kernel-4.18.0-240.15.1.el8
エラータID: AXSA:2021-1528:05
The kernel packages contain the Linux kernel, the core of any Linux operating
system.
Security Fix(es):
* kernel: net: bluetooth: heap buffer overflow when processing extended
advertising report events (CVE-2020-24490)
* kernel: Asianux only CVE-2020-12351 regression (CVE-2020-25661)
* kernel: Asianux only CVE-2020-12352 regression (CVE-2020-25662)
* kernel: information exposure in drivers/char/random.c and
kernel/time/timer.c (CVE-2020-16166)
* kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in
net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)
* kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an
use-after-free (CVE-2020-29661)
* kernel: performance counters race condition use-after-free (CVE-2020-14351)
* kernel: ICMP rate limiting can be used for DNS poisoning attack
(CVE-2020-25705)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Bug Fix(es):
* Backport upstream OVS performance patch fix
* Sleeping or scheduling after sched_cpu_dying() led to "scheduling while
atomic" and BUG at kernel/cpu.c:907!
* [conntrack] udp packet reverse NAT occasionally fail when race condition
request combination with the DNAT load balancing rules
* Unexpected fragmentation needed error, OpenShift 4, OVS, VXLAN, GSO, Azure
* Unable to attach VLAN-based logical networks to a bond
* NFS server with krb5p fails in FIPS mode: context_derive_keys_new: Error 22
deriving initiator_seal key
* XFS: reflinked file data corruption
* [HPE 8.3 Bug] Kdump bootup failure caused by an amd iommu commit for
BetaOS on DL325Gen10
* dm: fix bio splitting and its bio completion order for regular IO
* geneve: add transport ports in route lookup for geneve
* HRTICK not armed in specific cases with SCHED_DEADLINE
* PM/swap Speed up hibernation by batching requests
* ibmveth is producing TX errors over VXLAN when large send (TSO) is
enabled (-> related to Asianux bug 1816254 - OCP 4.3 - Authentication
clusteroperator is in unknown state on POWER 9 servers")
* mm/gup: fix gup_fast with dynamic page table folding)
* [Azure]TX/RX packets stop increasing after hibernation/resume in VM
with CX4 VF NIC
* [Azure]VM hangs after hibernation/resume if the VM has SRIOV NIC and
has been deallocated
* [Azure] hv_irq_unmask() failed: 0x5 after resume from hibernation in NV6
size
* block layer: update to upstream v5.8
* [Regression] zstream - Undetected Data corruption in MPI workloads
that use VSX for reductions on POWER9 DD2.1 systems
* Incorrect system time reported through the CPU Accounting statistics
* debug kernel reports BUG: sleeping function called from invalid context at
mm/slab.h:496 in aws t4g instances
* ARO: excessive pod memory allocation causes node lockup
* Final fixes + drop alpha_support flag requirement for Tigerlake
* OVS complains Invalid Argument on TCP packets going into conntrack
* BUG: using smp_processor_id() in preemptible [00000000] code:
handler106/3082
* Icelake performance - add intel_idle: Customize IceLake server support to
* [mlx5] IPV6 TOS rewrite flows are not getting offloaded in HW
*SAS - multipathd fails to re-establish paths during controller
random reset
* hangs on dbginfo.sh execution, crash dump generated
(mm-)
* Win10 guest automatic reboot after migration in Win10 and WSL2 on AMD hosts
* block, dm: fix IO splitting for stacked devices
* Failed to hotplug scsi-hd disks
* PCI quirk needed to prevent GPU hang
* various patches to stabilize the OPAL error log processing and the
powernv dump processing (ESS)
* pmtu not working with tunnels as bridge ports and br_netfilter loaded
* [ThinkPad X13/T14/T14s AMD]: Kdump failed
* NFSv4 client improperly handles interrupted slots
* NFSv4.1 client ignores ERR_DELAY during LOCK recovery, could lead to data
corruption
* [Regression] [kernel 148.el8] cpu (sys) time regression in SAP
HANA 2.0 benchmark benchInsertSubSelectPerformance
* kernel-rt: kernel BUG at kernel/sched/deadline.c:1462!
* SEV VM hang at efi_mokvar_sysfs_init+0xa9/0x19d during boot
* C6gn support requires "Ensure dirty bit is preserved across pte_wrprotect"
patch
* [Lenovo 8.3 & 8.4 Bug] [Regression] No response from keyboard and mouse when
boot from tboot kernel
* Kernel crash with krb5p
* Need additional backports for FIPS 800-90A DRBG entropy seeding
source
* [Hyper-V] Request to included a commit that adds a timeout to
vmbus_wait_for_unload
* Host becomes unresponsive during stress-ng --cyclic test rcu: INFO:
rcu_preempt detected stalls on CPUs/tasks:
* Backport upstream RCU patches up to v5.6
* Missing mm backport to fix regression introduced by another mm backport
* [Hyper-V]video: hyperv_fb: Fix the cache type when mapping the VRAM
Edit
* ionic 0000:39:00.0 ens2: IONIC_CMD_Q_INIT (40) failed: IONIC_RC_ERROR (-5)
* [certification] mlx5_core depends on tls triggering TAINT_TECH_PREVIEW even
if no ConnectX-6 card is present
* kvm [AMD] - system crash observed while powering on virtual machine
with attached VF interfaces.
Enhancement(s):
* [Mellanox 8.4 FEAT] mlx5: Add messages when VF-LAG fails to start
CVE(s):
CVE-2020-24490
** RESERVED ** This candidate has been reserved by an organization or individual
that will use it when announcing a new security problem. When the candidate has
been publicized, the details for this candidate will be provided.
CVE-2020-25661
** RESERVED ** This candidate has been reserved by an organization or individual
that will use it when announcing a new security problem. When the candidate has
been publicized, the details for this candidate will be provided.
CVE-2020-25662
** RESERVED ** This candidate has been reserved by an organization or individual
that will use it when announcing a new security problem. When the candidate has
been publicized, the details for this candidate will be provided.
CVE-2020-16166
The Linux kernel through 5.7.11 allows remote attackers to make observations
that help to obtain sensitive information about the internal state of the
network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and
kernel/time/timer.c.
CVE-2020-25211
In the Linux kernel through 5.8.7, local attackers able to inject conntrack
netlink configuration could overflow a local buffer, causing crashes or
triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in
net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
CVE-2020-14351
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in
the perf subsystem allowing a local attacker with permission to monitor perf
events to corrupt memory and possibly escalate privileges. The highest threat
from this vulnerability is to data confidentiality and integrity as well as
system availability.
CVE-2020-25705
A flaw in the way reply ICMP packets are limited in the Linux kernel
functionality was found that allows to quickly scan open UDP ports. This flaw
allows an off-path remote user to effectively bypassing source port UDP
randomization. The highest threat from this vulnerability is to confidentiality
and possibly integrity, because software that relies on UDP source port
randomization are indirectly affected as well. Kernel versions before 5.10 may
be vulnerable to this issue.
CVE-2020-29661
A locking issue was discovered in the tty subsystem of the Linux kernel through
5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against
TIOCSPGRP, aka CID-54ffccbf053b.
Update packages.
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
N/A
SRPMS
- kernel-4.18.0-240.15.1.el8.src.rpm
MD5: 0d2b82dae3379b3caa3632cde1d15f7b
SHA-256: 573414cb32632a123d7f40235f52cadf1f85224164c136311c3eaa7ae743e192
Size: 113.05 MB
Asianux Server 8 for x86_64
- bpftool-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 93b0933fa156c762df2fd47fd90435c4
SHA-256: 274ece99e7d09e0ee76641bb1e4d9207d66e2633747049e1d92d33559a18ad3c
Size: 5.00 MB - kernel-4.18.0-240.15.1.el8.x86_64.rpm
MD5: b4a85d4f6dab6b42b34ee179f0b41dae
SHA-256: dddfb3ef9058a911a5e81d7fad21ecea9426e15b2d0b1ef3ef446a125153c6d2
Size: 4.34 MB - kernel-abi-whitelists-4.18.0-240.15.1.el8.noarch.rpm
MD5: aef11e8f2e0e692149d75ec6f0b62cc2
SHA-256: 6eff76dd8daa80908868d10c58e808ea10dc4b77ba95038058fbe5539cb1dd57
Size: 4.35 MB - kernel-core-4.18.0-240.15.1.el8.x86_64.rpm
MD5: b6de454d2d7defcde266e2cea8c25783
SHA-256: ed7600adb68a1dcb7ae52a0a558eee93bd7c1dcf5346e902668e28194739150b
Size: 30.05 MB - kernel-cross-headers-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 99ca5bfcb3ae6174c1d44737766bd11d
SHA-256: 991ca18187160dd4dcb962339220b6c0cc058072696d453ef2302853d37a7dd3
Size: 9.16 MB - kernel-debug-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 6326a7aa43f60e21c08c09cb3d0329ad
SHA-256: 34759b1604fe79a36b607dc330f55dfb8aed565b65d553b83a3af24c70b0a6fa
Size: 4.34 MB - kernel-debug-core-4.18.0-240.15.1.el8.x86_64.rpm
MD5: b463f53f3198d312d39e33d41b6c25f2
SHA-256: 86a674e2d77a12e01a8bb966b99f69d96f1216a414888c033d8538966db93f95
Size: 56.69 MB - kernel-debug-devel-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 3a69f630b087965c3e3a6f9207da9c55
SHA-256: 6eaa51d48a1616864758ac3b9b75b57bf1029c275b8860d43949cab4d1b5f262
Size: 16.80 MB - kernel-debug-modules-4.18.0-240.15.1.el8.x86_64.rpm
MD5: aaf76050b59de1f29516aade07abd2ef
SHA-256: e49a48a7b16fe411a8bec651bf05bf9c2035dbad8a22593b62df03c8ac17813f
Size: 49.83 MB - kernel-debug-modules-extra-4.18.0-240.15.1.el8.x86_64.rpm
MD5: a151090f1646f709e468536d86991bec
SHA-256: 854a16dd1bc8833916bae4f533db67d9b93227faf6711c5c453ef7312a0e8bba
Size: 5.65 MB - kernel-devel-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 6efcc8e2b52ac2702cbe540bfdcf429f
SHA-256: 7f2b30bc6b806493c3915030d031c95e83a659f4bdbf0b6df5bf197e32865309
Size: 16.64 MB - kernel-doc-4.18.0-240.15.1.el8.noarch.rpm
MD5: 51469989dbf8bafddc80bef8ec81593d
SHA-256: 195898c67d58b61ea23557760e0fd213100249cfe762c5fe703cbb8820c9dc2a
Size: 20.51 MB - kernel-headers-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 75d540a879838e089270e66f33dc6017
SHA-256: 8856cf26dc09da5dcdb43272cca7e7b20e5a9b2ebdc93f942ba50196a67775e7
Size: 5.56 MB - kernel-modules-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 7449f3bb5a059f41bf191e0653888b23
SHA-256: 54bf3c4d6c6d7bb5397094df723416237059173a15bc967c627cfd7c6f2c2299
Size: 25.55 MB - kernel-modules-extra-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 85d84d5f69f9e0afe1cc7c288845aa47
SHA-256: 15910d68764b814909b83568a40db4a7b02dd228364d3c9e38f1054e7a79e4b0
Size: 4.99 MB - kernel-tools-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 15ffc06f124904a0e690e570c44e1cae
SHA-256: 2c8e8840a98ec4000036c55a1193788a2bdaaa349be7b4b13b5c72b952f68090
Size: 4.54 MB - kernel-tools-libs-4.18.0-240.15.1.el8.x86_64.rpm
MD5: e8b510b09cf68ee40f352194111fd73f
SHA-256: 3227ff4b18faa9350ddb5b1ef4ced30cc585539d40b6fb77ca3821292ae3f3f9
Size: 4.35 MB - perf-4.18.0-240.15.1.el8.x86_64.rpm
MD5: fca57f039d43463c30afe147dbf27ca8
SHA-256: e7f63a482564bfd2b4a4fe29cfa151476e486346e94d5d353a52642cc39f0b97
Size: 6.41 MB - python3-perf-4.18.0-240.15.1.el8.x86_64.rpm
MD5: 11c6559b70395b8a1ddeff7ebe472e3a
SHA-256: 36047f99b8536fbf89b23eb09f3c7d2e50b35773e3f277bc0bf1c9b5a6a1cedc
Size: 4.46 MB