RHSA-2021:2575 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: lz4 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for lz4 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limits on multicore systems.

Security Fix(es):

lz4: memory corruption due to an integer overflow bug caused by memmove argument (CVE-2021-3520)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64

Fixes

BZ - 1954559 - CVE-2021-3520 lz4: memory corruption due to an integer overflow bug caused by memmove argument

CVEs

CVE-2021-3520

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
x86_64
lz4-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 660a9a18b4ef164922742b4beee9541a1fe42087ea13513383777fde4e41ab15
lz4-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: d0fd733ce3cbe0e98d334767abb971e805f479574d45fd8575b5c68b9504b834
lz4-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e359f896ad2a8325c227f92fc6da23278f340b0c524274e7511f7a321998090
lz4-debugsource-1.8.3-3.el8_4.i686.rpm	SHA-256: 03f6d3019a21734798a3f074a881ab45b07fd07f9872ce474de59afecd65e860
lz4-debugsource-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e806c6d3fe47b761d944e400d12e7887b244bc916bb95c56a2218a3343e99ff
lz4-devel-1.8.3-3.el8_4.i686.rpm	SHA-256: 45f05a4a088fbd1e29f6a4fe0b3debc57a3a70f8d0570a6d5ef1b7afc4fe7e1b
lz4-devel-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 57534e0547d954c77f79603d8a0602fe0774be6443d158fbe56926c7a6543fc3
lz4-libs-1.8.3-3.el8_4.i686.rpm	SHA-256: ffd8b1442988961d21e3b0c72f9d74c800d991927003e3fb8c5a1930492c2e68
lz4-libs-1.8.3-3.el8_4.x86_64.rpm	SHA-256: f0e3f336e2910f8282c39a5bce21ffa35d6037842d219761ed8c58b4208077cc
lz4-libs-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: 7a41dc47100167da854e1852f0d7dbcbb2f4a86aa773b3ffdea8cc1621195e3b
lz4-libs-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: b2b61ebdd9032b5b1e4db5ff005fdf68f2c597d93a6e9993853bc049d94ad077

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
x86_64
lz4-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 660a9a18b4ef164922742b4beee9541a1fe42087ea13513383777fde4e41ab15
lz4-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: d0fd733ce3cbe0e98d334767abb971e805f479574d45fd8575b5c68b9504b834
lz4-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e359f896ad2a8325c227f92fc6da23278f340b0c524274e7511f7a321998090
lz4-debugsource-1.8.3-3.el8_4.i686.rpm	SHA-256: 03f6d3019a21734798a3f074a881ab45b07fd07f9872ce474de59afecd65e860
lz4-debugsource-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e806c6d3fe47b761d944e400d12e7887b244bc916bb95c56a2218a3343e99ff
lz4-devel-1.8.3-3.el8_4.i686.rpm	SHA-256: 45f05a4a088fbd1e29f6a4fe0b3debc57a3a70f8d0570a6d5ef1b7afc4fe7e1b
lz4-devel-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 57534e0547d954c77f79603d8a0602fe0774be6443d158fbe56926c7a6543fc3
lz4-libs-1.8.3-3.el8_4.i686.rpm	SHA-256: ffd8b1442988961d21e3b0c72f9d74c800d991927003e3fb8c5a1930492c2e68
lz4-libs-1.8.3-3.el8_4.x86_64.rpm	SHA-256: f0e3f336e2910f8282c39a5bce21ffa35d6037842d219761ed8c58b4208077cc
lz4-libs-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: 7a41dc47100167da854e1852f0d7dbcbb2f4a86aa773b3ffdea8cc1621195e3b
lz4-libs-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: b2b61ebdd9032b5b1e4db5ff005fdf68f2c597d93a6e9993853bc049d94ad077

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
x86_64
lz4-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 660a9a18b4ef164922742b4beee9541a1fe42087ea13513383777fde4e41ab15
lz4-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: d0fd733ce3cbe0e98d334767abb971e805f479574d45fd8575b5c68b9504b834
lz4-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e359f896ad2a8325c227f92fc6da23278f340b0c524274e7511f7a321998090
lz4-debugsource-1.8.3-3.el8_4.i686.rpm	SHA-256: 03f6d3019a21734798a3f074a881ab45b07fd07f9872ce474de59afecd65e860
lz4-debugsource-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e806c6d3fe47b761d944e400d12e7887b244bc916bb95c56a2218a3343e99ff
lz4-devel-1.8.3-3.el8_4.i686.rpm	SHA-256: 45f05a4a088fbd1e29f6a4fe0b3debc57a3a70f8d0570a6d5ef1b7afc4fe7e1b
lz4-devel-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 57534e0547d954c77f79603d8a0602fe0774be6443d158fbe56926c7a6543fc3
lz4-libs-1.8.3-3.el8_4.i686.rpm	SHA-256: ffd8b1442988961d21e3b0c72f9d74c800d991927003e3fb8c5a1930492c2e68
lz4-libs-1.8.3-3.el8_4.x86_64.rpm	SHA-256: f0e3f336e2910f8282c39a5bce21ffa35d6037842d219761ed8c58b4208077cc
lz4-libs-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: 7a41dc47100167da854e1852f0d7dbcbb2f4a86aa773b3ffdea8cc1621195e3b
lz4-libs-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: b2b61ebdd9032b5b1e4db5ff005fdf68f2c597d93a6e9993853bc049d94ad077

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
s390x
lz4-1.8.3-3.el8_4.s390x.rpm	SHA-256: 19960c2f7aeb42f9308c2420858af805c265109692d507127c9566f9ded67871
lz4-debuginfo-1.8.3-3.el8_4.s390x.rpm	SHA-256: 0eeb39a0ac92f2590c8f711d646fbfd2588a01cd5f2530df333a6cff6006873d
lz4-debugsource-1.8.3-3.el8_4.s390x.rpm	SHA-256: 68bfa811d3f7ae65833e084ed5511abbd1a04aaedd09b37a3c3a5eabf91efa89
lz4-devel-1.8.3-3.el8_4.s390x.rpm	SHA-256: d4c2226702e4c75cfafb86b67e50d12856ca313cfb87050c4631e9481bc79d94
lz4-libs-1.8.3-3.el8_4.s390x.rpm	SHA-256: 3cc27152e1f40c087ebdc8056f709d4fa2283e4950eff1cc1b2f5e7c34932a60
lz4-libs-debuginfo-1.8.3-3.el8_4.s390x.rpm	SHA-256: 86d54440343c7b4e1fa72885cceb5798663278a3e9c551702eb36e3176784c1c

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
s390x
lz4-1.8.3-3.el8_4.s390x.rpm	SHA-256: 19960c2f7aeb42f9308c2420858af805c265109692d507127c9566f9ded67871
lz4-debuginfo-1.8.3-3.el8_4.s390x.rpm	SHA-256: 0eeb39a0ac92f2590c8f711d646fbfd2588a01cd5f2530df333a6cff6006873d
lz4-debugsource-1.8.3-3.el8_4.s390x.rpm	SHA-256: 68bfa811d3f7ae65833e084ed5511abbd1a04aaedd09b37a3c3a5eabf91efa89
lz4-devel-1.8.3-3.el8_4.s390x.rpm	SHA-256: d4c2226702e4c75cfafb86b67e50d12856ca313cfb87050c4631e9481bc79d94
lz4-libs-1.8.3-3.el8_4.s390x.rpm	SHA-256: 3cc27152e1f40c087ebdc8056f709d4fa2283e4950eff1cc1b2f5e7c34932a60
lz4-libs-debuginfo-1.8.3-3.el8_4.s390x.rpm	SHA-256: 86d54440343c7b4e1fa72885cceb5798663278a3e9c551702eb36e3176784c1c

Red Hat Enterprise Linux for Power, little endian 8

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
ppc64le
lz4-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: c9d1b615cd297f7d81c2877377c510d83c4ca913e38f27ec2fc87da25f40fac0
lz4-debuginfo-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 179a314d2bdebd87e4afe811806a311c69479a381f18fe15daeed5ce0d163180
lz4-debugsource-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 984a80b61735c7bf38888dbcdb4f26d12b3e0151c9d80eac387d51664cfc6c02
lz4-devel-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 9e780bb0aa7324b591c5ad3cc96659a0b6926e5b1b706ad881b4fa7fc91923cc
lz4-libs-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: eacfb3a0ad76aadb67c4103a188c35a69d69f91dcfd6272de238cbaa087bf264
lz4-libs-debuginfo-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 7e3f67d8b872b391bd68cb9d3b59c678fa66c47c9abbaf4b71698f2d57164732

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
ppc64le
lz4-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: c9d1b615cd297f7d81c2877377c510d83c4ca913e38f27ec2fc87da25f40fac0
lz4-debuginfo-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 179a314d2bdebd87e4afe811806a311c69479a381f18fe15daeed5ce0d163180
lz4-debugsource-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 984a80b61735c7bf38888dbcdb4f26d12b3e0151c9d80eac387d51664cfc6c02
lz4-devel-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 9e780bb0aa7324b591c5ad3cc96659a0b6926e5b1b706ad881b4fa7fc91923cc
lz4-libs-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: eacfb3a0ad76aadb67c4103a188c35a69d69f91dcfd6272de238cbaa087bf264
lz4-libs-debuginfo-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 7e3f67d8b872b391bd68cb9d3b59c678fa66c47c9abbaf4b71698f2d57164732

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
x86_64
lz4-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 660a9a18b4ef164922742b4beee9541a1fe42087ea13513383777fde4e41ab15
lz4-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: d0fd733ce3cbe0e98d334767abb971e805f479574d45fd8575b5c68b9504b834
lz4-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e359f896ad2a8325c227f92fc6da23278f340b0c524274e7511f7a321998090
lz4-debugsource-1.8.3-3.el8_4.i686.rpm	SHA-256: 03f6d3019a21734798a3f074a881ab45b07fd07f9872ce474de59afecd65e860
lz4-debugsource-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e806c6d3fe47b761d944e400d12e7887b244bc916bb95c56a2218a3343e99ff
lz4-devel-1.8.3-3.el8_4.i686.rpm	SHA-256: 45f05a4a088fbd1e29f6a4fe0b3debc57a3a70f8d0570a6d5ef1b7afc4fe7e1b
lz4-devel-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 57534e0547d954c77f79603d8a0602fe0774be6443d158fbe56926c7a6543fc3
lz4-libs-1.8.3-3.el8_4.i686.rpm	SHA-256: ffd8b1442988961d21e3b0c72f9d74c800d991927003e3fb8c5a1930492c2e68
lz4-libs-1.8.3-3.el8_4.x86_64.rpm	SHA-256: f0e3f336e2910f8282c39a5bce21ffa35d6037842d219761ed8c58b4208077cc
lz4-libs-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: 7a41dc47100167da854e1852f0d7dbcbb2f4a86aa773b3ffdea8cc1621195e3b
lz4-libs-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: b2b61ebdd9032b5b1e4db5ff005fdf68f2c597d93a6e9993853bc049d94ad077

Red Hat Enterprise Linux for ARM 64 8

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
aarch64
lz4-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 7791db30f00162d085e6fc54a84ce000eaa0ebb434319c13ba58bded33a63ef9
lz4-debuginfo-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 194f9c2c61344ba1bc4d7da6babd5d62e4b822bd61b0d5bf5f72e428d72a0bb2
lz4-debugsource-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 073b59e7ebe3581c55e0b5b82b102d1bd83ee96d75a008e666de72ee93b1cafd
lz4-devel-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 2e12f487dede06c295d0474276f1d86d8d7e9b7a75edf17e710e32f4f01ff11e
lz4-libs-1.8.3-3.el8_4.aarch64.rpm	SHA-256: ab64a4ccc6b3f930aebb6413ece0031ceacdfba8ac7ee06c196b29df2f761ca1
lz4-libs-debuginfo-1.8.3-3.el8_4.aarch64.rpm	SHA-256: fbbdc6ddc1166ac07060e4ed9ffe6f0046ac76a633af2eb7168441d596cffb03

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
aarch64
lz4-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 7791db30f00162d085e6fc54a84ce000eaa0ebb434319c13ba58bded33a63ef9
lz4-debuginfo-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 194f9c2c61344ba1bc4d7da6babd5d62e4b822bd61b0d5bf5f72e428d72a0bb2
lz4-debugsource-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 073b59e7ebe3581c55e0b5b82b102d1bd83ee96d75a008e666de72ee93b1cafd
lz4-devel-1.8.3-3.el8_4.aarch64.rpm	SHA-256: 2e12f487dede06c295d0474276f1d86d8d7e9b7a75edf17e710e32f4f01ff11e
lz4-libs-1.8.3-3.el8_4.aarch64.rpm	SHA-256: ab64a4ccc6b3f930aebb6413ece0031ceacdfba8ac7ee06c196b29df2f761ca1
lz4-libs-debuginfo-1.8.3-3.el8_4.aarch64.rpm	SHA-256: fbbdc6ddc1166ac07060e4ed9ffe6f0046ac76a633af2eb7168441d596cffb03

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
ppc64le
lz4-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: c9d1b615cd297f7d81c2877377c510d83c4ca913e38f27ec2fc87da25f40fac0
lz4-debuginfo-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 179a314d2bdebd87e4afe811806a311c69479a381f18fe15daeed5ce0d163180
lz4-debugsource-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 984a80b61735c7bf38888dbcdb4f26d12b3e0151c9d80eac387d51664cfc6c02
lz4-devel-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 9e780bb0aa7324b591c5ad3cc96659a0b6926e5b1b706ad881b4fa7fc91923cc
lz4-libs-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: eacfb3a0ad76aadb67c4103a188c35a69d69f91dcfd6272de238cbaa087bf264
lz4-libs-debuginfo-1.8.3-3.el8_4.ppc64le.rpm	SHA-256: 7e3f67d8b872b391bd68cb9d3b59c678fa66c47c9abbaf4b71698f2d57164732

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4

SRPM
lz4-1.8.3-3.el8_4.src.rpm	SHA-256: 5952931f1ccd36d3db5bf1bb007966056e5fde6569a8d2da8e91b38bd9f41d3b
x86_64
lz4-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 660a9a18b4ef164922742b4beee9541a1fe42087ea13513383777fde4e41ab15
lz4-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: d0fd733ce3cbe0e98d334767abb971e805f479574d45fd8575b5c68b9504b834
lz4-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e359f896ad2a8325c227f92fc6da23278f340b0c524274e7511f7a321998090
lz4-debugsource-1.8.3-3.el8_4.i686.rpm	SHA-256: 03f6d3019a21734798a3f074a881ab45b07fd07f9872ce474de59afecd65e860
lz4-debugsource-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 3e806c6d3fe47b761d944e400d12e7887b244bc916bb95c56a2218a3343e99ff
lz4-devel-1.8.3-3.el8_4.i686.rpm	SHA-256: 45f05a4a088fbd1e29f6a4fe0b3debc57a3a70f8d0570a6d5ef1b7afc4fe7e1b
lz4-devel-1.8.3-3.el8_4.x86_64.rpm	SHA-256: 57534e0547d954c77f79603d8a0602fe0774be6443d158fbe56926c7a6543fc3
lz4-libs-1.8.3-3.el8_4.i686.rpm	SHA-256: ffd8b1442988961d21e3b0c72f9d74c800d991927003e3fb8c5a1930492c2e68
lz4-libs-1.8.3-3.el8_4.x86_64.rpm	SHA-256: f0e3f336e2910f8282c39a5bce21ffa35d6037842d219761ed8c58b4208077cc
lz4-libs-debuginfo-1.8.3-3.el8_4.i686.rpm	SHA-256: 7a41dc47100167da854e1852f0d7dbcbb2f4a86aa773b3ffdea8cc1621195e3b
lz4-libs-debuginfo-1.8.3-3.el8_4.x86_64.rpm	SHA-256: b2b61ebdd9032b5b1e4db5ff005fdf68f2c597d93a6e9993853bc049d94ad077

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.