Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:2316 - Security Advisory
Issued:
2021-06-08
Updated:
2021-06-08

RHSA-2021:2316 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
  • kernel: Use after free via PI futex state (CVE-2021-3347)
  • kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)
  • kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363)
  • kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE-2020-12364)
  • kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • lru-add-drain workqueue on RT is allocated without being used (BZ#1894587)
  • kernel-rt: update to the latest RHEL7.9.z source tree (BZ#1953118)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1802559 - CVE-2020-8648 kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c
  • BZ - 1894587 - lru-add-drain workqueue on RT is allocated without being used
  • BZ - 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state
  • BZ - 1930246 - CVE-2020-12362 kernel: Integer overflow in Intel(R) Graphics Drivers
  • BZ - 1930249 - CVE-2020-12363 kernel: Improper input validation in some Intel(R) Graphics Drivers
  • BZ - 1930251 - CVE-2020-12364 kernel: Null pointer dereference in some Intel(R) Graphics Drivers
  • BZ - 1940627 - CVE-2020-27170 kernel: Speculation on pointer arithmetic against bpf_context pointer

CVEs

  • CVE-2020-8648
  • CVE-2020-12362
  • CVE-2020-12363
  • CVE-2020-12364
  • CVE-2020-27170
  • CVE-2021-3347

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1160.31.1.rt56.1169.el7.src.rpm SHA-256: 2f98c4ff84331a565b975769988b7e3891aac0f20ee4bfa71a55a6396b1db99e
x86_64
kernel-rt-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: f754db2e178bd146a1763424b843e015dc35946027fe92fe3d2594075f9373bc
kernel-rt-debug-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 7e930a6376f9ab28c0412ddc222ffa5e134f18004a588a0480af81069d103a86
kernel-rt-debug-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 000d60437394dbc0427521a821d17549eba8b58c9a9f69d2397fbaf380432fec
kernel-rt-debug-devel-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: b161fade6b02bd383b8d667f54ffca0cf177e17799c374e1ae013c6a4f7aea18
kernel-rt-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: dc1c9e0a4a205376670ad58b16b72e910fea7b325e1ba620803ef1bc835c7254
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: ecf073af16ea0c7dc297bbffb416181de6cb5310e7026d9804354f90c9db0bf3
kernel-rt-devel-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 31b3e42b22856838ec336af8531e9b4536712f4910fc4460abd2d91bfab73adf
kernel-rt-doc-3.10.0-1160.31.1.rt56.1169.el7.noarch.rpm SHA-256: 6e4fb46f4b57dbbd62ffc92bdf502a18395cf7e05b9c58b3fd4128a72ede4acb
kernel-rt-trace-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 3a32220da4e6a56ad624285519d874ead9840aa0da2dd79f1a40c8f6a11f2f34
kernel-rt-trace-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: eac53fdccc53a2d7e67dd6d6c13cbd062446b65a0d0c2aae97256a1beee287f3
kernel-rt-trace-devel-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 92580ec9f1f85232ed29656a16a85db6d1585fd28c2ff574cbbbfc9204d10a3b

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1160.31.1.rt56.1169.el7.src.rpm SHA-256: 2f98c4ff84331a565b975769988b7e3891aac0f20ee4bfa71a55a6396b1db99e
x86_64
kernel-rt-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: f754db2e178bd146a1763424b843e015dc35946027fe92fe3d2594075f9373bc
kernel-rt-debug-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 7e930a6376f9ab28c0412ddc222ffa5e134f18004a588a0480af81069d103a86
kernel-rt-debug-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 000d60437394dbc0427521a821d17549eba8b58c9a9f69d2397fbaf380432fec
kernel-rt-debug-devel-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: b161fade6b02bd383b8d667f54ffca0cf177e17799c374e1ae013c6a4f7aea18
kernel-rt-debug-kvm-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 753133f43786c0614498ad620603f6fb86250bba6b3b8a2938244a61b0f7a2ee
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: d85cf9011b93c0a066595db5cb11b6e5ad606114682653e6724df144196274da
kernel-rt-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: dc1c9e0a4a205376670ad58b16b72e910fea7b325e1ba620803ef1bc835c7254
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: ecf073af16ea0c7dc297bbffb416181de6cb5310e7026d9804354f90c9db0bf3
kernel-rt-devel-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 31b3e42b22856838ec336af8531e9b4536712f4910fc4460abd2d91bfab73adf
kernel-rt-doc-3.10.0-1160.31.1.rt56.1169.el7.noarch.rpm SHA-256: 6e4fb46f4b57dbbd62ffc92bdf502a18395cf7e05b9c58b3fd4128a72ede4acb
kernel-rt-kvm-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 962de8c2a3a10b780b61077b69a736dbb1a937d0dfead76aaf620ce9d9cba529
kernel-rt-kvm-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 36d3a8e3acfc503702d649200ed117409e96f9f55b4fd8e49dec3a6c65549131
kernel-rt-trace-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 3a32220da4e6a56ad624285519d874ead9840aa0da2dd79f1a40c8f6a11f2f34
kernel-rt-trace-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: eac53fdccc53a2d7e67dd6d6c13cbd062446b65a0d0c2aae97256a1beee287f3
kernel-rt-trace-devel-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: 92580ec9f1f85232ed29656a16a85db6d1585fd28c2ff574cbbbfc9204d10a3b
kernel-rt-trace-kvm-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: ccb968f3d9ded293600ddb681c2953cd07ff2c347c4e7e3fd9c6f48b585baa6c
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.31.1.rt56.1169.el7.x86_64.rpm SHA-256: e997cac7fa3f8f41d93c74695502506da03e6df4a4e0a7ba366caaa141f0dacb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter