- Issued:
- 2021-06-01
- Updated:
- 2021-06-01
RHSA-2021:2190 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)
- kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
- kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374)
- kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the latest RHEL-8.2.z9 Batch source tree (BZ#1949685)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
Fixes
- BZ - 1848652 - CVE-2020-12114 kernel: DoS by corrupting mountpoint reference counter
- BZ - 1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore
- BZ - 1920480 - CVE-2020-0466 kernel: use after free in eventpoll.c may lead to escalation of privilege
- BZ - 1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2
| SRPM | |
|---|---|
| kernel-rt-4.18.0-193.56.1.rt13.106.el8_2.src.rpm | SHA-256: e6d1486de9045a03c964eff702e24199ee7bf2c0a2037490e5d581fa702359e8 |
| x86_64 | |
| kernel-rt-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: caaca7b4abe5d73982d166b34cc6e16a2dd4446ef3869ffc8ae39abc3a376263 |
| kernel-rt-core-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 126ccebebae3fc008b34334d52b0ccb983e6919774915a735ed87dd08211897c |
| kernel-rt-debug-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: b56521bb3e44567c563f7ee500a550cb32cab714c1974025cc7ab71a55e3aae6 |
| kernel-rt-debug-core-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: eefb575b50fa5f1d1fb1d6a1db6ec0284b4c332283c8541636827ef1828e56db |
| kernel-rt-debug-debuginfo-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 30920232f731f0dd0decfee3dc63d056c27cfe65987c5368518cbe092a801869 |
| kernel-rt-debug-devel-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 982115bd9e395eaa9c2e06cf8f068dfe2e641a0e0b03e343ad08df9b93bb86d6 |
| kernel-rt-debug-modules-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 282c8baf7710af78ee63ed28c5754fcd838d27c8cfb51aa25166b6b9051e3096 |
| kernel-rt-debug-modules-extra-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 65039cc9133c18547a5b978d4fef8661ef08ef3d8b65118419336bd2dd96c58e |
| kernel-rt-debuginfo-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 17ce7774451b7a9eb87c317812435c77931ee6f86bb423bde06ebbb7f53166da |
| kernel-rt-debuginfo-common-x86_64-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: d34b2470e19b84bdf7ed3e2993352d2e28d1624be27fca66ed59c50cd7d58acf |
| kernel-rt-devel-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: cbb0091c3e727af757720d44e0e53975a6b7932538d50fdf5ad15b259609d22d |
| kernel-rt-modules-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 56b51be135ec4f20d40a42ca415a64b804ae190bf6876c84efbb85dd06905894 |
| kernel-rt-modules-extra-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 64ff892849d9624a627d394f0e1819d0bee39b19a9d280bb3c01db7471ed5346 |
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2
| SRPM | |
|---|---|
| kernel-rt-4.18.0-193.56.1.rt13.106.el8_2.src.rpm | SHA-256: e6d1486de9045a03c964eff702e24199ee7bf2c0a2037490e5d581fa702359e8 |
| x86_64 | |
| kernel-rt-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: caaca7b4abe5d73982d166b34cc6e16a2dd4446ef3869ffc8ae39abc3a376263 |
| kernel-rt-core-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 126ccebebae3fc008b34334d52b0ccb983e6919774915a735ed87dd08211897c |
| kernel-rt-debug-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: b56521bb3e44567c563f7ee500a550cb32cab714c1974025cc7ab71a55e3aae6 |
| kernel-rt-debug-core-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: eefb575b50fa5f1d1fb1d6a1db6ec0284b4c332283c8541636827ef1828e56db |
| kernel-rt-debug-debuginfo-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 30920232f731f0dd0decfee3dc63d056c27cfe65987c5368518cbe092a801869 |
| kernel-rt-debug-devel-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 982115bd9e395eaa9c2e06cf8f068dfe2e641a0e0b03e343ad08df9b93bb86d6 |
| kernel-rt-debug-kvm-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: bcad1cace8a102dd77682914db6af54f7677ba3aba8dadce992e13935051d762 |
| kernel-rt-debug-modules-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 282c8baf7710af78ee63ed28c5754fcd838d27c8cfb51aa25166b6b9051e3096 |
| kernel-rt-debug-modules-extra-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 65039cc9133c18547a5b978d4fef8661ef08ef3d8b65118419336bd2dd96c58e |
| kernel-rt-debuginfo-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 17ce7774451b7a9eb87c317812435c77931ee6f86bb423bde06ebbb7f53166da |
| kernel-rt-debuginfo-common-x86_64-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: d34b2470e19b84bdf7ed3e2993352d2e28d1624be27fca66ed59c50cd7d58acf |
| kernel-rt-devel-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: cbb0091c3e727af757720d44e0e53975a6b7932538d50fdf5ad15b259609d22d |
| kernel-rt-kvm-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 98ea878650d6c15b5a11e9b99663590ac64b6415e91203c280bac9d0ed612a87 |
| kernel-rt-modules-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 56b51be135ec4f20d40a42ca415a64b804ae190bf6876c84efbb85dd06905894 |
| kernel-rt-modules-extra-4.18.0-193.56.1.rt13.106.el8_2.x86_64.rpm | SHA-256: 64ff892849d9624a627d394f0e1819d0bee39b19a9d280bb3c01db7471ed5346 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.