Sign-up

ID

VAR-202012-1546


CVE

CVE-2020-29661


TITLE

Linux kernel Resource Management Error Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202012-778

DESCRIPTION

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. 7.4) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.3.z2 source tree (BZ#1908433) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:0856-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0856 Issue date: 2021-03-16 CVE Names: CVE-2019-19532 CVE-2020-0427 CVE-2020-7053 CVE-2020-14351 CVE-2020-25211 CVE-2020-25645 CVE-2020-25656 CVE-2020-25705 CVE-2020-28374 CVE-2020-29661 CVE-2021-20265 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661) * kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532) * kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427) * kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c (CVE-2020-7053) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645) * kernel: use-after-free in read in vt_do_kdgkb_ioctl (CVE-2020-25656) * kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705) * kernel: increase slab leak leads to DoS (CVE-2021-20265) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * BUG: scheduling while atomic: memory allocation under spinlock in scsi_register_device_handler() (BZ#1619147) * WARNING in __iscsit_free_cmd during recovery Abort (BZ#1784540) * lpfc does not issue adisc to fcp-2 devices, does not respond to nvme targer that send an adisc. (BZ#1875961) * Panic in semctl_nolock.constprop.15+0x25b (BZ#1877264) * [RHEL 7.7][md]Crash due to invalid pool workqueue pointer, work queue race (BZ#1889372) * Guest crash on intel CPU with -cpu host,-spec-ctrl,+ibpb (BZ#1890669) * RHEL7.9 - kernel/uv: handle length extension properly (BZ#1899172) * Commit b144f013fc16a06d7a4b9a4be668a3583fafeda2 'i40e: don't report link up for a VF who hasn't enabled queues' introducing issues with VM using DPDK (BZ#1901064) * writing to /sys/devices/(...)/net/eno49/queues/tx-16/xps_cpus triggers kernel panic (BZ#1903819) * [Hyper-V][RHEL-7.9]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit (BZ#1908896) * kvm-rhel7.9 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces. (BZ#1909036) * kernel: nvme nvme7: Connect command failed, error wo/DNR bit: 2 (BZ#1910817) * dm-mirror crashes from assuming underlying storage will have a non-NULL merge_bvec_fn (BZ#1916407) * watchdog: use nmi registers snapshot in hardlockup handler (BZ#1916589) * [DELL EMC 7.9 BUG] - Intel E810 NIC interfaces are not functional in RHEL 7.9 on system with AMD Rome CPUs (BZ#1918273) * [DELL EMC BUG] RHEL system log shows AMD-Vi error when system connected with Gen 4 NVMe drives. (BZ#1921187) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1781821 - CVE-2019-19532 kernel: malicious USB devices can lead to multiple out-of-bounds write 1795624 - CVE-2020-7053 kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c 1862849 - CVE-2020-14351 kernel: performance counters race condition use-after-free 1877571 - CVE-2020-25211 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c 1883988 - CVE-2020-25645 kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints 1888726 - CVE-2020-25656 kernel: use-after-free in read in vt_do_kdgkb_ioctl 1894579 - CVE-2020-25705 kernel: ICMP rate limiting can be used for DNS poisoning attack 1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore 1901064 - Commit b144f013fc16a06d7a4b9a4be668a3583fafeda2 'i40e: don't report link up for a VF who hasn't enabled queues' introducing issues with VM using DPDK 1906525 - CVE-2020-29661 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free 1908827 - CVE-2021-20265 kernel: increase slab leak leads to DoS 1916589 - watchdog: use nmi registers snapshot in hardlockup handler 1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem. 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1160.21.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.21.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm perf-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1160.21.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.21.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm perf-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1160.21.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm ppc64: bpftool-3.10.0-1160.21.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-3.10.0-1160.21.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debug-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.21.1.el7.ppc64.rpm kernel-devel-3.10.0-1160.21.1.el7.ppc64.rpm kernel-headers-3.10.0-1160.21.1.el7.ppc64.rpm kernel-tools-3.10.0-1160.21.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.ppc64.rpm perf-3.10.0-1160.21.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm python-perf-3.10.0-1160.21.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1160.21.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debug-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-devel-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-headers-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-tools-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.ppc64le.rpm perf-3.10.0-1160.21.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm python-perf-3.10.0-1160.21.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm s390x: bpftool-3.10.0-1160.21.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.s390x.rpm kernel-3.10.0-1160.21.1.el7.s390x.rpm kernel-debug-3.10.0-1160.21.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.21.1.el7.s390x.rpm kernel-devel-3.10.0-1160.21.1.el7.s390x.rpm kernel-headers-3.10.0-1160.21.1.el7.s390x.rpm kernel-kdump-3.10.0-1160.21.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.21.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.21.1.el7.s390x.rpm perf-3.10.0-1160.21.1.el7.s390x.rpm perf-debuginfo-3.10.0-1160.21.1.el7.s390x.rpm python-perf-3.10.0-1160.21.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.s390x.rpm x86_64: bpftool-3.10.0-1160.21.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm perf-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.21.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1160.21.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.21.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm perf-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.21.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-19532 https://access.redhat.com/security/cve/CVE-2020-0427 https://access.redhat.com/security/cve/CVE-2020-7053 https://access.redhat.com/security/cve/CVE-2020-14351 https://access.redhat.com/security/cve/CVE-2020-25211 https://access.redhat.com/security/cve/CVE-2020-25645 https://access.redhat.com/security/cve/CVE-2020-25656 https://access.redhat.com/security/cve/CVE-2020-25705 https://access.redhat.com/security/cve/CVE-2020-28374 https://access.redhat.com/security/cve/CVE-2020-29661 https://access.redhat.com/security/cve/CVE-2021-20265 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFC579zjgjWX9erEAQirxQ/9FKZDGdDIPfGpiOwbkmMoqySgNxALO02Q mSTFgrFP/TM4sHCZxPhyuL1rbgPTVnrPKE8M/fTA2EzRQiMZud+vSy4Dvf/WwBXQ 1dStOQIJNmVohUXCRed043xJtfZxyLtteFoxhVjlVU2Eia1+f7d9t42vWQAXhtVB SuEDmitq+9dvv9S48bDJkZtSUkBvZTY9zCtjx6neqypg0j4KKwrYgr+Ui+VF3yJk xRtkw5SVhRiSFv8lBGKSkbIX9AqaoTi25HQPZ1rxB43Rjw0dxNZzlwC5LAs4LQUD mCRHZQcDaKCWmDC+bCy3g5sfETvblJfKiBF61mEOo0nTnPwyOalEciwG0bBcyrnu Bupt4OsM71s/KSK5IUA0jv6vVUy4fLL/5IfAz63XAdZD/ZMQq+hlPiB0e+8QmNDP o7rKWut+BEgqHrgtur7SNPzUIWCj7OVIZUO+7+dEMLKkIUlRQJKYudm3JUbF1M/c 9pc6DyR2pxjvbW+0pIAln+nawSt3OvCIEnwCewJuX0R/Pie09hRp/sh2xfItDcHj mYcpCz75VnMeV4tMm2JXn9HXQOqkAx/LPYtBh8ZNui6G+O3NRyTSOv4ouiT12e5r UfBBYb2KtK6VViAy83150q+qkws8nPykpeRkBukYZELtGQjpiMBwlaVTq809GShi 65tXPtffy4k= =OXZI -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-4749-1 February 25, 2021 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815) Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in the Linux kernel did not correctly handle setting line discipline in some situations. A local attacker could use this to cause a denial of service (system crash). A local attacker could possibly use this to gain unintended write access to read-only memory pages. (CVE-2020-29374) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568) Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-1012-dell300x 4.15.0-1012.16 linux-image-4.15.0-1065-oracle 4.15.0-1065.73 linux-image-4.15.0-1079-gke 4.15.0-1079.84 linux-image-4.15.0-1079-raspi2 4.15.0-1079.84 linux-image-4.15.0-1085-kvm 4.15.0-1085.87 linux-image-4.15.0-1093-gcp 4.15.0-1093.106 linux-image-4.15.0-1094-aws 4.15.0-1094.101 linux-image-4.15.0-1096-snapdragon 4.15.0-1096.105 linux-image-4.15.0-1108-azure 4.15.0-1108.120 linux-image-4.15.0-136-generic 4.15.0-136.140 linux-image-4.15.0-136-generic-lpae 4.15.0-136.140 linux-image-4.15.0-136-lowlatency 4.15.0-136.140 linux-image-aws-lts-18.04 4.15.0.1094.97 linux-image-azure-lts-18.04 4.15.0.1108.81 linux-image-dell300x 4.15.0.1012.14 linux-image-gcp-lts-18.04 4.15.0.1093.111 linux-image-generic 4.15.0.136.123 linux-image-generic-lpae 4.15.0.136.123 linux-image-gke 4.15.0.1079.83 linux-image-gke-4.15 4.15.0.1079.83 linux-image-kvm 4.15.0.1085.81 linux-image-lowlatency 4.15.0.136.123 linux-image-oracle-lts-18.04 4.15.0.1065.75 linux-image-powerpc-e500mc 4.15.0.136.123 linux-image-powerpc-smp 4.15.0.136.123 linux-image-powerpc64-emb 4.15.0.136.123 linux-image-powerpc64-smp 4.15.0.136.123 linux-image-raspi2 4.15.0.1079.76 linux-image-snapdragon 4.15.0.1096.99 linux-image-virtual 4.15.0.136.123 Ubuntu 16.04 LTS: linux-image-4.15.0-1065-oracle 4.15.0-1065.73~16.04.1 linux-image-4.15.0-1093-gcp 4.15.0-1093.106~16.04.1 linux-image-4.15.0-1094-aws 4.15.0-1094.101~16.04.1 linux-image-4.15.0-1108-azure 4.15.0-1108.120~16.04.1 linux-image-4.15.0-136-generic 4.15.0-136.140~16.04.1 linux-image-4.15.0-136-generic-lpae 4.15.0-136.140~16.04.1 linux-image-4.15.0-136-lowlatency 4.15.0-136.140~16.04.1 linux-image-aws-hwe 4.15.0.1094.87 linux-image-azure 4.15.0.1108.99 linux-image-gcp 4.15.0.1093.94 linux-image-generic-hwe-16.04 4.15.0.136.132 linux-image-generic-lpae-hwe-16.04 4.15.0.136.132 linux-image-gke 4.15.0.1093.94 linux-image-lowlatency-hwe-16.04 4.15.0.136.132 linux-image-oem 4.15.0.136.132 linux-image-oracle 4.15.0.1065.53 linux-image-virtual-hwe-16.04 4.15.0.136.132 Ubuntu 14.04 ESM: linux-image-4.15.0-1108-azure 4.15.0-1108.120~14.04.1 linux-image-azure 4.15.0.1108.81 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Description: Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. 6 ELS) - i386, s390x, x86_64 3. Bug Fix(es): * Enable CI and changelog for GitLab workflow (BZ#1930523) 4. 7.6) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel

Trust: 1.8

sources: NVD: CVE-2020-29661 // VULMON: CVE-2020-29661 // PACKETSTORM: 162878 // PACKETSTORM: 161430 // PACKETSTORM: 161826 // PACKETSTORM: 161552 // PACKETSTORM: 162130 // PACKETSTORM: 162253 // PACKETSTORM: 161868 // PACKETSTORM: 162028 // PACKETSTORM: 161551

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.248

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.15

Trust: 1.0

vendor:netappmodel:8300scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:2.6.26

Trust: 1.0

vendor:netappmodel:a400scope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.5

Trust: 1.0

vendor:netappmodel:a700sscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:tekelec platform distributionscope:gteversion:7.4.0

Trust: 1.0

vendor:broadcommodel:fabric operating systemscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.248

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.10

Trust: 1.0

vendor:oraclemodel:tekelec platform distributionscope:lteversion:7.7.1

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.212

Trust: 1.0

vendor:netappmodel:8700scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.9.14

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:32

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.163

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.83

Trust: 1.0

sources: NVD: CVE-2020-29661

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-29661
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202012-778
value: HIGH

Trust: 0.6

VULMON: CVE-2020-29661
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-29661
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2020-29661
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2020-29661 // CNNVD: CNNVD-202012-778 // NVD: CVE-2020-29661

PROBLEMTYPE DATA

problemtype:CWE-667

Trust: 1.0

problemtype:CWE-416

Trust: 1.0

sources: NVD: CVE-2020-29661

THREAT TYPE

local

Trust: 0.8

sources: PACKETSTORM: 161552 // PACKETSTORM: 161551 // CNNVD: CNNVD-202012-778

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202012-778

PATCH

title:Linux kernel Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=136912

Trust: 0.6

title:Red Hat: Important: kernel-rt security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210537 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel-alt security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210354 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210558 - Security Advisory

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-29661 log

Trust: 0.1

title:Amazon Linux 2: ALAS2LIVEPATCH-2021-032url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-032

Trust: 0.1

title:Amazon Linux 2: ALAS2LIVEPATCH-2021-031url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-031

Trust: 0.1

title:Amazon Linux 2: ALAS2LIVEPATCH-2021-034url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-034

Trust: 0.1

title:Amazon Linux 2: ALAS2LIVEPATCH-2021-033url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2LIVEPATCH-2021-033

Trust: 0.1

title:IBM: Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage Systemurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=d39f316392b1adf4ca22f6ef041af00f

Trust: 0.1

title:Amazon Linux AMI: ALAS-2021-1477url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1477

Trust: 0.1

title:Amazon Linux 2: ALAS2KERNEL-5.4-2022-019url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-019

Trust: 0.1

title:Debian Security Advisories: DSA-4843-1 linux -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=b95030247235becf9e017bec31e9d503

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1588url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1588

Trust: 0.1

title:IBM: Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=e9d6f12dfd14652e2bb7e5c28ded162b

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title:https://github.com/lcatro/cve_diff_checkerurl:https://github.com/lcatro/cve_diff_checker

Trust: 0.1

title:veracode-container-security-finding-parserurl:https://github.com/vincent-deng/veracode-container-security-finding-parser

Trust: 0.1

sources: VULMON: CVE-2020-29661 // CNNVD: CNNVD-202012-778

EXTERNAL IDS

db:NVDid:CVE-2020-29661

Trust: 2.6

db:PACKETSTORMid:160681

Trust: 1.7

db:PACKETSTORMid:164950

Trust: 1.7

db:OPENWALLid:OSS-SECURITY/2020/12/10/1

Trust: 1.7

db:PACKETSTORMid:162878

Trust: 0.7

db:PACKETSTORMid:162253

Trust: 0.7

db:PACKETSTORMid:161868

Trust: 0.7

db:AUSCERTid:ESB-2021.0189

Trust: 0.6

db:AUSCERTid:ESB-2021.0348

Trust: 0.6

db:AUSCERTid:ESB-2021.0377

Trust: 0.6

db:AUSCERTid:ESB-2021.0166

Trust: 0.6

db:AUSCERTid:ESB-2021.0964

Trust: 0.6

db:AUSCERTid:ESB-2021.0791

Trust: 0.6

db:AUSCERTid:ESB-2021.2781

Trust: 0.6

db:AUSCERTid:ESB-2021.1193

Trust: 0.6

db:AUSCERTid:ESB-2021.0837

Trust: 0.6

db:AUSCERTid:ESB-2021.2604

Trust: 0.6

db:AUSCERTid:ESB-2021.0717

Trust: 0.6

db:AUSCERTid:ESB-2021.0589

Trust: 0.6

db:AUSCERTid:ESB-2021.1339

Trust: 0.6

db:AUSCERTid:ESB-2021.3871

Trust: 0.6

db:AUSCERTid:ESB-2021.1093

Trust: 0.6

db:AUSCERTid:ESB-2021.0864

Trust: 0.6

db:AUSCERTid:ESB-2021.0768

Trust: 0.6

db:AUSCERTid:ESB-2021.0924

Trust: 0.6

db:AUSCERTid:ESB-2021.3743

Trust: 0.6

db:PACKETSTORMid:162020

Trust: 0.6

db:PACKETSTORMid:161607

Trust: 0.6

db:PACKETSTORMid:164812

Trust: 0.6

db:PACKETSTORMid:161250

Trust: 0.6

db:PACKETSTORMid:161823

Trust: 0.6

db:PACKETSTORMid:161710

Trust: 0.6

db:PACKETSTORMid:161656

Trust: 0.6

db:PACKETSTORMid:161556

Trust: 0.6

db:CS-HELPid:SB2021042135

Trust: 0.6

db:CS-HELPid:SB2021062111

Trust: 0.6

db:CS-HELPid:SB2021052006

Trust: 0.6

db:CS-HELPid:SB2021092209

Trust: 0.6

db:CNNVDid:CNNVD-202012-778

Trust: 0.6

db:VULMONid:CVE-2020-29661

Trust: 0.1

db:PACKETSTORMid:161430

Trust: 0.1

db:PACKETSTORMid:161826

Trust: 0.1

db:PACKETSTORMid:161552

Trust: 0.1

db:PACKETSTORMid:162130

Trust: 0.1

db:PACKETSTORMid:162028

Trust: 0.1

db:PACKETSTORMid:161551

Trust: 0.1

sources: VULMON: CVE-2020-29661 // PACKETSTORM: 162878 // PACKETSTORM: 161430 // PACKETSTORM: 161826 // PACKETSTORM: 161552 // PACKETSTORM: 162130 // PACKETSTORM: 162253 // PACKETSTORM: 161868 // PACKETSTORM: 162028 // PACKETSTORM: 161551 // CNNVD: CNNVD-202012-778 // NVD: CVE-2020-29661

REFERENCES

url:http://packetstormsecurity.com/files/160681/linux-tiocspgrp-broken-locking.html

Trust: 2.3

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 2.3

url:http://packetstormsecurity.com/files/164950/kernel-live-patch-security-notice-lsn-0082-1.html

Trust: 2.3

url:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc

Trust: 1.7

url:http://www.openwall.com/lists/oss-security/2020/12/10/1

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20210122-0001/

Trust: 1.7

url:https://www.debian.org/security/2021/dsa-4843

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-29661

Trust: 1.4

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mz7oakaefaxqrgbzk4lyuwincd3d2xcl/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bob25su6xul4tnp7kb63wnzsytiyfdpp/

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2020-29661

Trust: 0.7

url:https://bugzilla.redhat.com/):

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.7

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.6

url:https://access.redhat.com/articles/11258

Trust: 0.6

url:https://access.redhat.com/security/team/key/

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mz7oakaefaxqrgbzk4lyuwincd3d2xcl/

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bob25su6xul4tnp7kb63wnzsytiyfdpp/

Trust: 0.6

url:https://packetstormsecurity.com/files/161710/red-hat-security-advisory-2021-0763-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0837

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0717

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-there-are-multiple-vulnerabilities-in-the-linux-kernel-used-in-ibm-elastic-storage-system-3/

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-use-after-free-via-tiocspgrp-34082

Trust: 0.6

url:https://packetstormsecurity.com/files/161250/red-hat-security-advisory-2021-0354-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3871

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2781

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042135

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092209

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0189/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0377/

Trust: 0.6

url:https://packetstormsecurity.com/files/161656/red-hat-security-advisory-2021-0719-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162878/red-hat-security-advisory-2021-2164-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1193

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1093

Trust: 0.6

url:https://packetstormsecurity.com/files/162253/red-hat-security-advisory-2021-1288-01.html

Trust: 0.6

url:https://source.android.com/security/bulletin/2021-05-01

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052006

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0589

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0864

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0964

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0348/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0924

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0768

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1339

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2604

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062111

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0791

Trust: 0.6

url:https://packetstormsecurity.com/files/164812/ubuntu-security-notice-usn-5130-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/161823/red-hat-security-advisory-2021-0862-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0166/

Trust: 0.6

url:https://packetstormsecurity.com/files/161607/red-hat-security-advisory-2021-0689-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3743

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6525030

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202111-0000001218088197

Trust: 0.6

url:https://packetstormsecurity.com/files/161556/ubuntu-security-notice-usn-4752-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/161868/red-hat-security-advisory-2021-0940-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162020/red-hat-security-advisory-2021-1028-01.html

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-25211

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-25705

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19532

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-19532

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-14351

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14351

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20265

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2021:0537

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-25211

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25645

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20265

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25656

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-28374

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-7053

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29660

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29568

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-27815

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29374

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/416.html

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/667.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/lcatro/cve_diff_checker

Trust: 0.1

url:https://alas.aws.amazon.com/al2/alaslivepatch-2021-032.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12362

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2164

Trust: 0.1

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25656

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-7053

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0856

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28374

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25645

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1093.106~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1085.87

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1108.120

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1065.73

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1093.106

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gke-4.15/4.15.0-1079.84

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1012.16

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1096.105

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.15.0-136.140

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1094.101~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-136.140~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1065.73~16.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25669

Trust: 0.1

url:https://usn.ubuntu.com/4749-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1108.120~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1079.84

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1094.101

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29569

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1129

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12723

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17006

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5188

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12749

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12401

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12402

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1971

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.10/html-single/installing_3scale/index

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17006

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12401

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17023

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17023

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12749

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8177

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12243

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12400

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12723

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11756

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11756

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12243

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11727

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12403

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11727

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5188

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19126

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17498

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17498

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12402

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27364

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1288

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27364

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27365

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27365

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0940

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1031

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1122.136

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.4.0-203.235

Trust: 0.1

url:https://usn.ubuntu.com/4748-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1088.97

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1146.156

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1150.160

Trust: 0.1

sources: VULMON: CVE-2020-29661 // PACKETSTORM: 162878 // PACKETSTORM: 161430 // PACKETSTORM: 161826 // PACKETSTORM: 161552 // PACKETSTORM: 162130 // PACKETSTORM: 162253 // PACKETSTORM: 161868 // PACKETSTORM: 162028 // PACKETSTORM: 161551 // CNNVD: CNNVD-202012-778 // NVD: CVE-2020-29661

CREDITS

Red Hat

Trust: 1.3

sources: PACKETSTORM: 162878 // PACKETSTORM: 161430 // PACKETSTORM: 161826 // PACKETSTORM: 162130 // PACKETSTORM: 162253 // PACKETSTORM: 161868 // PACKETSTORM: 162028 // CNNVD: CNNVD-202012-778

SOURCES

db:VULMONid:CVE-2020-29661
db:PACKETSTORMid:162878
db:PACKETSTORMid:161430
db:PACKETSTORMid:161826
db:PACKETSTORMid:161552
db:PACKETSTORMid:162130
db:PACKETSTORMid:162253
db:PACKETSTORMid:161868
db:PACKETSTORMid:162028
db:PACKETSTORMid:161551
db:CNNVDid:CNNVD-202012-778
db:NVDid:CVE-2020-29661

LAST UPDATE DATE

2025-04-28T21:01:29.237000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2020-29661date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202012-778date:2023-01-18T00:00:00
db:NVDid:CVE-2020-29661date:2024-11-21T05:24:23.040

SOURCES RELEASE DATE

db:VULMONid:CVE-2020-29661date:2020-12-09T00:00:00
db:PACKETSTORMid:162878date:2021-06-01T14:45:52
db:PACKETSTORMid:161430date:2021-02-16T15:45:08
db:PACKETSTORMid:161826date:2021-03-17T14:14:38
db:PACKETSTORMid:161552date:2021-02-25T15:30:40
db:PACKETSTORMid:162130date:2021-04-08T14:00:00
db:PACKETSTORMid:162253date:2021-04-20T16:31:47
db:PACKETSTORMid:161868date:2021-03-19T15:39:56
db:PACKETSTORMid:162028date:2021-03-30T14:30:08
db:PACKETSTORMid:161551date:2021-02-25T15:30:28
db:CNNVDid:CNNVD-202012-778date:2020-12-09T00:00:00
db:NVDid:CVE-2020-29661date:2020-12-09T17:15:31.807