Details of VAR-202105-1451

ID

VAR-202105-1451

CVE

CVE-2021-22543

TITLE

Linux Kernel Buffer Error Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-007425

DESCRIPTION

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. Linux Kernel Is vulnerable to a buffer error.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Arch Linux is an application system of Arch open source. A lightweight and flexible Linux® distribution that tries to keep it simple. Summary: Red Hat Advanced Cluster Management for Kubernetes 2.3.3 General Availability release images, which fix bugs, provide security fixes, and update container images. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.3/html/release_notes/ Note: Because Red Hat OpenShift Container Platform version 4.9 was just released, the functional testing of the compatibility between Red Hat Advanced Cluster Management 2.3.3 and Red Hat OpenShift Container Platform version 4.9 is still in progress. Security fixes: * nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017) * redis: Lua scripts can overflow the heap-based Lua stack (CVE-2021-32626) * redis: Integer overflow issue with Streams (CVE-2021-32627) * redis: Integer overflow bug in the ziplist data structure (CVE-2021-32628) * redis: Integer overflow issue with intsets (CVE-2021-32687) * redis: Integer overflow issue with strings (CVE-2021-41099) * redis: Out of bounds read in lua debugger protocol parser (CVE-2021-32672) * redis: Denial of service via Redis Standard Protocol (RESP) request (CVE-2021-32675) * helm: information disclosure vulnerability (CVE-2021-32690) Bug fixes: * KUBE-API: Support move agent to different cluster in the same namespace (BZ# 1977358) * Add columns to the Agent CRD list (BZ# 1977398) * ClusterDeployment controller watches all Secrets from all namespaces (BZ# 1986081) * RHACM 2.3.3 images (BZ# 1999365) * Workaround for Network Manager not supporting nmconnections priority (BZ# 2001294) * create cluster page empty in Safary Browser (BZ# 2002280) * Compliance state doesn't get updated after fixing the issue causing initially the policy not being able to update the managed object (BZ# 2002667) * Overview page displays VMware based managed cluster as other (BZ# 2004188) 3. Bugs fixed (https://bugzilla.redhat.com/): 1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name 1977358 - [4.8.0] KUBE-API: Support move agent to different cluster in the same namespace 1977398 - [4.8.0] [master] Add columns to the Agent CRD list 1978144 - CVE-2021-32690 helm: information disclosure vulnerability 1986081 - [4.8.0] ClusterDeployment controller watches all Secrets from all namespaces 1999365 - RHACM 2.3.3 images 2001294 - [4.8.0] Workaround for Network Manager not supporting nmconnections priority 2002280 - create cluster page empty in Safary Browser 2002667 - Compliance state doesn't get updated after fixing the issue causing initially the policy not being able to update the managed object 2004188 - Overview page displays VMware based managed cluster as other 2010991 - CVE-2021-32687 redis: Integer overflow issue with intsets 2011000 - CVE-2021-32675 redis: Denial of service via Redis Standard Protocol (RESP) request 2011001 - CVE-2021-32672 redis: Out of bounds read in lua debugger protocol parser 2011004 - CVE-2021-32628 redis: Integer overflow bug in the ziplist data structure 2011010 - CVE-2021-32627 redis: Integer overflow issue with Streams 2011017 - CVE-2021-32626 redis: Lua scripts can overflow the heap-based Lua stack 2011020 - CVE-2021-41099 redis: Integer overflow issue with strings 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:3801-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3801 Issue date: 2021-10-12 CVE Names: CVE-2021-3653 CVE-2021-3656 CVE-2021-22543 CVE-2021-37576 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fix(es): * Kernel panic due to double fault with DLM reporting for socket error "sk_err=32/0" (BZ#1834878) * "MFW indication via attention" message getting logged frequently after every 5 minutes (BZ#1854544) * lpfc fails to discovery in pt2pt with "2754 PRLI failure DID:0000EF Status:x9/x91e00, data: x0" (BZ#1922479) * pcpu_get_vm_areas using most memory from VmallocUsed (BZ#1970618) * RHEL 7.9.z [qedf driver] Racing condition between qedf_cleanup_fcport and releasing command after timeout (BZ#1982702) * [Azure] RHEL 7.9 reports GPU/IB topology incorrectly on some Azure SKUs (BZ#1984128) * [stable guest ABI]Hot add CPU after migration cause guest hang (BZ#1991856) * i40e driver crash at RIP: i40e_config_vf_promiscuous_mode+0x165 (BZ#1993850) * [nfs] Performance issue since commit 5a4f6f11951e (BZ#1995649) * [kernel] Indefinite waiting for RCU callback while removing cgroup (BZ#2000973) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1160.45.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.45.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm perf-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1160.45.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.45.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm perf-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1160.45.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm ppc64: bpftool-3.10.0-1160.45.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-3.10.0-1160.45.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debug-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.45.1.el7.ppc64.rpm kernel-devel-3.10.0-1160.45.1.el7.ppc64.rpm kernel-headers-3.10.0-1160.45.1.el7.ppc64.rpm kernel-tools-3.10.0-1160.45.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.ppc64.rpm perf-3.10.0-1160.45.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm python-perf-3.10.0-1160.45.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1160.45.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debug-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-devel-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-headers-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-tools-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.ppc64le.rpm perf-3.10.0-1160.45.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm python-perf-3.10.0-1160.45.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm s390x: bpftool-3.10.0-1160.45.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.s390x.rpm kernel-3.10.0-1160.45.1.el7.s390x.rpm kernel-debug-3.10.0-1160.45.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.45.1.el7.s390x.rpm kernel-devel-3.10.0-1160.45.1.el7.s390x.rpm kernel-headers-3.10.0-1160.45.1.el7.s390x.rpm kernel-kdump-3.10.0-1160.45.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.45.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.45.1.el7.s390x.rpm perf-3.10.0-1160.45.1.el7.s390x.rpm perf-debuginfo-3.10.0-1160.45.1.el7.s390x.rpm python-perf-3.10.0-1160.45.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.s390x.rpm x86_64: bpftool-3.10.0-1160.45.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm perf-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.45.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1160.45.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.45.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm perf-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3653 https://access.redhat.com/security/cve/CVE-2021-3656 https://access.redhat.com/security/cve/CVE-2021-22543 https://access.redhat.com/security/cve/CVE-2021-37576 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYWWqidzjgjWX9erEAQj5JA/+JDZu/xue2Mu3vd1Wr2SQNgVoy/tCYPKo z+zlQw1Eld1YcKgBrfF1b83yei3rp5foRyXsxl0wkcCvao3u8b/nTzX3ya3PxE6O yYV9VP4Nx8mmYsU6bw1yPAW7YLG4wS56Ff4kvZ+0EYKa14c6sZZ2qme98wBmfXm7 8/fvt+QlOVFSwcgqs9ME9vE/Ai/InXSnt5RDBNh9mxN8g44YqnsRwsUXrHAvCD7G RMMym2NJMYCHYs6rBBisK7LDD/pvS2xMZXAR57qy4sQhR0VyJpnLYd/FkrZjNdnr XpHLjrBHknunhoSmwf1fF4NYHfB0qQKUTi9drDUZLNKyI2vMrBYDQdSVVI78Kihh OBa0JdAYMeafduUQvHmTQihzYR/nGXykl0Eah4IpLlVXn6uQmjfsygqXZK3kLEv8 K4FOSiT7TKVq1gICE3D0c1UMAiRSAK25NjxLCKHpfKwKDWJV4kuHuVwa9Rx9TDVp P7mCmo6mVjqccRghcksV0L+y1rDdR4L+tBrJc1JfCHzaZtH7SV7jDNlW7FiPgnw4 5kDnWJk6IFgNUedydi2ODr/VPXIY+LCLWFTDY7RuQnNzgzGAn8bSfiVj7ddVKjxm d/EuZhWJxdkfd6V37Qa44wbv+EskoRbHdvZm6C+pjDBIe5ficos5TDkubKsEZxk5 dWp5Jpx6Lbw= =IUMH -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Bug Fix(es): * Rebase package(s) to version: 1.2.23 Highlights, important fixes, or notable enhancements: * imgbase should not copy the selinux binary policy file (BZ# 1979624) (BZ#1989397) * RHV-H has been rebased on Red Hat Enterprise Linux 8.4 Batch #2. (BZ#1975177) 4. 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. ========================================================================== Ubuntu Security Notice USN-5094-1 September 29, 2021 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in the Linux kernel. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) Alexey Kardashevskiy discovered that the KVM implementation for PowerPC systems in the Linux kernel did not properly validate RTAS arguments in some situations. An attacker in a guest vm could use this to cause a denial of service (host OS crash) or possibly execute arbitrary code. (CVE-2021-37576) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-1028-dell300x 4.15.0-1028.33 linux-image-4.15.0-1081-oracle 4.15.0-1081.89 linux-image-4.15.0-1100-kvm 4.15.0-1100.102 linux-image-4.15.0-1109-gcp 4.15.0-1109.123 linux-image-4.15.0-1112-aws 4.15.0-1112.119 linux-image-4.15.0-1113-snapdragon 4.15.0-1113.122 linux-image-4.15.0-1124-azure 4.15.0-1124.137 linux-image-4.15.0-159-generic 4.15.0-159.167 linux-image-4.15.0-159-generic-lpae 4.15.0-159.167 linux-image-4.15.0-159-lowlatency 4.15.0-159.167 linux-image-aws-lts-18.04 4.15.0.1112.115 linux-image-azure-lts-18.04 4.15.0.1124.97 linux-image-dell300x 4.15.0.1028.30 linux-image-gcp-lts-18.04 4.15.0.1109.128 linux-image-generic 4.15.0.159.148 linux-image-generic-lpae 4.15.0.159.148 linux-image-kvm 4.15.0.1100.96 linux-image-lowlatency 4.15.0.159.148 linux-image-oracle-lts-18.04 4.15.0.1081.91 linux-image-snapdragon 4.15.0.1113.116 linux-image-virtual 4.15.0.159.148 Ubuntu 16.04 ESM: linux-image-4.15.0-1081-oracle 4.15.0-1081.89~16.04.1 linux-image-4.15.0-1109-gcp 4.15.0-1109.123~16.04.1 linux-image-4.15.0-1112-aws 4.15.0-1112.119~16.04.1 linux-image-4.15.0-1124-azure 4.15.0-1124.137~16.04.1 linux-image-4.15.0-159-generic 4.15.0-159.167~16.04.1 linux-image-4.15.0-159-lowlatency 4.15.0-159.167~16.04.1 linux-image-aws-hwe 4.15.0.1112.103 linux-image-azure 4.15.0.1124.115 linux-image-gcp 4.15.0.1109.110 linux-image-generic-hwe-16.04 4.15.0.159.152 linux-image-gke 4.15.0.1109.110 linux-image-lowlatency-hwe-16.04 4.15.0.159.152 linux-image-oem 4.15.0.159.152 linux-image-oracle 4.15.0.1081.69 linux-image-virtual-hwe-16.04 4.15.0.159.152 Ubuntu 14.04 ESM: linux-image-4.15.0-1124-azure 4.15.0-1124.137~14.04.1 linux-image-azure 4.15.0.1124.97 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [Regression] RHEL8.2 - ISST-LTE:pVM:diapvmlp83:sum:memory DLPAR fails to add memory on multiple trials[mm/memory_hotplug.c:1163] (mm-) (BZ#1930169) * Every server is displaying the same power levels for all of our i40e 25G interfaces. 10G interfaces seem to be correct. Ethtool version is 5.0 (BZ#1967100) * s390/uv: Fix handling of length extensions (BZ#1975657) * RHEL 8.3 using FCOE via a FastLinQ QL45000 card will not manually scan in LUN from Target_id's over 8 (BZ#1976265) * Backport "tick/nohz: Conditionally restart tick on idle exit" to RHEL 8.5 (BZ#1978711) * rhel8.3: phase 2 netfilter backports from upstream (BZ#1980323) * xfrm: backports from upstream (BZ#1981841) Enhancement(s): * [8.2.z] Incorrect parsing of ACPI HMAT table reports incorrect kernel WARNING taint (BZ#1943702) * Only selected patches from [IBM 8.4 FEAT] ibmvnic: Backport FW950 and assorted bug fixes (BZ#1980795) 4

Trust: 2.52

sources: NVD: CVE-2021-22543 // JVNDB: JVNDB-2021-007425 // VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // PACKETSTORM: 164562 // PACKETSTORM: 164487 // PACKETSTORM: 163926 // PACKETSTORM: 164471 // PACKETSTORM: 163972 // PACKETSTORM: 164331 // PACKETSTORM: 163995 // PACKETSTORM: 164237

AFFECTED PRODUCTS

vendor:	netapp	model:	h300s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h410s	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h410c	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h500e	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	netapp	model:	h700s	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	eq	version:	2021-05-18	Trust: 1.0
vendor:	netapp	model:	h300e	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	33	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h700e	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h500s	scope:	eq	version:	-	Trust: 1.0
vendor:	linux	model:	kernel	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	solidfire baseboard management controller	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	baseboard management controller	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-22543
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-22543
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202105-1684
value:	HIGH
Trust: 0.6
VULHUB:	VHN-380980
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-22543
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-22543
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-380980
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-22543
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-22543
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // CNNVD: CNNVD-202105-1684 // JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.1
problemtype:	Buffer error (CWE-119) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-380980 // JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 164237 // CNNVD: CNNVD-202105-1684

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202105-1684

PATCH

title:	Linux Kernel Archives NetAppNetApp Advisory	url:	https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html	Trust: 0.8
title:	Red Hat: Important: kernel security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225640 - Security Advisory	Trust: 0.1
title:	Red Hat: CVE-2021-22543	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-22543	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1699	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1699	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-22543 log	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2021-1539	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1539	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.4-2022-004	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-004	Trust: 0.1
title:	Amazon Linux 2: ALAS2KERNEL-5.10-2022-002	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.10-2022-002	Trust: 0.1
title:	CVE-2021-22543	url:	https://github.com/JamesGeeee/CVE-2021-22543	Trust: 0.1

sources: VULMON: CVE-2021-22543 // JVNDB: JVNDB-2021-007425

EXTERNAL IDS

db:	NVD	id:	CVE-2021-22543	Trust: 4.2
db:	OPENWALL	id:	OSS-SECURITY/2021/06/26/1	Trust: 1.8
db:	JVNDB	id:	JVNDB-2021-007425	Trust: 0.8
db:	PACKETSTORM	id:	164589	Trust: 0.7
db:	PACKETSTORM	id:	164666	Trust: 0.7
db:	PACKETSTORM	id:	167858	Trust: 0.7
db:	PACKETSTORM	id:	164583	Trust: 0.7
db:	PACKETSTORM	id:	164562	Trust: 0.7
db:	PACKETSTORM	id:	164331	Trust: 0.7
db:	PACKETSTORM	id:	163995	Trust: 0.7
db:	PACKETSTORM	id:	164237	Trust: 0.7
db:	OPENWALL	id:	OSS-SECURITY/2021/05/26/3	Trust: 0.6
db:	OPENWALL	id:	OSS-SECURITY/2021/05/26/4	Trust: 0.6
db:	OPENWALL	id:	OSS-SECURITY/2021/05/26/5	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3485	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3324	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3034	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3626	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2959	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3372	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2764	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3536	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3173	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3554	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4163	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3249	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3389	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3015	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2899	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4156	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2691	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3137	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4282	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3456	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4089	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3499	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2789	Trust: 0.6
db:	PACKETSTORM	id:	163865	Trust: 0.6
db:	PACKETSTORM	id:	164098	Trust: 0.6
db:	PACKETSTORM	id:	164076	Trust: 0.6
db:	PACKETSTORM	id:	164223	Trust: 0.6
db:	PACKETSTORM	id:	164431	Trust: 0.6
db:	PACKETSTORM	id:	164186	Trust: 0.6
db:	PACKETSTORM	id:	164028	Trust: 0.6
db:	PACKETSTORM	id:	164484	Trust: 0.6
db:	PACKETSTORM	id:	163767	Trust: 0.6
db:	PACKETSTORM	id:	164477	Trust: 0.6
db:	CS-HELP	id:	SB2021082206	Trust: 0.6
db:	CS-HELP	id:	SB2021083123	Trust: 0.6
db:	CS-HELP	id:	SB2021111726	Trust: 0.6
db:	CS-HELP	id:	SB2022072069	Trust: 0.6
db:	CS-HELP	id:	SB2021102111	Trust: 0.6
db:	CS-HELP	id:	SB2021090126	Trust: 0.6
db:	CS-HELP	id:	SB2021101336	Trust: 0.6
db:	CS-HELP	id:	SB2022020931	Trust: 0.6
db:	CS-HELP	id:	SB2021100618	Trust: 0.6
db:	CNNVD	id:	CNNVD-202105-1684	Trust: 0.6
db:	PACKETSTORM	id:	164652	Trust: 0.1
db:	VULHUB	id:	VHN-380980	Trust: 0.1
db:	VULMON	id:	CVE-2021-22543	Trust: 0.1
db:	PACKETSTORM	id:	164487	Trust: 0.1
db:	PACKETSTORM	id:	163926	Trust: 0.1
db:	PACKETSTORM	id:	164471	Trust: 0.1
db:	PACKETSTORM	id:	163972	Trust: 0.1

sources: VULHUB: VHN-380980 // VULMON: CVE-2021-22543 // PACKETSTORM: 164562 // PACKETSTORM: 164487 // PACKETSTORM: 163926 // PACKETSTORM: 164471 // PACKETSTORM: 163972 // PACKETSTORM: 164331 // PACKETSTORM: 163995 // PACKETSTORM: 164237 // CNNVD: CNNVD-202105-1684 // JVNDB: JVNDB-2021-007425 // NVD: CVE-2021-22543

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2021-22543	Trust: 2.2
url:	https://security.netapp.com/advisory/ntap-20210708-0002/	Trust: 1.8
url:	https://github.com/google/security-research/security/advisories/ghsa-7wq5-phmq-m584	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html	Trust: 1.8
url:	http://www.openwall.com/lists/oss-security/2021/06/26/1	Trust: 1.8
url:	https://access.redhat.com/security/cve/cve-2021-22543	Trust: 1.3
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4g5ybuvephzyxmkngbz3s6infcteel4e/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/roqixqb7zawi3ksgshr6h5rduwzi775s/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/roqixqb7zawi3ksgshr6h5rduwzi775s/	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4g5ybuvephzyxmkngbz3s6infcteel4e/	Trust: 0.8
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	http://www.openwall.com/lists/oss-security/2021/05/26/5	Trust: 0.6
url:	http://www.openwall.com/lists/oss-security/2021/05/26/3	Trust: 0.6
url:	http://www.openwall.com/lists/oss-security/2021/05/26/4	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2899	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3034	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021090126	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4089	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3554	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4282	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4163	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021083123	Trust: 0.6
url:	https://packetstormsecurity.com/files/164431/ubuntu-security-notice-usn-5106-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2789	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021111726	Trust: 0.6
url:	https://packetstormsecurity.com/files/164484/red-hat-security-advisory-2021-3802-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3485	Trust: 0.6
url:	https://packetstormsecurity.com/files/164098/ubuntu-security-notice-usn-5070-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/164186/ubuntu-security-notice-usn-5071-2.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3324	Trust: 0.6
url:	https://packetstormsecurity.com/files/164589/ubuntu-security-notice-usn-5120-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/164562/red-hat-security-advisory-2021-3925-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/167858/red-hat-security-advisory-2022-5640-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/164331/ubuntu-security-notice-usn-5094-1.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021082206	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022020931	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3249	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2959	Trust: 0.6
url:	https://packetstormsecurity.com/files/164666/red-hat-security-advisory-2021-4000-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/164028/red-hat-security-advisory-2021-3262-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2764	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3137	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3456	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3015	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3499	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3372	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3173	Trust: 0.6
url:	https://packetstormsecurity.com/files/163995/red-hat-security-advisory-2021-3363-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021101336	Trust: 0.6
url:	https://packetstormsecurity.com/files/164223/red-hat-security-advisory-2021-3598-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072069	Trust: 0.6
url:	https://packetstormsecurity.com/files/163767/red-hat-security-advisory-2021-3044-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3626	Trust: 0.6
url:	https://packetstormsecurity.com/files/164583/red-hat-security-advisory-2021-3949-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3536	Trust: 0.6
url:	https://vigilance.fr/vulnerability/linux-kernel-memory-corruption-via-dev-kvm-35543	Trust: 0.6
url:	https://packetstormsecurity.com/files/164076/red-hat-security-advisory-2021-3454-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/164477/red-hat-security-advisory-2021-3814-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2691	Trust: 0.6
url:	https://packetstormsecurity.com/files/164237/ubuntu-security-notice-usn-5071-3.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3389	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4156	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021100618	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021102111	Trust: 0.6
url:	https://packetstormsecurity.com/files/163865/red-hat-security-advisory-2021-3173-01.html	Trust: 0.6
url:	https://access.redhat.com/security/team/key/	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37576	Trust: 0.4
url:	https://access.redhat.com/articles/11258	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-37576	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-3609	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22555	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-22555	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3609	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-3656	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3653	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3656	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3653	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32399	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-32399	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:5640	Trust: 0.1
url:	https://github.com/jamesgeeee/cve-2021-22543	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-21670	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25648	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22922	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36222	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32626	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32687	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-37750	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21670	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32626	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-41099	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-25741	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23840	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22923	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23017	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32675	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22924	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37750	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22922	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25648	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21671	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4658	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22924	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32675	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-4658	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3925	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-41099	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32627	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32687	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32690	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32628	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-21671	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32672	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32690	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-36222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23841	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23017	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-25741	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32627	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32672	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22923	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23841	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23840	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32628	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3801	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3235	Trust: 0.1
url:	https://access.redhat.com/articles/2974891	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3621	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3621	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3768	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3380	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1100.102	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-38204	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1028.33	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1109.123	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1081.89	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-38205	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3732	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1113.122	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1124.137	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5094-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1112.119	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3679	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/4.15.0-159.167	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3363	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5071-1	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5071-3	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3612	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1043.47~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1043.47	Trust: 0.1

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 164562 // PACKETSTORM: 164487 // PACKETSTORM: 163926 // PACKETSTORM: 164471 // PACKETSTORM: 163972 // PACKETSTORM: 163995

SOURCES

db:	VULHUB	id:	VHN-380980
db:	VULMON	id:	CVE-2021-22543
db:	PACKETSTORM	id:	164562
db:	PACKETSTORM	id:	164487
db:	PACKETSTORM	id:	163926
db:	PACKETSTORM	id:	164471
db:	PACKETSTORM	id:	163972
db:	PACKETSTORM	id:	164331
db:	PACKETSTORM	id:	163995
db:	PACKETSTORM	id:	164237
db:	CNNVD	id:	CNNVD-202105-1684
db:	JVNDB	id:	JVNDB-2021-007425
db:	NVD	id:	CVE-2021-22543

LAST UPDATE DATE

2025-09-26T19:47:32.329000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-380980	date:	2022-04-01T00:00:00
db:	VULMON	id:	CVE-2021-22543	date:	2022-04-01T00:00:00
db:	CNNVD	id:	CNNVD-202105-1684	date:	2022-07-28T00:00:00
db:	JVNDB	id:	JVNDB-2021-007425	date:	2022-02-10T08:59:00
db:	NVD	id:	CVE-2021-22543	date:	2024-05-29T20:15:09.870

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-380980	date:	2021-05-26T00:00:00
db:	VULMON	id:	CVE-2021-22543	date:	2021-05-26T00:00:00
db:	PACKETSTORM	id:	164562	date:	2021-10-20T15:45:47
db:	PACKETSTORM	id:	164487	date:	2021-10-13T14:46:02
db:	PACKETSTORM	id:	163926	date:	2021-08-28T13:22:22
db:	PACKETSTORM	id:	164471	date:	2021-10-12T15:33:36
db:	PACKETSTORM	id:	163972	date:	2021-08-31T15:58:41
db:	PACKETSTORM	id:	164331	date:	2021-09-29T14:51:35
db:	PACKETSTORM	id:	163995	date:	2021-08-31T16:27:27
db:	PACKETSTORM	id:	164237	date:	2021-09-22T16:24:38
db:	CNNVD	id:	CNNVD-202105-1684	date:	2021-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2021-007425	date:	2022-02-10T00:00:00
db:	NVD	id:	CVE-2021-22543	date:	2021-05-26T11:15:08.623