Details of VAR-202103-0920

ID

VAR-202103-0920

CVE

CVE-2021-27363

TITLE

Linux kernel Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202103-523

DESCRIPTION

An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. ========================================================================= Ubuntu Security Notice USN-4887-1 March 23, 2021 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oem-5.6, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170) Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: linux-image-5.8.0-1019-raspi 5.8.0-1019.22 linux-image-5.8.0-1019-raspi-nolpae 5.8.0-1019.22 linux-image-5.8.0-1022-kvm 5.8.0-1022.24 linux-image-5.8.0-1024-oracle 5.8.0-1024.25 linux-image-5.8.0-1026-azure 5.8.0-1026.28 linux-image-5.8.0-1026-gcp 5.8.0-1026.27 linux-image-5.8.0-1027-aws 5.8.0-1027.29 linux-image-5.8.0-48-generic 5.8.0-48.54 linux-image-5.8.0-48-generic-64k 5.8.0-48.54 linux-image-5.8.0-48-generic-lpae 5.8.0-48.54 linux-image-5.8.0-48-lowlatency 5.8.0-48.54 linux-image-aws 5.8.0.1027.29 linux-image-azure 5.8.0.1026.26 linux-image-gcp 5.8.0.1026.26 linux-image-generic 5.8.0.48.53 linux-image-generic-64k 5.8.0.48.53 linux-image-generic-lpae 5.8.0.48.53 linux-image-gke 5.8.0.1026.26 linux-image-kvm 5.8.0.1022.24 linux-image-lowlatency 5.8.0.48.53 linux-image-oem-20.04 5.8.0.48.53 linux-image-oracle 5.8.0.1024.23 linux-image-raspi 5.8.0.1019.22 linux-image-raspi-nolpae 5.8.0.1019.22 linux-image-virtual 5.8.0.48.53 Ubuntu 20.04 LTS: linux-image-5.10.0-1019-oem 5.10.0-1019.20 linux-image-5.4.0-1012-gkeop 5.4.0-1012.13 linux-image-5.4.0-1032-raspi 5.4.0-1032.35 linux-image-5.4.0-1036-kvm 5.4.0-1036.37 linux-image-5.4.0-1040-gcp 5.4.0-1040.43 linux-image-5.4.0-1041-aws 5.4.0-1041.43 linux-image-5.4.0-1041-oracle 5.4.0-1041.44 linux-image-5.4.0-1043-azure 5.4.0-1043.45 linux-image-5.4.0-70-generic 5.4.0-70.78 linux-image-5.4.0-70-generic-lpae 5.4.0-70.78 linux-image-5.4.0-70-lowlatency 5.4.0-70.78 linux-image-5.6.0-1052-oem 5.6.0-1052.56 linux-image-5.8.0-48-generic 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic-64k 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-generic-lpae 5.8.0-48.54~20.04.1 linux-image-5.8.0-48-lowlatency 5.8.0-48.54~20.04.1 linux-image-aws 5.4.0.1041.42 linux-image-azure 5.4.0.1043.41 linux-image-gcp 5.4.0.1040.49 linux-image-generic 5.4.0.70.73 linux-image-generic-64k-hwe-20.04 5.8.0.48.54~20.04.32 linux-image-generic-hwe-20.04 5.8.0.48.54~20.04.32 linux-image-generic-lpae 5.4.0.70.73 linux-image-generic-lpae-hwe-20.04 5.8.0.48.54~20.04.32 linux-image-gkeop 5.4.0.1012.15 linux-image-gkeop-5.4 5.4.0.1012.15 linux-image-kvm 5.4.0.1036.34 linux-image-lowlatency 5.4.0.70.73 linux-image-lowlatency-hwe-20.04 5.8.0.48.54~20.04.32 linux-image-oem 5.4.0.70.73 linux-image-oem-20.04 5.6.0.1052.48 linux-image-oem-20.04b 5.10.0.1019.20 linux-image-oem-osp1 5.4.0.70.73 linux-image-oracle 5.4.0.1041.38 linux-image-raspi 5.4.0.1032.67 linux-image-raspi2 5.4.0.1032.67 linux-image-virtual 5.4.0.70.73 linux-image-virtual-hwe-20.04 5.8.0.48.54~20.04.32 Ubuntu 18.04 LTS: linux-image-5.3.0-1038-raspi2 5.3.0-1038.40 linux-image-5.3.0-1041-gke 5.3.0-1041.44 linux-image-5.3.0-72-generic 5.3.0-72.68 linux-image-5.3.0-72-lowlatency 5.3.0-72.68 linux-image-5.4.0-1012-gkeop 5.4.0-1012.13~18.04.1 linux-image-5.4.0-1032-raspi 5.4.0-1032.35~18.04.1 linux-image-5.4.0-1039-gke 5.4.0-1039.41~18.04.1 linux-image-5.4.0-1040-gcp 5.4.0-1040.43~18.04.1 linux-image-5.4.0-1041-aws 5.4.0-1041.43~18.04.1 linux-image-5.4.0-1041-oracle 5.4.0-1041.44~18.04.1 linux-image-5.4.0-1043-azure 5.4.0-1043.45~18.04.1 linux-image-5.4.0-70-generic 5.4.0-70.78~18.04.1 linux-image-5.4.0-70-generic-lpae 5.4.0-70.78~18.04.1 linux-image-5.4.0-70-lowlatency 5.4.0-70.78~18.04.1 linux-image-aws 5.4.0.1041.24 linux-image-azure 5.4.0.1043.23 linux-image-gcp 5.4.0.1040.27 linux-image-generic-hwe-18.04 5.4.0.70.78~18.04.63 linux-image-generic-lpae-hwe-18.04 5.4.0.70.78~18.04.63 linux-image-gke-5.3 5.3.0.1041.24 linux-image-gke-5.4 5.4.0.1039.41~18.04.6 linux-image-gkeop-5.3 5.3.0.72.129 linux-image-gkeop-5.4 5.4.0.1012.13~18.04.13 linux-image-lowlatency-hwe-18.04 5.4.0.70.78~18.04.63 linux-image-oem 5.4.0.70.78~18.04.63 linux-image-oem-osp1 5.4.0.70.78~18.04.63 linux-image-oracle 5.4.0.1041.44~18.04.23 linux-image-raspi-hwe-18.04 5.4.0.1032.34 linux-image-raspi2-hwe-18.04 5.3.0.1038.27 linux-image-snapdragon-hwe-18.04 5.4.0.70.78~18.04.63 linux-image-virtual-hwe-18.04 5.4.0.70.78~18.04.63 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Bug fix: * RHACM 2.0.10 images (BZ #1940452) 3. Bugs fixed (https://bugzilla.redhat.com/): 1940452 - RHACM 2.0.10 images 1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function 5. (CVE-2021-27365) It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:1071-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1071 Issue date: 2021-04-06 CVE Names: CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Security Fix(es): * kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) * kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) * kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Customer testing eMMC sees and intermittent boot problem on 7.8+, was not seen on 7.3 (BZ#1918916) * tcm loopback driver causes double-start of scsi command when work is delayed (BZ#1925652) * [Azure][RHEL-7]Mellanox Patches To Prevent Kernel Hang In MLX4 (BZ#1925691) * A patch from upstream c365c292d059 causes us to end up leaving rt_nr_boosted in an inconsistent state, which causes a hard lockup. (BZ#1928082) * [RHEL7.9.z] Add fix to update snd_wl1 in bulk receiver fast path (BZ#1929804) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem 1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles 1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm ppc64: bpftool-3.10.0-1160.24.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-3.10.0-1160.24.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.24.1.el7.ppc64.rpm kernel-devel-3.10.0-1160.24.1.el7.ppc64.rpm kernel-headers-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.ppc64.rpm perf-3.10.0-1160.24.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm python-perf-3.10.0-1160.24.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1160.24.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-devel-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-headers-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.ppc64le.rpm perf-3.10.0-1160.24.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm python-perf-3.10.0-1160.24.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm s390x: bpftool-3.10.0-1160.24.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-3.10.0-1160.24.1.el7.s390x.rpm kernel-debug-3.10.0-1160.24.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.24.1.el7.s390x.rpm kernel-devel-3.10.0-1160.24.1.el7.s390x.rpm kernel-headers-3.10.0-1160.24.1.el7.s390x.rpm kernel-kdump-3.10.0-1160.24.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.24.1.el7.s390x.rpm perf-3.10.0-1160.24.1.el7.s390x.rpm perf-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm python-perf-3.10.0-1160.24.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-27363 https://access.redhat.com/security/cve/CVE-2021-27364 https://access.redhat.com/security/cve/CVE-2021-27365 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGwp7tzjgjWX9erEAQgQXQ//b1YLCLj3RXDop9pRP30zQj7xj3xDYBK5 7FLTR7K6HVYynrzKBJ87TyJkuhaPpTi8452HYHjLaYt6VYa+j1Jr+PVQr+ZaO+Rz iSRl3Sr5NYynAt9g2vNp6tfeeYPddVSpDpxkUr84EDRZ9Jg8tYtLkanRT9cH02gs +TYPCUZn/2Ii6YQjksIZmv6VVUZepMaO/kDDEi89ivGCffaMvS70Z86498XawgeM eJttBvztEv5K6wvaRtnJegmeonYKxouP1FYDyXh+WAG6zjQDcUEWUKgwdGGn+mXb k4T6F/ktCAx7wSKgt4kMvVmvzOc5jScJ2V0aK3rvm5LnqHoNin5syGOIHm6BM5Jp KTO6MGa9ex7xQdz/pNU/4aqxtKK0G4ceL8xjEGpei5U0gIEXuK4KFySa1bDQa2Xd eN2VtwzajY2tvCe7FrKuwKGb6HyIQK39C8hUHsD2x+JwLCxb12DWBY0ulJzh2C2l LPwWFWMhJqH2GG2wIKh6msCQOMJOGO3zwLtkGMj5dXrmDBHhkkT1FZnL0DdDxL3m JGija+Tr50EFGBFZvS1brChBEqwHqklkUQ3nWVXDj8ipRXJMOOGHbssw9FqnX01B qF414rmDTU1tBHc7bPo8/q5zMXKV5vOixRplzs0sw0hlBJKjvlpVpDMiseo3crlj ghAOW9EzFXk=pxZs -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bug Fix(es): * Enable CI and changelog for GitLab workflow (BZ#1930934) 4. Description: Red Hat Advanced Cluster Management for Kubernetes 2.1.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bug fixes: * RHACM 2.1.6 images (BZ#1940581) * When generating the import cluster string, it can include unescaped characters (BZ#1934184) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1929338 - CVE-2020-35149 mquery: Code injection via merge or clone operation 1934184 - When generating the import cluster string, it can include unescaped characters 1940581 - RHACM 2.1.6 images 5

Trust: 1.53

sources: NVD: CVE-2021-27363 // VULHUB: VHN-386598 // PACKETSTORM: 161952 // PACKETSTORM: 162383 // PACKETSTORM: 162115 // PACKETSTORM: 162098 // PACKETSTORM: 162255 // PACKETSTORM: 162337

AFFECTED PRODUCTS

vendor:	linux	model:	kernel	scope:	lte	version:	5.11.3	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0

sources: NVD: CVE-2021-27363

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-27363
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202103-523
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-386598
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2021-27363
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-386598
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-27363
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	2.5
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-386598 // CNNVD: CNNVD-202103-523 // NVD: CVE-2021-27363

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-27363

THREAT TYPE

local

Trust: 0.8

sources: PACKETSTORM: 161952 // PACKETSTORM: 162115 // CNNVD: CNNVD-202103-523

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-523

EXTERNAL IDS

db:	NVD	id:	CVE-2021-27363	Trust: 2.3
db:	PACKETSTORM	id:	162117	Trust: 1.7
db:	OPENWALL	id:	OSS-SECURITY/2021/03/06/1	Trust: 1.7
db:	PACKETSTORM	id:	161952	Trust: 0.8
db:	PACKETSTORM	id:	162383	Trust: 0.8
db:	PACKETSTORM	id:	162337	Trust: 0.8
db:	PACKETSTORM	id:	162341	Trust: 0.7
db:	PACKETSTORM	id:	162478	Trust: 0.7
db:	PACKETSTORM	id:	162095	Trust: 0.7
db:	PACKETSTORM	id:	162528	Trust: 0.7
db:	PACKETSTORM	id:	162151	Trust: 0.7
db:	PACKETSTORM	id:	161909	Trust: 0.7
db:	PACKETSTORM	id:	162108	Trust: 0.7
db:	PACKETSTORM	id:	162242	Trust: 0.7
db:	CNNVD	id:	CNNVD-202103-523	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.1589	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1694	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1655	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0837	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1406	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1339	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1224	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1307	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1184	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1002	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2589	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3346	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1558	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1299	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1635	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2136	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1445	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0981	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1212	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1151	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1669	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2781	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1101	Trust: 0.6
db:	CS-HELP	id:	SB2021051001	Trust: 0.6
db:	CS-HELP	id:	SB2021042828	Trust: 0.6
db:	CS-HELP	id:	SB2021050609	Trust: 0.6
db:	CS-HELP	id:	SB2021041608	Trust: 0.6
db:	CS-HELP	id:	SB2021041223	Trust: 0.6
db:	CS-HELP	id:	SB2021051317	Trust: 0.6
db:	CS-HELP	id:	SB2021042136	Trust: 0.6
db:	PACKETSTORM	id:	162115	Trust: 0.2
db:	PACKETSTORM	id:	162098	Trust: 0.2
db:	PACKETSTORM	id:	162255	Trust: 0.2
db:	PACKETSTORM	id:	162246	Trust: 0.1
db:	PACKETSTORM	id:	162156	Trust: 0.1
db:	PACKETSTORM	id:	161973	Trust: 0.1
db:	PACKETSTORM	id:	162247	Trust: 0.1
db:	PACKETSTORM	id:	162346	Trust: 0.1
db:	PACKETSTORM	id:	162112	Trust: 0.1
db:	VULHUB	id:	VHN-386598	Trust: 0.1

sources: VULHUB: VHN-386598 // PACKETSTORM: 161952 // PACKETSTORM: 162383 // PACKETSTORM: 162115 // PACKETSTORM: 162098 // PACKETSTORM: 162255 // PACKETSTORM: 162337 // CNNVD: CNNVD-202103-523 // NVD: CVE-2021-27363

REFERENCES

url:	https://security.netapp.com/advisory/ntap-20210409-0001/	Trust: 1.7
url:	http://packetstormsecurity.com/files/162117/kernel-live-patch-security-notice-lsn-0075-1.html	Trust: 1.7
url:	http://www.openwall.com/lists/oss-security/2021/03/06/1	Trust: 1.7
url:	https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html	Trust: 1.7
url:	https://bugzilla.suse.com/show_bug.cgi?id=1182716	Trust: 1.7
url:	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27363	Trust: 1.2
url:	https://access.redhat.com/security/cve/cve-2021-27363	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27365	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27364	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0837	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021051001	Trust: 0.6
url:	https://packetstormsecurity.com/files/162095/red-hat-security-advisory-2021-1070-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1589	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1445	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1307	Trust: 0.6
url:	https://packetstormsecurity.com/files/162242/red-hat-security-advisory-2021-1267-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1406	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042828	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1669	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2781	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1151	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0981	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1212	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041223	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042136	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1299	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1694	Trust: 0.6
url:	https://packetstormsecurity.com/files/161952/ubuntu-security-notice-usn-4887-1.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021051317	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3346	Trust: 0.6
url:	https://packetstormsecurity.com/files/161909/ubuntu-security-notice-usn-4883-1.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021050609	Trust: 0.6
url:	https://packetstormsecurity.com/files/162341/red-hat-security-advisory-2021-1373-01.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/linux-kernel-read-write-access-via-iscsi-show-transport-handle-34762	Trust: 0.6
url:	https://packetstormsecurity.com/files/162108/red-hat-security-advisory-2021-1081-01.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/	Trust: 0.6
url:	https://packetstormsecurity.com/files/162151/red-hat-security-advisory-2021-1168-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/162478/red-hat-security-advisory-2021-1429-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041608	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1558	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1635	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1655	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2589	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1339	Trust: 0.6
url:	https://packetstormsecurity.com/files/162337/red-hat-security-advisory-2021-1369-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1184	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1224	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2136	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6525030	Trust: 0.6
url:	https://packetstormsecurity.com/files/162528/red-hat-security-advisory-2021-1531-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1002	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1101	Trust: 0.6
url:	https://packetstormsecurity.com/files/162383/red-hat-security-advisory-2021-1448-01.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-network-packet-capture-is-vulnerable-to-using-components-with-known-vulnerabilities-2/	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-27364	Trust: 0.4
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.4
url:	https://access.redhat.com/security/team/contact/	Trust: 0.4
url:	https://bugzilla.redhat.com/):	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-27365	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2020-28374	Trust: 0.3
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20305	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3449	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3347	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3449	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-28374	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-26708	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0466	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-27152	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27152	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3450	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3347	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3450	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-0466	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20305	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-26708	Trust: 0.2
url:	https://access.redhat.com/security/team/key/	Trust: 0.2
url:	https://access.redhat.com/articles/11258	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.2
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1041.44	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4887-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1043.45~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke-5.3/5.3.0-1041.44	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oem-5.6/5.6.0-1052.56	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi2-5.3/5.3.0-1038.40	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1039.41~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe/5.3.0-72.68	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1019.22	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1041.43~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1019.20	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1040.43	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27171	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1043.45	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1012.13	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1027.29	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1026.27	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-48.54~20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1041.43	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1036.37	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1012.13~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1026.28	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1032.35~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.4.0-70.78	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.8.0-48.54	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3444	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1022.24	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-70.78~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1041.44~18.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27170	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1024.25	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1032.35	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1040.43~18.04.1	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23358	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-15586	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-28362	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23358	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16845	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-16845	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-28362	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-15586	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1448	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4901-1	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1071	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1289	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20218	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3121	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1369	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3121	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35149	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-35149	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-14040	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14040	Trust: 0.1

CREDITS

Red Hat

Trust: 1.0

sources: PACKETSTORM: 162383 // PACKETSTORM: 162098 // PACKETSTORM: 162255 // PACKETSTORM: 162337 // CNNVD: CNNVD-202103-523

SOURCES

db:	VULHUB	id:	VHN-386598
db:	PACKETSTORM	id:	161952
db:	PACKETSTORM	id:	162383
db:	PACKETSTORM	id:	162115
db:	PACKETSTORM	id:	162098
db:	PACKETSTORM	id:	162255
db:	PACKETSTORM	id:	162337
db:	CNNVD	id:	CNNVD-202103-523
db:	NVD	id:	CVE-2021-27363

LAST UPDATE DATE

2025-04-28T21:29:23.357000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-386598	date:	2022-05-23T00:00:00
db:	CNNVD	id:	CNNVD-202103-523	date:	2022-07-11T00:00:00
db:	NVD	id:	CVE-2021-27363	date:	2024-11-21T05:57:50.513

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-386598	date:	2021-03-07T00:00:00
db:	PACKETSTORM	id:	161952	date:	2021-03-24T14:36:48
db:	PACKETSTORM	id:	162383	date:	2021-04-29T14:37:49
db:	PACKETSTORM	id:	162115	date:	2021-04-07T20:09:28
db:	PACKETSTORM	id:	162098	date:	2021-04-06T14:36:05
db:	PACKETSTORM	id:	162255	date:	2021-04-20T16:32:38
db:	PACKETSTORM	id:	162337	date:	2021-04-26T19:21:56
db:	CNNVD	id:	CNNVD-202103-523	date:	2021-03-05T00:00:00
db:	NVD	id:	CVE-2021-27363	date:	2021-03-07T04:15:13.330