kernel-4.18.0-305.12.1.el8_4

エラータID: AXSA:2021-2359:18

Release date: 
Friday, August 13, 2021 - 11:35
Subject: 
kernel-4.18.0-305.12.1.el8_4
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: race condition in net/can/bcm.c leads to local privilege escalation (CVE-2021-3609)
* kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543)
* kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* Urgent: Missing dptf_power.ko module in MIRACLE LINUX
* [mlx5] kdump over NFS fails: mlx5 driver gives error "Stop room 95 is bigger than the SQ size 64"
* BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 in bluetooth hci_error_reset on intel-tigerlake-h01
* Update CIFS to kernel 5.10
* Backport "tick/nohz: Conditionally restart tick on idle exit" to MIRACLE LINUX
* Significant performance drop starting on kernel-4.18.0-277 visible on mmap benchmark
* Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?)
* RialtoMLK, I915 graphic driver failed to boot with one new 120HZ panel
* act_ct: subject to DNAT tuple collision

Enhancement(s):

* [Lenovo 8.5 FEAT] drivers/nvme - Update to the latest upstream

CVE-2021-22543
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2021-3609
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

CVEs: 
CVE-2021-22543
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2021-3609
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Additional Info: 

N/A

Download: 

SRPMS
  1. kernel-4.18.0-305.12.1.el8_4.src.rpm
    MD5: 85070a48e3f8205560d3c68b335195e3
    SHA-256: efd24e47ec915e2b9fe5274bb63999be7234c112bb8b1e00993f6b70f0ca9e16
    Size: 117.30 MB

Asianux Server 8 for x86_64
  1. bpftool-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: ddcd9e4088ea8efe589b79a38db05c1b
    SHA-256: 9f6cc63151ecd58c6a81413e6ee83d0a826687b5227b1f5242d1ffd65e29372e
    Size: 6.57 MB
  2. kernel-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 6f12865cd14decc676264ecfbee6e4c3
    SHA-256: a26b4baa159c530e5551d4f0ae8f1ea3a33fe1a11aece0675dc38875a381eb27
    Size: 5.89 MB
  3. kernel-abi-stablelists-4.18.0-305.12.1.el8_4.noarch.rpm
    MD5: b5abbe4d529ac2a3e4d8ff7d9d4a10ce
    SHA-256: 607206acd4663ce71a597f699def5a0645856d754d197b2e2780f859542ae00f
    Size: 5.90 MB
  4. kernel-core-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: c4dfc60d975f150408bf477af6c3a683
    SHA-256: 43d31e7ca778da11efa2b3d3bb8bc818071f929ca1141cc539c9f00f048278c2
    Size: 35.84 MB
  5. kernel-cross-headers-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 1bc803d9bf8c4deede4abbc78a5aca54
    SHA-256: 76ed2d8cde9b3a24539a0e39e9ffc38d005bafffb231285e314fce6e2889c9c5
    Size: 10.84 MB
  6. kernel-debug-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: b5c270a3024cd82f714c133826aec5a1
    SHA-256: a0229a9151ed69786eda0dedae94801d14b4e7656eb8df2946cad4b55d793bfe
    Size: 5.89 MB
  7. kernel-debug-core-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 8dd79cffb292a30d1c9770a9996854fa
    SHA-256: a844811f09de1866ce0282edb748aad0d841d0803eccfed0ee00cc708093da32
    Size: 62.85 MB
  8. kernel-debug-devel-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 62c7ae4cd0e1b1575eb8433ca95e2e45
    SHA-256: bfd85fe8967e7b17723e9e889a49f326c5f8963e35b5976b6a3153f11ec50ad7
    Size: 18.59 MB
  9. kernel-debug-modules-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: feb6a271d417b1e576407bfcf10ed5a9
    SHA-256: 7807eba84b4c4f34ae1d3a44eef8fb662c06ae5c7d7165727fef82cd9bb1dcf9
    Size: 53.55 MB
  10. kernel-debug-modules-extra-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 57edddadbe7e1e854f615118ea148d8f
    SHA-256: 705037e842427c7b1e936d34dafd416b96b66d85c95c7228c0d898b12d3ca724
    Size: 7.24 MB
  11. kernel-devel-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: bd5745f98346af6141a99209ec45c9ae
    SHA-256: a098115cec28e1c52744bb7876b688183e38b86e6f229cde299957ace89071fe
    Size: 18.40 MB
  12. kernel-doc-4.18.0-305.12.1.el8_4.noarch.rpm
    MD5: 2cb11f5ad1e555b3a1b287436a971bdd
    SHA-256: 5621af87a9485684a0714eedcd1f71462bc707c0178969df0aa1298d24800fbc
    Size: 22.60 MB
  13. kernel-headers-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: b4c9b02c25676234544b38eb53469af7
    SHA-256: 6263d50fd722703e34bd890d17b999b01dc3226e2b3e4ded5c28340cdc218904
    Size: 7.14 MB
  14. kernel-modules-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 074d929aadf454f3d59a7a6576b779ea
    SHA-256: f0dd6612dbee40e877e2cba624566473aa73f1ae891ede48f33933ac6887e571
    Size: 28.09 MB
  15. kernel-modules-extra-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 63a7fdecc6b4277cf92ff46e81ec3303
    SHA-256: 913965e4a5680064ee543def4acc6afd3bb3a309a9878e57aa40eff34173cc04
    Size: 6.55 MB
  16. kernel-tools-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 586fc31362bdc9d6fd841d225a3c35e3
    SHA-256: c59aaacfbf197d16db64a4e72cef8b674549c4e309f2abbc072c1ffac67e1450
    Size: 6.09 MB
  17. kernel-tools-libs-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 77de613a32f5f1bdd8d6f0ededc19835
    SHA-256: b8f8b77ad648ad48b90c6f9825c3e337287da42600f43f6212961bba21c9ca0b
    Size: 5.89 MB
  18. perf-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 002e76a3f2292230b7a63ef82e5465c9
    SHA-256: a446c82efd7e09b45a819016d35d554ab50825a91c9960fc169585d72f05c413
    Size: 8.11 MB
  19. python3-perf-4.18.0-305.12.1.el8_4.x86_64.rpm
    MD5: 092b941c05eb1d4d2166fa8d4ff3b138
    SHA-256: 80478f6d607ece901739c8093ef365c31c2dc341fa386138afa15ee1f98dc04b
    Size: 6.00 MB