Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:0338 - Security Advisory
Issued:
2021-02-02
Updated:
2021-02-02

RHSA-2021:0338 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: use-after-free in fs/block_dev.c (CVE-2020-15436)
  • kernel: Nfsd failure to clear umask after processing an open or create (CVE-2020-35513)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update to the latest RHEL7.9.z3 source tree (BZ#1906133)
  • [kernel-rt] WARNING: CPU: 8 PID: 586 at kernel/sched/core.c:3644 migrate_enable+0x15f/0x210 (BZ#1916123)
  • [kernel-rt-debug] [ BUG: bad unlock balance detected! ] [RHEL-7.9.z] (BZ#1916130)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1901168 - CVE-2020-15436 kernel: use-after-free in fs/block_dev.c
  • BZ - 1906133 - kernel-rt: update to the latest RHEL7.9.z3 source tree
  • BZ - 1911309 - CVE-2020-35513 kernel: Nfsd failure to clear umask after processing an open or create

CVEs

  • CVE-2020-15436
  • CVE-2020-35513

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.src.rpm SHA-256: 6c7afaefcda866371f79229bc7e1d6cbb6409f7a4a45ed5150fee4cdf113e6c1
x86_64
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 45ce871cc7be325690bdf672abe5a07f00ed11353e0189330672b189b3157b12
kernel-rt-debug-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: b3a44f8e77cc3c06df97dfffef3761b00cf2ef28869ff94cbde9a0d248548ded
kernel-rt-debug-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: aee15931d6be50150083cb5ad1ef79f47f094a80a6d769dacbe21c21b1a0811b
kernel-rt-debug-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: c5916569e14001ac924b827ff945294cb4d168413b03ef2f1aab5958d9851379
kernel-rt-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: f65eed0b33742cc968b5473512dcb239e972388709afb96ce3e66c07fbdd6f63
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 95f7a8d80711c3e5ebd48b7cd0ef4eb97de5408eda95803e5d3cf7bdb04f970b
kernel-rt-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 6d512e76f0b8d9fd1a5f209cb367c130c20e47e5ad438b4c4e77efd1e1c9981f
kernel-rt-doc-3.10.0-1160.15.2.rt56.1152.el7.noarch.rpm SHA-256: 7e29d03a8ec9afc22ffbf31b72658dc0e4a4063cbca3b69b649a743b7a93f950
kernel-rt-trace-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: c1c4755a3fccda9ba76a4db8b001c7acd5f9c04a69aa2fe62b6bf347ad9aefcb
kernel-rt-trace-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 03fb5bb9552fcacadc316b261b42328ef8a0a513fd46c0433efcbb40282ed709
kernel-rt-trace-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: bd58c249f4074be5b27a558d6bf45d1a5dcb0201c4d47cb577dcaada54318ca5

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.src.rpm SHA-256: 6c7afaefcda866371f79229bc7e1d6cbb6409f7a4a45ed5150fee4cdf113e6c1
x86_64
kernel-rt-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 45ce871cc7be325690bdf672abe5a07f00ed11353e0189330672b189b3157b12
kernel-rt-debug-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: b3a44f8e77cc3c06df97dfffef3761b00cf2ef28869ff94cbde9a0d248548ded
kernel-rt-debug-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: aee15931d6be50150083cb5ad1ef79f47f094a80a6d769dacbe21c21b1a0811b
kernel-rt-debug-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: c5916569e14001ac924b827ff945294cb4d168413b03ef2f1aab5958d9851379
kernel-rt-debug-kvm-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: a70b9eda46937da895562300c1b1f202220690f3a2e015f680f0793c7eb102c0
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 8720ee28657d5e58a512f9b005fe273a95c2437e9f25497393bb90794b9de80d
kernel-rt-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: f65eed0b33742cc968b5473512dcb239e972388709afb96ce3e66c07fbdd6f63
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 95f7a8d80711c3e5ebd48b7cd0ef4eb97de5408eda95803e5d3cf7bdb04f970b
kernel-rt-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 6d512e76f0b8d9fd1a5f209cb367c130c20e47e5ad438b4c4e77efd1e1c9981f
kernel-rt-doc-3.10.0-1160.15.2.rt56.1152.el7.noarch.rpm SHA-256: 7e29d03a8ec9afc22ffbf31b72658dc0e4a4063cbca3b69b649a743b7a93f950
kernel-rt-kvm-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 2d86a56f8bb4a3f59173ec002109bf16745e63cb5980657d84897a8585fd322e
kernel-rt-kvm-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: d34919442ee42673d2b7bf55e78311fd6c0f8e3fcfa596102cae2c48a5cccbfc
kernel-rt-trace-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: c1c4755a3fccda9ba76a4db8b001c7acd5f9c04a69aa2fe62b6bf347ad9aefcb
kernel-rt-trace-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 03fb5bb9552fcacadc316b261b42328ef8a0a513fd46c0433efcbb40282ed709
kernel-rt-trace-devel-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: bd58c249f4074be5b27a558d6bf45d1a5dcb0201c4d47cb577dcaada54318ca5
kernel-rt-trace-kvm-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 312f211caeb217811d58594c721573f7e316df537a816d1b595c618455a51a4a
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.15.2.rt56.1152.el7.x86_64.rpm SHA-256: 5a6aa3ea86a7c05463e9fe6278b182abc882645a3eea810e3e79c1530b969031

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter