Red Hat Product Errata RHSA-2021:3439 - Security Advisory
Issued:
2021-09-07
Updated:
2021-09-07

RHSA-2021:3439 - Security Advisory

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update to the latest RHEL7.9.z source tree (BZ#1995878)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 1993988 - CVE-2021-3715 kernel: use-after-free in route4_change() in net/sched/cls_route.c

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1160.42.2.rt56.1182.el7.src.rpm SHA-256: 85a3d9e3772acd73159579dc200daea199e8f20323a51cb78e0eecbe75230e55
x86_64
kernel-rt-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 90ec0d71201cf848f5efd81029d5082b664a661d5e7949cb3c3380ab1fce282d
kernel-rt-debug-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 51113f9b990c0242835d80073bca838d28dc32f5a1131445532cf83863ab1896
kernel-rt-debug-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 74cf74fec830ce05320bf5f03befebe32a6259a8ff5decd54f5458ce712ceb6e
kernel-rt-debug-devel-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 28c3bf13698377722db654144c7dd89a5ba9c944342f79cec895212634a9b395
kernel-rt-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 78375f7777ed83dd9da346173e848f1abb51ea961750450b71a7dc2d9bb956d8
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 02321143ae3540ac81259d0ffe308bd46155f5929d03352f38b38aadf3fb6dc3
kernel-rt-devel-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 1589bc54e571e4a8abc2b2afc20c565eb7c8c4f7c7887cf86c8a651d132a8297
kernel-rt-doc-3.10.0-1160.42.2.rt56.1182.el7.noarch.rpm SHA-256: b336a25418f467fd832a15d3c13ce5c5d7e51dc6f9349a0503d40f14a6d41071
kernel-rt-trace-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 2a0a283adf01336c6689ab669d4114c933b2f28c72d2a93f67f97be60064ccb5
kernel-rt-trace-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: c96ecb4b8f37e14cae5459ad7e2ae79c33be6e656cf44b6cc50e0758822332be
kernel-rt-trace-devel-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 2a845aae18e88678ceeac1c13984cfd27cc4625d29791bc9193152b50e2024e7

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1160.42.2.rt56.1182.el7.src.rpm SHA-256: 85a3d9e3772acd73159579dc200daea199e8f20323a51cb78e0eecbe75230e55
x86_64
kernel-rt-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 90ec0d71201cf848f5efd81029d5082b664a661d5e7949cb3c3380ab1fce282d
kernel-rt-debug-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 51113f9b990c0242835d80073bca838d28dc32f5a1131445532cf83863ab1896
kernel-rt-debug-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 74cf74fec830ce05320bf5f03befebe32a6259a8ff5decd54f5458ce712ceb6e
kernel-rt-debug-devel-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 28c3bf13698377722db654144c7dd89a5ba9c944342f79cec895212634a9b395
kernel-rt-debug-kvm-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 56ab5042b6f91498eddaf9b3bd993dc19492b0cd0ffc39022c73f52588613641
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 65895846630865661f9fb48a824c9eb96fd392bb5d1bdeda8438d861dca1fd91
kernel-rt-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 78375f7777ed83dd9da346173e848f1abb51ea961750450b71a7dc2d9bb956d8
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 02321143ae3540ac81259d0ffe308bd46155f5929d03352f38b38aadf3fb6dc3
kernel-rt-devel-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 1589bc54e571e4a8abc2b2afc20c565eb7c8c4f7c7887cf86c8a651d132a8297
kernel-rt-doc-3.10.0-1160.42.2.rt56.1182.el7.noarch.rpm SHA-256: b336a25418f467fd832a15d3c13ce5c5d7e51dc6f9349a0503d40f14a6d41071
kernel-rt-kvm-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: c7c7e2ff00fe534720444d5c005cd1612fc5a7d9444389922f0f849c7b7ac5dc
kernel-rt-kvm-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: cf1fbebb67e00d9d8c575be01695bc49331e76c480c9d558a7e19e5d6a4aef54
kernel-rt-trace-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 2a0a283adf01336c6689ab669d4114c933b2f28c72d2a93f67f97be60064ccb5
kernel-rt-trace-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: c96ecb4b8f37e14cae5459ad7e2ae79c33be6e656cf44b6cc50e0758822332be
kernel-rt-trace-devel-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 2a845aae18e88678ceeac1c13984cfd27cc4625d29791bc9193152b50e2024e7
kernel-rt-trace-kvm-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: e5b022ec80e77fdce2b4324f61a9040475f17378c0e6873139f01647ef7fe090
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.42.2.rt56.1182.el7.x86_64.rpm SHA-256: 1c60c098cf9b4cc17b9e08b0f465de72959d15384931d08c6da8b5156134b661

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.