Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:1069 - Security Advisory
Issued:
2021-04-06
Updated:
2021-04-06

RHSA-2021:1069 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)
  • kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem
  • BZ - 1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module

CVEs

  • CVE-2021-27364
  • CVE-2021-27365

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
kpatch-patch-3_10_0-1160-1-5.el7.src.rpm SHA-256: 7cd811b420e36438857c7e36cad8da9d2987a08a3539942ce5716414d788db9a
kpatch-patch-3_10_0-1160_11_1-1-4.el7.src.rpm SHA-256: 4d623516e700fcf2eacc2b38f5a70f732bfc1448c83803c957278858db2bb6bc
kpatch-patch-3_10_0-1160_15_2-1-4.el7.src.rpm SHA-256: 354162bd82534bc24d799d436dc7bdc99124c689029c7e808b3bfe1039a006e8
kpatch-patch-3_10_0-1160_21_1-1-2.el7.src.rpm SHA-256: a7c7453f7518292650b0920924473fd5f08cfa53252d3f223b75bb22b4afa7c8
kpatch-patch-3_10_0-1160_2_1-1-5.el7.src.rpm SHA-256: 8375029389385ea4a53790d35eb9434d5535e1f1c2c71fe08e5e87180656eb76
kpatch-patch-3_10_0-1160_2_2-1-5.el7.src.rpm SHA-256: 9433b8232651a313f4b0f033fa2bf3c3e376d2e527b2642465e0570513ed5270
kpatch-patch-3_10_0-1160_6_1-1-5.el7.src.rpm SHA-256: b34b213adc31d5528aabeeb4eadecbd5841cec7627b2e79ac693eae7a725407f
x86_64
kpatch-patch-3_10_0-1160-1-5.el7.x86_64.rpm SHA-256: dab0d94935870398e998cb14bd752833e54aa1d0da9ad1832b82d7f8429f6a3c
kpatch-patch-3_10_0-1160-debuginfo-1-5.el7.x86_64.rpm SHA-256: 100532697bd8007fea4e15d21493eb5e3e41d1877a71261d8a8352b00c226c5a
kpatch-patch-3_10_0-1160_11_1-1-4.el7.x86_64.rpm SHA-256: 250464a08cf16eb0a732a0311ca89542d931e53314a20a6cabe1c8ae32b16d53
kpatch-patch-3_10_0-1160_11_1-debuginfo-1-4.el7.x86_64.rpm SHA-256: b501180f947a6ca94b13af20fac557b1e29d0b2ebb1f3dbf2d36d23c136f5988
kpatch-patch-3_10_0-1160_15_2-1-4.el7.x86_64.rpm SHA-256: d93c7f98a1cad365235e9cf0756652009e5f26d5bd1e89521a4ec3c22b26f9ee
kpatch-patch-3_10_0-1160_15_2-debuginfo-1-4.el7.x86_64.rpm SHA-256: d4a3e22e80da36f547dbe086301727a2edd8887fea5cf956ecf5e3f47d8d7d7a
kpatch-patch-3_10_0-1160_21_1-1-2.el7.x86_64.rpm SHA-256: 1c5997730a07a3f262c1a3ea25523aea4eeef04320b1097fb6908a67822ae7e2
kpatch-patch-3_10_0-1160_21_1-debuginfo-1-2.el7.x86_64.rpm SHA-256: 3e36f40ecc6a47df70d0877acecc9acbccda7af73f18dd4c2da1dc3033dc718c
kpatch-patch-3_10_0-1160_2_1-1-5.el7.x86_64.rpm SHA-256: fc149efe26b9c152c622ad3268b7a20382d7d0a38457638519a18747321688c8
kpatch-patch-3_10_0-1160_2_1-debuginfo-1-5.el7.x86_64.rpm SHA-256: c1099b38aca385e5f01df6d01ff1ccf397be183eea644db140474413187c6d17
kpatch-patch-3_10_0-1160_2_2-1-5.el7.x86_64.rpm SHA-256: 84a9869547d139e7fc73ed31b71ad597ea8ed1375e9c94a2b5857a172c07a65c
kpatch-patch-3_10_0-1160_2_2-debuginfo-1-5.el7.x86_64.rpm SHA-256: b440174d61b819bac987029d27109964c909fbb5959c775809242dac0b77ceaf
kpatch-patch-3_10_0-1160_6_1-1-5.el7.x86_64.rpm SHA-256: 947177897448b1e4ea8cfc81808019d50d963d01c6b47a72c972ae3e30e2d475
kpatch-patch-3_10_0-1160_6_1-debuginfo-1-5.el7.x86_64.rpm SHA-256: 9ee101ee0857b54320e0195e55d2b64d2d0c41a5680c41f20d8dac8247e9cf05

Red Hat Enterprise Linux for Power, little endian 7

SRPM
kpatch-patch-3_10_0-1160-1-5.el7.src.rpm SHA-256: 7cd811b420e36438857c7e36cad8da9d2987a08a3539942ce5716414d788db9a
kpatch-patch-3_10_0-1160_11_1-1-4.el7.src.rpm SHA-256: 4d623516e700fcf2eacc2b38f5a70f732bfc1448c83803c957278858db2bb6bc
kpatch-patch-3_10_0-1160_15_2-1-4.el7.src.rpm SHA-256: 354162bd82534bc24d799d436dc7bdc99124c689029c7e808b3bfe1039a006e8
kpatch-patch-3_10_0-1160_21_1-1-2.el7.src.rpm SHA-256: a7c7453f7518292650b0920924473fd5f08cfa53252d3f223b75bb22b4afa7c8
kpatch-patch-3_10_0-1160_2_1-1-5.el7.src.rpm SHA-256: 8375029389385ea4a53790d35eb9434d5535e1f1c2c71fe08e5e87180656eb76
kpatch-patch-3_10_0-1160_2_2-1-5.el7.src.rpm SHA-256: 9433b8232651a313f4b0f033fa2bf3c3e376d2e527b2642465e0570513ed5270
kpatch-patch-3_10_0-1160_6_1-1-5.el7.src.rpm SHA-256: b34b213adc31d5528aabeeb4eadecbd5841cec7627b2e79ac693eae7a725407f
ppc64le
kpatch-patch-3_10_0-1160-1-5.el7.ppc64le.rpm SHA-256: b0d0e4f5e782245876947c663851eb9c3a2a6ff52f759542ae091b56bbac0e27
kpatch-patch-3_10_0-1160-debuginfo-1-5.el7.ppc64le.rpm SHA-256: 62aa81fe52dfeff5a58c2c2ab1bcf0974533b13e639b98c9cab0fcbda7b2819a
kpatch-patch-3_10_0-1160_11_1-1-4.el7.ppc64le.rpm SHA-256: 6f35e5ac6957ff192159efc89ea801e3758f41550e3a54747fb99a39819ea5cf
kpatch-patch-3_10_0-1160_11_1-debuginfo-1-4.el7.ppc64le.rpm SHA-256: 6256b304d691f7a0edc33dad933bb9205c509d4947744b611377d5d9f18f5e97
kpatch-patch-3_10_0-1160_15_2-1-4.el7.ppc64le.rpm SHA-256: 879ef1c3131355999ae995b423096c70a08323b70d872fd400bd4e1b01b2ad27
kpatch-patch-3_10_0-1160_15_2-debuginfo-1-4.el7.ppc64le.rpm SHA-256: 7e406788926e804e3633c71cce65434f4d67cbca1289e3a3ab45dee6c61a815c
kpatch-patch-3_10_0-1160_21_1-1-2.el7.ppc64le.rpm SHA-256: 22de734f32980681ef9698578e2881f0dddfa060be613d2822f1dc53e4107d20
kpatch-patch-3_10_0-1160_21_1-debuginfo-1-2.el7.ppc64le.rpm SHA-256: acbe9f08dfdfa0928f9a0ae6cd672f8f28099676f0fa312a3ad2f8154aba7431
kpatch-patch-3_10_0-1160_2_1-1-5.el7.ppc64le.rpm SHA-256: 4d34c7e38bc3ef7d798f87311ffb853b7a26f672ce3ab5f8e906129fde5a99ae
kpatch-patch-3_10_0-1160_2_1-debuginfo-1-5.el7.ppc64le.rpm SHA-256: ffc57ec920b1aac8aeca6d0089f617080108cfb896696c98e4de09acfef4ace1
kpatch-patch-3_10_0-1160_2_2-1-5.el7.ppc64le.rpm SHA-256: 2b69bd12eac08f5f445eaaf51f47d0807ae5709f216798ef44499f5266e071b6
kpatch-patch-3_10_0-1160_2_2-debuginfo-1-5.el7.ppc64le.rpm SHA-256: 2af0f7744d8ce08fefeae7b3ef25872f72bdb348813802ae0bead710a93d8f15
kpatch-patch-3_10_0-1160_6_1-1-5.el7.ppc64le.rpm SHA-256: 55235b918d45b626c7078a1380334d00c5284a7f03a9e5e8831a0742b12da1fa
kpatch-patch-3_10_0-1160_6_1-debuginfo-1-5.el7.ppc64le.rpm SHA-256: 6e923c321cf0bdb6ee86b659ea3513e1eb8a29e62876e2f8e34f497199eb8791

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter