kernel-3.10.0-1160.41.1.el7
エラータID: AXSA:2021-2410:19
The kernel packages contain the Linux kernel, the core of any Linux operating
system.
Security Fix(es):
kernel: out-of-bounds write in xt_compat_target_from_user() in
net/netfilter/x_tables.c (CVE-2021-22555)
kernel: race condition for removal of the HCI controller (CVE-2021-32399)
kernel: powerpc: RTAS calls can be used to compromise kernel integrity
(CVE-2020-27777)
kernel: Local privilege escalation due to incorrect BPF JIT branch
displacement computation (CVE-2021-29154)
kernel: lack a full memory barrier upon the assignment of a new table value
in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to
DoS (CVE-2021-29650)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2021-22555
CVE-2021-32399
CVE-2020-27777
CVE-2021-29154
CVE-2021-29650
Bug Fix(es):
SAN Switch rebooted and caused (?) OpenStack compute node to reboot
sysfs: cannot create duplicate filename '/class/mdio_bus/ixgbe-8100
XFS: read-only recovery does not update free space accounting in superblock
The memcg_params field of kmem_cache struct contains an old slab address
that is to small for the current size of memcg_limited_groups_array_size.
Backport of upstream patch "net: Update window_clamp if SOCK_RCVBUF is set "
into Asianux
Kernel panic in init_cq_frag_buf
futex: futex_requeue can potentially free the pi_state structure twice
be_poll lockup doing ifenslave when netconsole using bond
OCP4.7 nodes panic at BUG_ON in nf_nat_setup_info()
Update packages.
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
N/A
SRPMS
- kernel-3.10.0-1160.41.1.el7.src.rpm
MD5: 818bba97f1faeccfe891a05fe3852e7d
SHA-256: 8aaf7b0f3333f87fd2eb77d5113fa776c1b0177b402cd97f111ecccd643b6162
Size: 99.96 MB
Asianux Server 7 for x86_64
- bpftool-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: 1de018f859a9840be9a518ae16074f41
SHA-256: 389349b70d995ddce4e4378d4f36ce980b2c5426b58f4e81db1e812a159d06aa
Size: 8.48 MB - kernel-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: c89886c068049c6073167f2da984d1fc
SHA-256: dcb597c4fa3e95e6c8e15aaaf67d4d4946ff3d449332d001c6ff97886021a1f5
Size: 50.32 MB - kernel-abi-whitelists-3.10.0-1160.41.1.el7.noarch.rpm
MD5: d1941617a23ac750af3f69d1e2cdbe42
SHA-256: a5aa806d367832857375f089a170dc3a83e35211345536ef9570d8e8b76268b8
Size: 8.05 MB - kernel-debug-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: 930ba1123150f2b97241e8a9474ad434
SHA-256: 38520c6a669bf232cab73406b5ec86a53d8d196b502b04d484facd92bcba2fc2
Size: 52.61 MB - kernel-debug-devel-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: 42ed8e81d85fcb4907439729c6684c1c
SHA-256: eb7bab7264ad227af5e1ebe428d96f678bc1c8a3d56587bc41b3370f2e56cd8a
Size: 18.04 MB - kernel-devel-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: a003872d182d400e729b663cb18ddc67
SHA-256: c1646c2007e1a6e4396128077635eff37b5d9d44f8738d31cc11d3adac6b31e6
Size: 17.97 MB - kernel-doc-3.10.0-1160.41.1.el7.noarch.rpm
MD5: b8b91ca2512db81aff9ecef92c83887e
SHA-256: e84b0459fa0aa143d5998edfe8dc1ac0c7614acbe4961a694882d3e57ae532c9
Size: 19.51 MB - kernel-headers-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: 3da8c5889a37e0e698bf87d91c355641
SHA-256: 0755a64ff51f1a1499b4762d95c1b7107a92dbfb579b11fa4144019ea9ce6b87
Size: 9.04 MB - kernel-tools-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: 8af57ff074cc89c3f6c8df73988b39e0
SHA-256: 1ec760ed9ef98f71f429e5348fe9d7e86e5f5db3d6d2642a81eb8ccfb579169e
Size: 8.15 MB - kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: a2ffe75672c8331ace7364885423ef23
SHA-256: 086b31ea58808bfbf60c27c148856c5d9a3f5e87d9f032d614a3c429e763f24d
Size: 8.04 MB - perf-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: 488ecc4d980e73021e58252a2f5c2469
SHA-256: 03e9d61f76d3966139479c7c116336171694d0999dc9eb226595261bfaeb2844
Size: 9.68 MB - python-perf-3.10.0-1160.41.1.el7.x86_64.rpm
MD5: bb79e5ee4e0957b87f0bb5df36812ef8
SHA-256: 058974054d69f03300e24ff02b22f335abf9652092607f1140590e8e06f6c3f2
Size: 8.14 MB