ID

VAR-202012-1546

CVE

CVE-2020-29661

TITLE

Debian Security Advisory 4843-1

DESCRIPTION

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of service. CVE-2020-27825 Adam 'pi3' Zabrocki reported a use-after-free flaw in the ftrace ring buffer resizing logic due to a race condition, which could result in denial of service or information leak. CVE-2020-27830 Shisong Qin reported a NULL pointer dereference flaw in the Speakup screen reader core driver. CVE-2020-28374 David Disseldorp discovered that the LIO SCSI target implementation performed insufficient checking in certain XCOPY requests. An attacker with access to a LUN and knowledge of Unit Serial Number assignments can take advantage of this flaw to read and write to any LIO backstore, regardless of the SCSI transport settings. CVE-2020-29568 (XSA-349) Michael Kurth and Pawel Wieczorkiewicz reported that frontends can trigger OOM in backends by updating a watched path. CVE-2020-29569 (XSA-350) Olivier Benjamin and Pawel Wieczorkiewicz reported a use-after-free flaw which can be triggered by a block frontend in Linux blkback. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. A local attacker can take advantage of this flaw for memory corruption or privilege escalation. CVE-2020-36158 A buffer overflow flaw was discovered in the mwifiex WiFi driver which could result in denial of service or the execution of arbitrary code via a long SSID value. CVE-2021-3347 It was discovered that PI futexes have a kernel stack use-after-free during fault handling. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation. CVE-2021-20177 A flaw was discovered in the Linux implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) can take advantage of this flaw to cause a kernel panic when inserting iptables rules. For the stable distribution (buster), these problems have been fixed in version 4.19.171-2. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAXj9pfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Tf5Q//RdQojeX7VtJ61PsVXRszZh9DJ3PUo64NheFU+QWUYO7F6NUD3fMxiS9K I8Sgfsm28x7RBambjW6TZYseJhQd9aSvaANnPdUj/eZ9P3xBhXFM8wzISosUWgfO 2IIV40oOVj943+BzfIQiq1mgQtwLjh3pNTZAEpjnzD96Tc9tXGyW9/3iGkUHIQjv gUTSvoLIUAI4XfNNUjnok+6kPDyEEIdiwJaGDG+UPZ6HNL/hrG3A4klQc+X7KK5K NCOzl4Wl5pZN7u2Ietn3sFMsNJkMrsfLlVyj8J9PgNwbFQh/+RuvzFcONlQ8iaD9 kx42gkLwjl+hM2UeCpvQndzwqXKPKc6CjFemDj7KWzVA+KkVBRTXCGb9K9CasZOZ 0e/cu+5rjYGubIE3e/jo3Gmhp/fm9fXHESbruxuP+gjdbKcyrGrokNucjRvp6FPP rCX+e7OjsZwWGBIcAw+gDAZkDO7PFEoRtlByF2LmxxNvTufZQZHX8NwVyABCdpZi VQLLeQNXN1pJ4d1NPWgTlKfEmH0sGVQRHCliTkBZmIjvo+y1JClUDBAlWOS4YYQL 4Z4oe1qtOX9z+NkqDqcbgfWw69Q2PipNN3TR5YcBXvOtVhvL+/WFGiooJDqxkdCD j3wO/r/1gut/bK/OJnjmOB9J5OXP+cHxYtrhPqXFy2Hzkgj1CRU= =u23W -----END PGP SIGNATURE----- . Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bug fix: * RHACM 2.0.8 images (BZ #1915461) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1915461 - RHACM 2.0.8 images 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 5. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. Bugs fixed (https://bugzilla.redhat.com/): 1732329 - Virtual Machine is missing documentation of its properties in yaml editor 1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv 1791753 - [RFE] [SSP] Template validator should check validations in template's parent template 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration 1848956 - KMP requires downtime for CA stabilization during certificate rotation 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1853911 - VM with dot in network name fails to start with unclear message 1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show" 1856347 - SR-IOV : Missing network name for sriov during vm setup 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination 1860714 - No API information from `oc explain` 1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints 1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem 1866593 - CDI is not handling vm disk clone 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1868817 - Container-native Virtualization 2.6.0 Images 1873771 - Improve the VMCreationFailed error message caused by VM low memory 1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it 1878499 - DV import doesn't recover from scratch space PVC deletion 1879108 - Inconsistent naming of "oc virt" command in help text 1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running 1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT 1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability 1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message 1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used 1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, *before* the NodeNetworkConfigurationPolicy is applied 1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request. 1891285 - Common templates and kubevirt-config cm - update machine-type 1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error 1892227 - [SSP] cluster scoped resources are not being reconciled 1893278 - openshift-virtualization-os-images namespace not seen by user 1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza 1894428 - Message for VMI not migratable is not clear enough 1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium 1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import 1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1898072 - Add Fedora33 to Fedora common templates 1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail 1899558 - CNV 2.6 - nmstate fails to set state 1901480 - VM disk io can't worked if namespace have label kubemacpool 1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig) 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 1903014 - hco-webhook pod in CreateContainerError 1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode 1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT "default" 1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers 1907151 - kubevirt version is not reported correctly via virtctl 1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV 2.6 1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal error occurred" for creating datavolume 1907988 - VM loses dynamic IP address of its default interface after migration 1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity 1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error 1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference 1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on "qemu-img: /data/disk.img" error 1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO 1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non unique alias detected: ua-') 1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface 1911662 - el6 guests don't work properly if virtio bus is specified on various devices 1912908 - Allow using "scsi" bus for disks in template validation 1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails 1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user 1913717 - Users should have read permitions for golden images data volumes 1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes 1914177 - CNV does not preallocate blank file data volumes 1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes 1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer 1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block 1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored 1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration 1920576 - HCO can report ready=true when it failed to create a CR for a component operator 1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool 1927373 - NoExecute taint violates pdb; VMIs are not live migrated 1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4->CNV-2.6.0 upgrade 5. 8.2) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:0558-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0558 Issue date: 2021-02-16 CVE Names: CVE-2020-14351 CVE-2020-25705 CVE-2020-29661 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Final fixes + drop alpha_support flag requirement for Tigerlake (BZ#1882620) * OVS complains Invalid Argument on TCP packets going into conntrack (BZ#1892744) * BUG: using smp_processor_id() in preemptible [00000000] code: handler106/3082 (BZ#1893281) * Icelake performance - add intel_idle: Customize IceLake server support to RHEL-8 (BZ#1897183) * [mlx5] IPV6 TOS rewrite flows are not getting offloaded in HW (BZ#1897688) * RHEL 8.3 SAS - multipathd fails to re-establish paths during controller random reset (BZ#1900112) * RHEL8.3 Beta - RHEL8.3 hangs on dbginfo.sh execution, crash dump generated (mm-) (BZ#1903019) * Win10 guest automatic reboot after migration in Win10 and WSL2 on AMD hosts (BZ#1905084) * block, dm: fix IO splitting for stacked devices (BZ#1905136) * Failed to hotplug scsi-hd disks (BZ#1905214) * PCI quirk needed to prevent GPU hang (BZ#1906516) * RHEL8.2 - various patches to stabilize the OPAL error log processing and the powernv dump processing (ESS) (BZ#1907301) * pmtu not working with tunnels as bridge ports and br_netfilter loaded (BZ#1907576) * [ThinkPad X13/T14/T14s AMD]: Kdump failed (BZ#1907775) * NFSv4 client improperly handles interrupted slots (BZ#1908312) * NFSv4.1 client ignores ERR_DELAY during LOCK recovery, could lead to data corruption (BZ#1908313) * [Regression] RHEL8.2 - [kernel 148.el8] cpu (sys) time regression in SAP HANA 2.0 benchmark benchInsertSubSelectPerformance (BZ#1908519) * RHEL8: kernel-rt: kernel BUG at kernel/sched/deadline.c:1462! (BZ#1908731) * SEV VM hang at efi_mokvar_sysfs_init+0xa9/0x19d during boot (BZ#1909243) * C6gn support requires "Ensure dirty bit is preserved across pte_wrprotect" patch (BZ#1909577) * [Lenovo 8.3 & 8.4 Bug] [Regression] No response from keyboard and mouse when boot from tboot kernel (BZ#1911555) * Kernel crash with krb5p (BZ#1912478) * [RHEL8] Need additional backports for FIPS 800-90A DRBG entropy seeding source (BZ#1912872) * [Hyper-V][RHEL-8] Request to included a commit that adds a timeout to vmbus_wait_for_unload (BZ#1913528) * Host becomes unresponsive during stress-ng --cyclic test rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: (BZ#1913964) * RHEL8.4: Backport upstream RCU patches up to v5.6 (BZ#1915638) * Missing mm backport to fix regression introduced by another mm backport (BZ#1915814) * [Hyper-V][RHEL-8]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit (BZ#1917711) * ionic 0000:39:00.0 ens2: IONIC_CMD_Q_INIT (40) failed: IONIC_RC_ERROR (-5) (BZ#1918372) * [certification] mlx5_core depends on tls triggering TAINT_TECH_PREVIEW even if no ConnectX-6 card is present (BZ#1918743) * kvm-rhel8.3 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces. (BZ#1919885) Enhancement(s): * [Mellanox 8.4 FEAT] mlx5: Add messages when VF-LAG fails to start (BZ#1892344) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1862849 - CVE-2020-14351 kernel: performance counters race condition use-after-free 1894579 - CVE-2020-25705 kernel: ICMP rate limiting can be used for DNS poisoning attack 1906525 - CVE-2020-29661 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: kernel-4.18.0-240.15.1.el8_3.src.rpm aarch64: bpftool-4.18.0-240.15.1.el8_3.aarch64.rpm bpftool-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-core-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-cross-headers-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-core-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-devel-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-modules-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-modules-extra-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-devel-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-headers-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-modules-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-modules-extra-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-tools-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-tools-libs-4.18.0-240.15.1.el8_3.aarch64.rpm perf-4.18.0-240.15.1.el8_3.aarch64.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm python3-perf-4.18.0-240.15.1.el8_3.aarch64.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-240.15.1.el8_3.noarch.rpm kernel-doc-4.18.0-240.15.1.el8_3.noarch.rpm ppc64le: bpftool-4.18.0-240.15.1.el8_3.ppc64le.rpm bpftool-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-core-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-cross-headers-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-core-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-devel-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-modules-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-modules-extra-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-devel-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-headers-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-modules-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-modules-extra-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-tools-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-tools-libs-4.18.0-240.15.1.el8_3.ppc64le.rpm perf-4.18.0-240.15.1.el8_3.ppc64le.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm python3-perf-4.18.0-240.15.1.el8_3.ppc64le.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm s390x: bpftool-4.18.0-240.15.1.el8_3.s390x.rpm bpftool-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm kernel-4.18.0-240.15.1.el8_3.s390x.rpm kernel-core-4.18.0-240.15.1.el8_3.s390x.rpm kernel-cross-headers-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debug-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debug-core-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debug-devel-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debug-modules-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debug-modules-extra-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-240.15.1.el8_3.s390x.rpm kernel-devel-4.18.0-240.15.1.el8_3.s390x.rpm kernel-headers-4.18.0-240.15.1.el8_3.s390x.rpm kernel-modules-4.18.0-240.15.1.el8_3.s390x.rpm kernel-modules-extra-4.18.0-240.15.1.el8_3.s390x.rpm kernel-tools-4.18.0-240.15.1.el8_3.s390x.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm kernel-zfcpdump-4.18.0-240.15.1.el8_3.s390x.rpm kernel-zfcpdump-core-4.18.0-240.15.1.el8_3.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm kernel-zfcpdump-devel-4.18.0-240.15.1.el8_3.s390x.rpm kernel-zfcpdump-modules-4.18.0-240.15.1.el8_3.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-240.15.1.el8_3.s390x.rpm perf-4.18.0-240.15.1.el8_3.s390x.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm python3-perf-4.18.0-240.15.1.el8_3.s390x.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.s390x.rpm x86_64: bpftool-4.18.0-240.15.1.el8_3.x86_64.rpm bpftool-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-core-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-cross-headers-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-core-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-devel-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-modules-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-modules-extra-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-devel-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-headers-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-modules-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-modules-extra-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-tools-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-tools-libs-4.18.0-240.15.1.el8_3.x86_64.rpm perf-4.18.0-240.15.1.el8_3.x86_64.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm python3-perf-4.18.0-240.15.1.el8_3.x86_64.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: bpftool-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm kernel-tools-libs-devel-4.18.0-240.15.1.el8_3.aarch64.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm kernel-tools-libs-devel-4.18.0-240.15.1.el8_3.ppc64le.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debug-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-tools-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm kernel-tools-libs-devel-4.18.0-240.15.1.el8_3.x86_64.rpm perf-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm python3-perf-debuginfo-4.18.0-240.15.1.el8_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-14351 https://access.redhat.com/security/cve/CVE-2020-25705 https://access.redhat.com/security/cve/CVE-2020-29661 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYCvbYNzjgjWX9erEAQiTgg//dB1C0b4TtlIv7Zz2dMZpLHVM2Oukkkhp alSH4rH+rTqLE2iF7oayEhjsV9tXuWe3LODsbHKTVGr+naS8wMrCbcbi3mIB6n4S QloYtaj1Xlmabx9FNGAFZ46zZkkyh9m/qo/aPb6GEJS83Zs7BKrlbJek0rBg3DAU aJQ6wuJEP/Pv1IZmMFTqbukC0e8kH0UBLrhPfDgEPYjGRcGHdWlhTEiGPW9hdjP4 KpiaeHNLWoZjamZmdtfUwLzszKI8PQlLpJvoyETy7isvu9uxKfpR773OgePAJexo 2Ssm+rBSe6T5HQOuhv9QYpPBKWLYICnM6I6OCpuus+gxHUYeUzI4TQYDD4CSxH7U RfSR8YZwnzNzVH5T8X/bm+MRYM+1faVPSFf+acpy/ILDcYb5NsG3Kgxi/1cr4n10 WUYw+jvOyPkZG7mYNcHApdqu9DqoShVC2klz3RV5/EQztIMhQtKaJLAM1hKEJodj 2/UbKpX6mba2Xo8n7hKIXxzdmnxxcYe2tsUB9mYDnznmJs1UtiLSrtcuCUkCyWJL 3YRW2fiZuDENIkCeXHl90i/OCVugj5msG2a9wbwwAJvJZuCZ7uhsvkiy5yHuFeN8 ZAsufdefqmfyLwhJjhqTrxwAGEssvt9ZszVgn3wDGqyjapQaT7Bgxbp7WD0cxslK p74ARqxfOq8=gOn1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-4748-1 February 25, 2021 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. A local attacker could possibly use this to gain unintended write access to read-only memory pages. (CVE-2020-29374) Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29661) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-1088-kvm 4.4.0-1088.97 linux-image-4.4.0-1122-aws 4.4.0-1122.136 linux-image-4.4.0-1146-raspi2 4.4.0-1146.156 linux-image-4.4.0-1150-snapdragon 4.4.0-1150.160 linux-image-4.4.0-203-generic 4.4.0-203.235 linux-image-4.4.0-203-generic-lpae 4.4.0-203.235 linux-image-4.4.0-203-lowlatency 4.4.0-203.235 linux-image-4.4.0-203-powerpc-e500mc 4.4.0-203.235 linux-image-4.4.0-203-powerpc-smp 4.4.0-203.235 linux-image-4.4.0-203-powerpc64-emb 4.4.0-203.235 linux-image-4.4.0-203-powerpc64-smp 4.4.0-203.235 linux-image-aws 4.4.0.1122.127 linux-image-generic 4.4.0.203.209 linux-image-generic-lpae 4.4.0.203.209 linux-image-kvm 4.4.0.1088.86 linux-image-lowlatency 4.4.0.203.209 linux-image-powerpc-e500mc 4.4.0.203.209 linux-image-powerpc-smp 4.4.0.203.209 linux-image-powerpc64-emb 4.4.0.203.209 linux-image-powerpc64-smp 4.4.0.203.209 linux-image-raspi2 4.4.0.1146.146 linux-image-snapdragon 4.4.0.1150.142 linux-image-virtual 4.4.0.203.209 Ubuntu 14.04 ESM: linux-image-4.4.0-1086-aws 4.4.0-1086.90 linux-image-4.4.0-203-generic 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-generic-lpae 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-lowlatency 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc-e500mc 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc-smp 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc64-emb 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc64-smp 4.4.0-203.235~14.04.1 linux-image-aws 4.4.0.1086.83 linux-image-generic-lpae-lts-xenial 4.4.0.203.177 linux-image-generic-lts-xenial 4.4.0.203.177 linux-image-lowlatency-lts-xenial 4.4.0.203.177 linux-image-powerpc-e500mc-lts-xenial 4.4.0.203.177 linux-image-powerpc-smp-lts-xenial 4.4.0.203.177 linux-image-powerpc64-emb-lts-xenial 4.4.0.203.177 linux-image-powerpc64-smp-lts-xenial 4.4.0.203.177 linux-image-virtual-lts-xenial 4.4.0.203.177 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

overflow

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2026-03-26T22:25:33.502000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE