- Issued:
- 2022-01-11
- Updated:
- 2022-01-11
RHSA-2022:0065 - Security Advisory
Synopsis
Moderate: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
- kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322)
- kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update to the latest RHEL7.9.z11 source tree (BZ#2022891)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
Fixes
- BZ - 1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory
- BZ - 1949560 - CVE-2020-36322 kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations
- BZ - 1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.src.rpm | SHA-256: d15cbbe5db5ef8b2b29172a7faaf6ee5c8b7a815c96f1b0a2455ae40104871ba |
| x86_64 | |
| kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: e6e59bb30d94db808f93c692362c7665230310c3404264ff7142b7412babf13c |
| kernel-rt-debug-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 8214e552bf869935608b9cb114cc9d88abf54fa305b9dcee6a541f76cca45bdf |
| kernel-rt-debug-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: e07e32d96c1cec09b7cccca4cb941dabece2da1e84659eb0dc2418079a9d378e |
| kernel-rt-debug-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: f2cbb0f6434555a7129198d062fef78c56c3aeee7effe63d8919ad080c8b5370 |
| kernel-rt-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 4a2c0dfde9726ebc47f7775f955da300a57d48871c1b1ac59ba6781e4375be1b |
| kernel-rt-debuginfo-common-x86_64-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 949072aca845785195b17b216d1c83a0692d205680036dd0bdc62e326b77a300 |
| kernel-rt-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 9a50674f89cde57d4a7776cfa124399120dcec6b667f1e285d2922b2a2be6c3c |
| kernel-rt-doc-3.10.0-1160.53.1.rt56.1193.el7.noarch.rpm | SHA-256: 0c92a5a8b81d432113a15c9a22dbe9ff99edcf1673a98a8837d454cf090d8502 |
| kernel-rt-trace-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: c4abb0f04fba627c1ef1525f5ede4601f1556356299d3e3b9769ce0d1d478069 |
| kernel-rt-trace-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 7beb6f8f2462d8b79401cd8f01c9dd0063d77b2e6ca814fe987163752bf331ee |
| kernel-rt-trace-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: dba46ba0d0a89096c53e39d781a38104e9da551d86accae899ed9d8b84d9f2ee |
Red Hat Enterprise Linux for Real Time for NFV 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.src.rpm | SHA-256: d15cbbe5db5ef8b2b29172a7faaf6ee5c8b7a815c96f1b0a2455ae40104871ba |
| x86_64 | |
| kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: e6e59bb30d94db808f93c692362c7665230310c3404264ff7142b7412babf13c |
| kernel-rt-debug-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 8214e552bf869935608b9cb114cc9d88abf54fa305b9dcee6a541f76cca45bdf |
| kernel-rt-debug-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: e07e32d96c1cec09b7cccca4cb941dabece2da1e84659eb0dc2418079a9d378e |
| kernel-rt-debug-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: f2cbb0f6434555a7129198d062fef78c56c3aeee7effe63d8919ad080c8b5370 |
| kernel-rt-debug-kvm-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 4cc9fe52ef64fc8f3e5cbc0722a6ede97b5fcdfb479164d773c9147992825820 |
| kernel-rt-debug-kvm-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 2e42987ab290f908e794bcbee10099b9061538939fd464eff854d6f5fa4d6729 |
| kernel-rt-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 4a2c0dfde9726ebc47f7775f955da300a57d48871c1b1ac59ba6781e4375be1b |
| kernel-rt-debuginfo-common-x86_64-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 949072aca845785195b17b216d1c83a0692d205680036dd0bdc62e326b77a300 |
| kernel-rt-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 9a50674f89cde57d4a7776cfa124399120dcec6b667f1e285d2922b2a2be6c3c |
| kernel-rt-doc-3.10.0-1160.53.1.rt56.1193.el7.noarch.rpm | SHA-256: 0c92a5a8b81d432113a15c9a22dbe9ff99edcf1673a98a8837d454cf090d8502 |
| kernel-rt-kvm-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 7b0b267e8a30859d585e89859fef70a7b22f1c83250e55efb07815d9dc05116d |
| kernel-rt-kvm-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: a69689cc6a97da83d5c73acbd53c4d550c391e7a5b6ad082ea280f34b40ba0ee |
| kernel-rt-trace-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: c4abb0f04fba627c1ef1525f5ede4601f1556356299d3e3b9769ce0d1d478069 |
| kernel-rt-trace-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 7beb6f8f2462d8b79401cd8f01c9dd0063d77b2e6ca814fe987163752bf331ee |
| kernel-rt-trace-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: dba46ba0d0a89096c53e39d781a38104e9da551d86accae899ed9d8b84d9f2ee |
| kernel-rt-trace-kvm-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: 35354d88e7cf9ecb47e5af73421f41717af085cacd288ca8634d60b450fbcb0f |
| kernel-rt-trace-kvm-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm | SHA-256: ad79af19c487dbf397964237e51b7d46a7434fb09d9cfe1f32e03de9ccbeadca |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.