AXSA:2021-2410:19

Release date: 
Monday, September 6, 2021 - 06:57
Subject: 
kernel-3.10.0-1160.41.1.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

kernel: out-of-bounds write in xt_compat_target_from_user() in
net/netfilter/x_tables.c (CVE-2021-22555)
kernel: race condition for removal of the HCI controller (CVE-2021-32399)
kernel: powerpc: RTAS calls can be used to compromise kernel integrity
(CVE-2020-27777)
kernel: Local privilege escalation due to incorrect BPF JIT branch
displacement computation (CVE-2021-29154)
kernel: lack a full memory barrier upon the assignment of a new table value
in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to
DoS (CVE-2021-29650)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE(s):
CVE-2021-22555
CVE-2021-32399
CVE-2020-27777
CVE-2021-29154
CVE-2021-29650

Bug Fix(es):

SAN Switch rebooted and caused (?) OpenStack compute node to reboot
sysfs: cannot create duplicate filename '/class/mdio_bus/ixgbe-8100
XFS: read-only recovery does not update free space accounting in superblock
The memcg_params field of kmem_cache struct contains an old slab address
that is to small for the current size of memcg_limited_groups_array_size.
Backport of upstream patch "net: Update window_clamp if SOCK_RCVBUF is set "
into Asianux
Kernel panic in init_cq_frag_buf
futex: futex_requeue can potentially free the pi_state structure twice
be_poll lockup doing ifenslave when netconsole using bond
OCP4.7 nodes panic at BUG_ON in nf_nat_setup_info()

Solution: 

Update packages.

CVEs: 
CVE-2020-27777
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space
CVE-2021-29154
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2021-29650
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.
CVE-2021-32399
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
Additional Info: 

N/A

Download: 

SRPMS
  1. kernel-3.10.0-1160.41.1.el7.src.rpm
    MD5: 818bba97f1faeccfe891a05fe3852e7d
    SHA-256: 8aaf7b0f3333f87fd2eb77d5113fa776c1b0177b402cd97f111ecccd643b6162
    Size: 99.96 MB

Asianux Server 7 for x86_64
  1. bpftool-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: 1de018f859a9840be9a518ae16074f41
    SHA-256: 389349b70d995ddce4e4378d4f36ce980b2c5426b58f4e81db1e812a159d06aa
    Size: 8.48 MB
  2. kernel-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: c89886c068049c6073167f2da984d1fc
    SHA-256: dcb597c4fa3e95e6c8e15aaaf67d4d4946ff3d449332d001c6ff97886021a1f5
    Size: 50.32 MB
  3. kernel-abi-whitelists-3.10.0-1160.41.1.el7.noarch.rpm
    MD5: d1941617a23ac750af3f69d1e2cdbe42
    SHA-256: a5aa806d367832857375f089a170dc3a83e35211345536ef9570d8e8b76268b8
    Size: 8.05 MB
  4. kernel-debug-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: 930ba1123150f2b97241e8a9474ad434
    SHA-256: 38520c6a669bf232cab73406b5ec86a53d8d196b502b04d484facd92bcba2fc2
    Size: 52.61 MB
  5. kernel-debug-devel-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: 42ed8e81d85fcb4907439729c6684c1c
    SHA-256: eb7bab7264ad227af5e1ebe428d96f678bc1c8a3d56587bc41b3370f2e56cd8a
    Size: 18.04 MB
  6. kernel-devel-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: a003872d182d400e729b663cb18ddc67
    SHA-256: c1646c2007e1a6e4396128077635eff37b5d9d44f8738d31cc11d3adac6b31e6
    Size: 17.97 MB
  7. kernel-doc-3.10.0-1160.41.1.el7.noarch.rpm
    MD5: b8b91ca2512db81aff9ecef92c83887e
    SHA-256: e84b0459fa0aa143d5998edfe8dc1ac0c7614acbe4961a694882d3e57ae532c9
    Size: 19.51 MB
  8. kernel-headers-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: 3da8c5889a37e0e698bf87d91c355641
    SHA-256: 0755a64ff51f1a1499b4762d95c1b7107a92dbfb579b11fa4144019ea9ce6b87
    Size: 9.04 MB
  9. kernel-tools-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: 8af57ff074cc89c3f6c8df73988b39e0
    SHA-256: 1ec760ed9ef98f71f429e5348fe9d7e86e5f5db3d6d2642a81eb8ccfb579169e
    Size: 8.15 MB
  10. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: a2ffe75672c8331ace7364885423ef23
    SHA-256: 086b31ea58808bfbf60c27c148856c5d9a3f5e87d9f032d614a3c429e763f24d
    Size: 8.04 MB
  11. perf-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: 488ecc4d980e73021e58252a2f5c2469
    SHA-256: 03e9d61f76d3966139479c7c116336171694d0999dc9eb226595261bfaeb2844
    Size: 9.68 MB
  12. python-perf-3.10.0-1160.41.1.el7.x86_64.rpm
    MD5: bb79e5ee4e0957b87f0bb5df36812ef8
    SHA-256: 058974054d69f03300e24ff02b22f335abf9652092607f1140590e8e06f6c3f2
    Size: 8.14 MB
Copyright© 2007-2015 Asianux. All rights reserved.