcast fragments as full frames\n(CVE-2020-26145)\n* kernel: powerpc: RTAS calls can be used to compromise kernel integrity\n(CVE-2020-27777)\n* kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a\nread-after-free (CVE-2020-29660)\n* kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a\nlong SSID value (CVE-2020-36158)\n* kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt()\n(CVE-2020-36386)\n* kernel: Improper access control in BlueZ may allow information disclosure\nvulnerability. (CVE-2021-0129)\n* kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c\n(CVE-2021-3348)\n* kernel: Linux kernel eBPF RINGBUF map oversized allocation\n(CVE-2021-3489)\n* kernel: double free in bluetooth subsystem when the HCI device\ninitialization fails (CVE-2021-3564)\n* kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)\n* kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)\n* kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)\n* kernel: Mounting overlayfs inside an unprivileged user namespace can\nreveal files (CVE-2021-3732)\n* kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()\n(CVE-2021-20194)\n* kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)\n* kernel: fuse: stall on CPU can occur because a retry loop continually\nfinds the same bad inode (CVE-2021-28950)\n* kernel: System crash in intel_pmu_drain_pebs_nhm in\narch/x86/events/intel/ds.c (CVE-2021-28971)\n* kernel: protection can be bypassed to leak content of kernel memory\n(CVE-2021-29155)\n* kernel: improper input validation in tipc_nl_retrieve_key function in\nnet/tipc/node.c (CVE-2021-29646)\n* kernel: lack a full memory barrier may lead to DoS (CVE-2021-29650)\n* kernel: local escalation of privileges in handling of eBPF programs\n(CVE-2021-31440)\n* kernel: protection of stack pointer against speculative pointer\narithmetic can be bypassed to leak content of kernel memory\n(CVE-2021-31829)\n* kernel: out-of-bounds reads and writes due to enforcing incorrect limits\nfor pointer arithmetic operations by BPF verifier (CVE-2021-33200)\n* kernel: reassembling encrypted fragments with non-consecutive packet\nnumbers (CVE-2020-26146)\n* kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)\n* kernel: the copy-on-write implementation can grant unintended write\naccess because of a race condition in a THP mapcount check (CVE-2020-29368)\n* kernel: flowtable list del corruption with kernel BUG at\nlib/list_debug.c:50 (CVE-2021-3635)\n* kernel: NULL pointer dereference in llsec_key_alloc() in\nnet/mac802154/llsec.c (CVE-2021-3659)\n* kernel: setsockopt System Call Untrusted Pointer Dereference Information\nDisclosure (CVE-2021-20239)\n* kernel: out of bounds array access in drivers/md/dm-ioctl.c\n(CVE-2021-31916)\n\n4. Solution:\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.5 Release Notes linked from the References section. \n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1509204 - dlm: Add ability to set SO_MARK on DLM sockets\n1793880 - Unreliable RTC synchronization (11-minute mode)\n1816493 - [RHEL 8.3] Discard request from mkfs.xfs takes too much time on raid10\n1900844 - CVE-2020-27777 kernel: powerpc: RTAS calls can be used to compromise kernel integrity\n1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check\n1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free\n1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()\n1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value\n1915825 - Allow falling back to genfscon labeling when the FS doesn\u0027t support xattrs and there is a fs_use_xattr rule for it\n1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem. \n1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c\n1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure\n1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers\n1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers\n1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers\n1933527 - Files on cifs mount can get mixed contents when underlying file is removed but inode number is reused, when mounted with \u0027serverino\u0027 and \u0027cache=strict \u0027\n1939341 - CNB: net: add inline function skb_csum_is_sctp\n1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode\n1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c\n1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c\n1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS\n1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c\n1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del\n1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory\n1953847 - [ethtool] The `NLM_F_MULTI` should be used for `NLM_F_DUMP`\n1954588 - RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. \n1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory\n1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation\n1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection\n1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys\n1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame\n1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client\n1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks\n1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames\n1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks\n1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header\n1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames\n1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers\n1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments\n1960708 - please add CAP_CHECKPOINT_RESTORE to capability.h\n1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs\n1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails\n1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability. \n1965360 - kernel: get_timespec64 does not ignore padding in compat syscalls\n1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier\n1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl()\n1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c\n1971101 - ceph: potential data corruption in cephfs write_begin codepath\n1972278 - libceph: allow addrvecs with a single NONE/blank address\n1974627 - [TIPC] kernel BUG at lib/list_debug.c:31!\n1975182 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer [rhel-8.5.0]\n1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c\n1976679 - blk-mq: fix/improve io scheduler batching dispatch\n1976699 - [SCTP]WARNING: CPU: 29 PID: 3165 at mm/page_alloc.c:4579 __alloc_pages_slowpath+0xb74/0xd00\n1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50\n1976969 - XFS: followup to XFS sync to upstream v5.10 (re BZ1937116)\n1977162 - [XDP] test program warning: libbpf: elf: skipping unrecognized data section(16) .eh_frame\n1977422 - Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel\n1977537 - RHEL8.5: Update the kernel workqueue code to v5.12 level\n1977850 - geneve virtual devices lack  the NETIF_F_FRAGLIST feature\n1978369 - dm writecache: sync with upstream 5.14\n1979070 - Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?)\n1979680 - Backport openvswitch tracepoints\n1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod\n1986138 - Lockd invalid cast to nlm_lockowner\n1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty()\n1989999 - ceph omnibus backport for RHEL-8.5.0\n1991976 - block: fix New warning in nvme_setup_discard\n1992700 - blk-mq: fix kernel panic when iterating over flush request\n1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files\n1996854 - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nkernel-4.18.0-348.el8.src.rpm\n\naarch64:\nbpftool-4.18.0-348.el8.aarch64.rpm\nbpftool-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-4.18.0-348.el8.aarch64.rpm\nkernel-core-4.18.0-348.el8.aarch64.rpm\nkernel-cross-headers-4.18.0-348.el8.aarch64.rpm\nkernel-debug-4.18.0-348.el8.aarch64.rpm\nkernel-debug-core-4.18.0-348.el8.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debug-devel-4.18.0-348.el8.aarch64.rpm\nkernel-debug-modules-4.18.0-348.el8.aarch64.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm\nkernel-devel-4.18.0-348.el8.aarch64.rpm\nkernel-headers-4.18.0-348.el8.aarch64.rpm\nkernel-modules-4.18.0-348.el8.aarch64.rpm\nkernel-modules-extra-4.18.0-348.el8.aarch64.rpm\nkernel-tools-4.18.0-348.el8.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-tools-libs-4.18.0-348.el8.aarch64.rpm\nperf-4.18.0-348.el8.aarch64.rpm\nperf-debuginfo-4.18.0-348.el8.aarch64.rpm\npython3-perf-4.18.0-348.el8.aarch64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm\n\nnoarch:\nkernel-abi-stablelists-4.18.0-348.el8.noarch.rpm\nkernel-doc-4.18.0-348.el8.noarch.rpm\n\nppc64le:\nbpftool-4.18.0-348.el8.ppc64le.rpm\nbpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-4.18.0-348.el8.ppc64le.rpm\nkernel-core-4.18.0-348.el8.ppc64le.rpm\nkernel-cross-headers-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-core-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-devel-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-modules-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm\nkernel-devel-4.18.0-348.el8.ppc64le.rpm\nkernel-headers-4.18.0-348.el8.ppc64le.rpm\nkernel-modules-4.18.0-348.el8.ppc64le.rpm\nkernel-modules-extra-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-libs-4.18.0-348.el8.ppc64le.rpm\nperf-4.18.0-348.el8.ppc64le.rpm\nperf-debuginfo-4.18.0-348.el8.ppc64le.rpm\npython3-perf-4.18.0-348.el8.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm\n\ns390x:\nbpftool-4.18.0-348.el8.s390x.rpm\nbpftool-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-4.18.0-348.el8.s390x.rpm\nkernel-core-4.18.0-348.el8.s390x.rpm\nkernel-cross-headers-4.18.0-348.el8.s390x.rpm\nkernel-debug-4.18.0-348.el8.s390x.rpm\nkernel-debug-core-4.18.0-348.el8.s390x.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-debug-devel-4.18.0-348.el8.s390x.rpm\nkernel-debug-modules-4.18.0-348.el8.s390x.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.s390x.rpm\nkernel-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-debuginfo-common-s390x-4.18.0-348.el8.s390x.rpm\nkernel-devel-4.18.0-348.el8.s390x.rpm\nkernel-headers-4.18.0-348.el8.s390x.rpm\nkernel-modules-4.18.0-348.el8.s390x.rpm\nkernel-modules-extra-4.18.0-348.el8.s390x.rpm\nkernel-tools-4.18.0-348.el8.s390x.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-core-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-devel-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-modules-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-modules-extra-4.18.0-348.el8.s390x.rpm\nperf-4.18.0-348.el8.s390x.rpm\nperf-debuginfo-4.18.0-348.el8.s390x.rpm\npython3-perf-4.18.0-348.el8.s390x.rpm\npython3-perf-debuginfo-4.18.0-348.el8.s390x.rpm\n\nx86_64:\nbpftool-4.18.0-348.el8.x86_64.rpm\nbpftool-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-4.18.0-348.el8.x86_64.rpm\nkernel-core-4.18.0-348.el8.x86_64.rpm\nkernel-cross-headers-4.18.0-348.el8.x86_64.rpm\nkernel-debug-4.18.0-348.el8.x86_64.rpm\nkernel-debug-core-4.18.0-348.el8.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debug-devel-4.18.0-348.el8.x86_64.rpm\nkernel-debug-modules-4.18.0-348.el8.x86_64.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm\nkernel-devel-4.18.0-348.el8.x86_64.rpm\nkernel-headers-4.18.0-348.el8.x86_64.rpm\nkernel-modules-4.18.0-348.el8.x86_64.rpm\nkernel-modules-extra-4.18.0-348.el8.x86_64.rpm\nkernel-tools-4.18.0-348.el8.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-tools-libs-4.18.0-348.el8.x86_64.rpm\nperf-4.18.0-348.el8.x86_64.rpm\nperf-debuginfo-4.18.0-348.el8.x86_64.rpm\npython3-perf-4.18.0-348.el8.x86_64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm\n\nRed Hat Enterprise Linux CRB (v. 8):\n\naarch64:\nbpftool-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-tools-libs-devel-4.18.0-348.el8.aarch64.rpm\nperf-debuginfo-4.18.0-348.el8.aarch64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm\n\nppc64le:\nbpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-libs-devel-4.18.0-348.el8.ppc64le.rpm\nperf-debuginfo-4.18.0-348.el8.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-tools-libs-devel-4.18.0-348.el8.x86_64.rpm\nperf-debuginfo-4.18.0-348.el8.x86_64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-0427\nhttps://access.redhat.com/security/cve/CVE-2020-24502\nhttps://access.redhat.com/security/cve/CVE-2020-24503\nhttps://access.redhat.com/security/cve/CVE-2020-24504\nhttps://access.redhat.com/security/cve/CVE-2020-24586\nhttps://access.redhat.com/security/cve/CVE-2020-24587\nhttps://access.redhat.com/security/cve/CVE-2020-24588\nhttps://access.redhat.com/security/cve/CVE-2020-26139\nhttps://access.redhat.com/security/cve/CVE-2020-26140\nhttps://access.redhat.com/security/cve/CVE-2020-26141\nhttps://access.redhat.com/security/cve/CVE-2020-26143\nhttps://access.redhat.com/security/cve/CVE-2020-26144\nhttps://access.redhat.com/security/cve/CVE-2020-26145\nhttps://access.redhat.com/security/cve/CVE-2020-26146\nhttps://access.redhat.com/security/cve/CVE-2020-26147\nhttps://access.redhat.com/security/cve/CVE-2020-27777\nhttps://access.redhat.com/security/cve/CVE-2020-29368\nhttps://access.redhat.com/security/cve/CVE-2020-29660\nhttps://access.redhat.com/security/cve/CVE-2020-36158\nhttps://access.redhat.com/security/cve/CVE-2020-36386\nhttps://access.redhat.com/security/cve/CVE-2021-0129\nhttps://access.redhat.com/security/cve/CVE-2021-3348\nhttps://access.redhat.com/security/cve/CVE-2021-3489\nhttps://access.redhat.com/security/cve/CVE-2021-3564\nhttps://access.redhat.com/security/cve/CVE-2021-3573\nhttps://access.redhat.com/security/cve/CVE-2021-3600\nhttps://access.redhat.com/security/cve/CVE-2021-3635\nhttps://access.redhat.com/security/cve/CVE-2021-3659\nhttps://access.redhat.com/security/cve/CVE-2021-3679\nhttps://access.redhat.com/security/cve/CVE-2021-3732\nhttps://access.redhat.com/security/cve/CVE-2021-20194\nhttps://access.redhat.com/security/cve/CVE-2021-20239\nhttps://access.redhat.com/security/cve/CVE-2021-23133\nhttps://access.redhat.com/security/cve/CVE-2021-28950\nhttps://access.redhat.com/security/cve/CVE-2021-28971\nhttps://access.redhat.com/security/cve/CVE-2021-29155\nhttps://access.redhat.com/security/cve/CVE-2021-29646\nhttps://access.redhat.com/security/cve/CVE-2021-29650\nhttps://access.redhat.com/security/cve/CVE-2021-31440\nhttps://access.redhat.com/security/cve/CVE-2021-31829\nhttps://access.redhat.com/security/cve/CVE-2021-31916\nhttps://access.redhat.com/security/cve/CVE-2021-33200\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYYrdRdzjgjWX9erEAQhs0w//as9X4T+FCf3TAbcNIStxlOK6fbJoAlST\nFrgNJnRH3RmT+VxRSLWZcsJQf78kudeJWtMezbGSVREfhCMBCGhKZ7mvVp5P7J8l\nbobmdaap3hqkPqq66VuKxGuS+6j0rXXgGQH034yzoX+L/lx6KV9qdAnZZO+7kWcy\nSfX0GkLg0ARDMfsoUKwVmeUeNLhPlJ4ZH2rBdZ4FhjyEAG/5yL9JwU/VNReWHjhW\nHgarTuSnFR3vLQDKyjMIEEiBPOI162hS2j3Ba/A/1hJ70HOjloJnd0eWYGxSuIfC\nDRrzlacFNAzBPZsbRFi1plXrHh5LtNoBBWjl+xyb6jRsB8eXgS+WhzUhOXGUv01E\nlJTwFy5Kz71d+cAhRXgmz5gVgWuoNJw8AEImefWcy4n0EEK55vdFe0Sl7BfZiwpD\nJhx97He6OurNnLrYyJJ0+TsU1L33794Ag2AJZnN1PLFUyrKKNlD1ZWtdsJg99klK\ndQteUTnnUhgDG5Tqulf0wX19BEkLd/O6CRyGueJcV4h4PFpSoWOh5Yy/BlokFzc8\nzf14PjuVueIodaIUXtK+70Zmw7tg09Dx5Asyfuk5hWFPYv856nHlDn7PT724CU8v\n1cp96h1IjLR6cF17NO2JCcbU0XZEW+aCkGkPcsY8DhBmaZqxUxXObvTD80Mm7EvN\n+PuV5cms0sE=2UUA\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nFor OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply\nthis update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1168 - Disable hostname verification in syslog TLS settings\nLOG-1235 - Using HTTPS without a secret does not translate into the correct \u0027scheme\u0027 value in Fluentd\nLOG-1375 - ssl_ca_cert should be optional\nLOG-1378 - CLO should support sasl_plaintext(Password over http)\nLOG-1392 - In fluentd config, flush_interval can\u0027t be set with flush_mode=immediate\nLOG-1494 - Syslog output is serializing json incorrectly\nLOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server\nLOG-1575 - Rejected by Elasticsearch and unexpected json-parsing\nLOG-1735 - Regression introducing flush_at_shutdown \nLOG-1774 - The collector logs should  be excluded in fluent.conf\nLOG-1776 - fluentd total_limit_size sets value beyond available space\nLOG-1822 - OpenShift Alerting Rules Style-Guide Compliance\nLOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled\nLOG-1862 - Unsupported kafka parameters when enabled Kafka SASL\nLOG-1903 - Fix the Display of ClusterLogging type in OLM\nLOG-1911 - CLF API changes to Opt-in to multiline error detection\nLOG-1918 - Alert `FluentdNodeDown` always firing \nLOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding\n\n6",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "db": "PACKETSTORM",
        "id": "164875"
      },
      {
        "db": "PACKETSTORM",
        "id": "165296"
      },
      {
        "db": "PACKETSTORM",
        "id": "164837"
      },
      {
        "db": "PACKETSTORM",
        "id": "164967"
      }
    ],
    "trust": 3.15
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-26146",
        "trust": 4.3
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2021/05/11/12",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-913875",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU93485736",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-102-04",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "164875",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051715",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051814",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021100407",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022041319",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051227",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051920",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.1628",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.4254",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3905",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3825",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.1715",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.2876",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-236-01",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-104-04",
        "trust": 0.6
      },
      {
        "db": "LENOVO",
        "id": "LEN-61212",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "165296",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "164837",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "164967",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "PACKETSTORM",
        "id": "164875"
      },
      {
        "db": "PACKETSTORM",
        "id": "165296"
      },
      {
        "db": "PACKETSTORM",
        "id": "164837"
      },
      {
        "db": "PACKETSTORM",
        "id": "164967"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "id": "VAR-202105-1477",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      }
    ],
    "trust": 1.03387681
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      }
    ]
  },
  "last_update_date": "2024-08-14T12:38:31.002000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "NV21-013",
        "trust": 0.8,
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
      },
      {
        "title": "Patch for Samsung Galaxy S3 input verification error vulnerability (CNVD-2021-34678)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/264936"
      },
      {
        "title": "Samsung Galaxy S3 Enter the fix for the verification error vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=150563"
      },
      {
        "title": "Red Hat: CVE-2020-26146",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2020-26146"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2020-26146 log"
      },
      {
        "title": "Cisco: Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-wifi-faf-22epcEWu"
      },
      {
        "title": "fragattacks",
        "trust": 0.1,
        "url": "https://github.com/vanhoefm/fragattacks "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.0
      },
      {
        "problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
      },
      {
        "trust": 2.3,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-wifi-faf-22epcewu"
      },
      {
        "trust": 1.7,
        "url": "https://www.fragattacks.com"
      },
      {
        "trust": 1.7,
        "url": "https://github.com/vanhoefm/fragattacks/blob/master/summary.md"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
      },
      {
        "trust": 1.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26146"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu93485736/"
      },
      {
        "trust": 0.6,
        "url": "https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/en/product_security/len-61212"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051227"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051920"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/164875/red-hat-security-advisory-2021-4140-02.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.2876"
      },
      {
        "trust": 0.6,
        "url": "https://source.android.com/security/bulletin/2021-10-01"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3905"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.1628"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3825"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022041319"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-104-04"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-102-04"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021100407"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.4254"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-236-01"
      },
      {
        "trust": 0.6,
        "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202111-0000001218088197"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051715"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051814"
      },
      {
        "trust": 0.6,
        "url": "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210513-01-fragattacks-cn"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.1715"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/wi-fi-devices-multiple-vulnerabilities-via-fragattacks-35386"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2020-26146"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26143"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24504"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3600"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-20239"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26144"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3679"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-36158"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3635"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-31829"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26145"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-36386"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-33200"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-29650"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-0427"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3573"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-29368"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-20194"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24586"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26147"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-31916"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26141"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3348"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-28950"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24588"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26140"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-31440"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-29646"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-29155"
      },
      {
        "trust": 0.4,
        "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3732"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-0129"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3489"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24503"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-29660"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24587"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-26139"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-28971"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24502"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-24503"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3659"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-3564"
      },
      {
        "trust": 0.4,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2020-0427"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2021-23133"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24502"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2020-27777"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26144"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24504"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-20239"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-20194"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26147"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24588"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0129"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-28950"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26143"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24586"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-29368"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26145"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-23133"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24587"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26140"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-36386"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-29660"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-28971"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-36158"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26141"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26139"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16135"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3200"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-35448"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-25013"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-20284"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25012"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-35522"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-35524"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20673"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25013"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25009"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-27645"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-33574"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3487"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-13435"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-5827"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-24370"
      },
      {
        "trust": 0.2,
        "url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-14145"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-13751"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10001"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-25014"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-19603"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14145"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-25012"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-35521"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-35942"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-17594"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-36312"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24370"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3572"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-12762"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-36086"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3778"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-22898"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12762"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-16135"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-36084"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-17541"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3800"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-36087"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-36331"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-31535"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-23841"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-14615"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3445"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-22925"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-20673"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-23840"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-36330"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-33033"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-20232"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-20266"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-20838"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-22876"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-20231"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-36332"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-14155"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25010"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-17541"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-10001"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25014"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-36085"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14615"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-33560"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-17595"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3481"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-42574"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-25009"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-25010"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2020-35523"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-28153"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-13750"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-20197"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3426"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2019-18218"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3580"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3796"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-04"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-29155"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:4140"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-009"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-43527"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-44228"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3712"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:5137"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:4356"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27777"
      },
      {
        "trust": 0.1,
        "url": "https://issues.jboss.org/):"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-33194"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2021:4627"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "PACKETSTORM",
        "id": "164875"
      },
      {
        "db": "PACKETSTORM",
        "id": "165296"
      },
      {
        "db": "PACKETSTORM",
        "id": "164837"
      },
      {
        "db": "PACKETSTORM",
        "id": "164967"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "db": "PACKETSTORM",
        "id": "164875"
      },
      {
        "db": "PACKETSTORM",
        "id": "165296"
      },
      {
        "db": "PACKETSTORM",
        "id": "164837"
      },
      {
        "db": "PACKETSTORM",
        "id": "164967"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "date": "2022-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "date": "2021-11-10T17:10:23",
        "db": "PACKETSTORM",
        "id": "164875"
      },
      {
        "date": "2021-12-15T15:27:05",
        "db": "PACKETSTORM",
        "id": "165296"
      },
      {
        "date": "2021-11-10T17:04:39",
        "db": "PACKETSTORM",
        "id": "164837"
      },
      {
        "date": "2021-11-15T17:25:56",
        "db": "PACKETSTORM",
        "id": "164967"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-11T20:15:08.907000",
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-34678"
      },
      {
        "date": "2021-12-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-26146"
      },
      {
        "date": "2024-02-27T02:27:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      },
      {
        "date": "2022-05-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-12-06T13:45:13.010000",
        "db": "NVD",
        "id": "CVE-2020-26146"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Samsung\u00a0Galaxy\u00a0S3\u00a0i9305\u00a0 Vulnerability related to input validation in devices",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006942"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-629"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.