- Issued:
- 2022-04-05
- Updated:
- 2022-04-05
RHSA-2022:1199 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: use-after-free in RDMA listen() (CVE-2021-4028)
- kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update to the latest RHEL7.9.z13 source tree (BZ#2059411)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
Fixes
- BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
- BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
Red Hat Enterprise Linux for Real Time 7
SRPM | |
---|---|
kernel-rt-3.10.0-1160.62.1.rt56.1203.el7.src.rpm | SHA-256: 5785a9b769f383eeef00cd7964e117eda1628327735fee00b4e87ce3ab3edfce |
x86_64 | |
kernel-rt-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 8d43ba6e28aa3921d1313bc8cfcbb99e44c707a5d3768e06aabcc164de00c61c |
kernel-rt-debug-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 11a29444fcd2260039fcb64a56380369cc9b28da1a0218e8863586c93ccd509a |
kernel-rt-debug-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 49454c302f1014173a3c4e53417ff753da79259d699103e06e2dc43768d10458 |
kernel-rt-debug-devel-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 9e3d5153424f1f2d0c416a8cb1fcc1d2980a7af6e3b005e0930175822515df50 |
kernel-rt-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 95f0411f3a6c7650fc4c725d8963982d3272a4b862cddda89695189e75c21af1 |
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 80f31d0b28ff0e543cc88d7286a443438089506ca8bbba3b8af5f202bafb5712 |
kernel-rt-devel-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 7c34c936fb3afc077d8b709a7f6fc8131e25f155b13fa62591e570f84da0b8ea |
kernel-rt-doc-3.10.0-1160.62.1.rt56.1203.el7.noarch.rpm | SHA-256: 2f1167c173c4e64b0afdbfac3453a166cd1e0d829491d84ef56a0c8896138427 |
kernel-rt-trace-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 2c7651352b5d2a33be4580ae3ac8abdb391eaf0355d1c9b9d0711168536db8a1 |
kernel-rt-trace-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 37ef2eb032b85d47b44cf19bffc8d4f18d9d082069307a1caa98f7ae15bddedb |
kernel-rt-trace-devel-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 515dcea47df3764c0794962bf33dcd236883e55eedc9c50b5fcf8641c0061446 |
Red Hat Enterprise Linux for Real Time for NFV 7
SRPM | |
---|---|
kernel-rt-3.10.0-1160.62.1.rt56.1203.el7.src.rpm | SHA-256: 5785a9b769f383eeef00cd7964e117eda1628327735fee00b4e87ce3ab3edfce |
x86_64 | |
kernel-rt-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 8d43ba6e28aa3921d1313bc8cfcbb99e44c707a5d3768e06aabcc164de00c61c |
kernel-rt-debug-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 11a29444fcd2260039fcb64a56380369cc9b28da1a0218e8863586c93ccd509a |
kernel-rt-debug-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 49454c302f1014173a3c4e53417ff753da79259d699103e06e2dc43768d10458 |
kernel-rt-debug-devel-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 9e3d5153424f1f2d0c416a8cb1fcc1d2980a7af6e3b005e0930175822515df50 |
kernel-rt-debug-kvm-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 0e0b47048fb7032d2d7d33b464747e010013b3f62dba6f42584c63cb026ae383 |
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: a637eb7ba2830dbb39c0e82fe00ea9023cd6436165415d84ce9d6a6805131709 |
kernel-rt-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 95f0411f3a6c7650fc4c725d8963982d3272a4b862cddda89695189e75c21af1 |
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 80f31d0b28ff0e543cc88d7286a443438089506ca8bbba3b8af5f202bafb5712 |
kernel-rt-devel-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 7c34c936fb3afc077d8b709a7f6fc8131e25f155b13fa62591e570f84da0b8ea |
kernel-rt-doc-3.10.0-1160.62.1.rt56.1203.el7.noarch.rpm | SHA-256: 2f1167c173c4e64b0afdbfac3453a166cd1e0d829491d84ef56a0c8896138427 |
kernel-rt-kvm-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 615a791a79aaae9c771481df4b4134d870583bd0b434681d915646b69c5eb14c |
kernel-rt-kvm-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: efeea1a404249e3a21040b8964903d686d1323a3db688d9b5cac259d8bbb0221 |
kernel-rt-trace-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 2c7651352b5d2a33be4580ae3ac8abdb391eaf0355d1c9b9d0711168536db8a1 |
kernel-rt-trace-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 37ef2eb032b85d47b44cf19bffc8d4f18d9d082069307a1caa98f7ae15bddedb |
kernel-rt-trace-devel-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 515dcea47df3764c0794962bf33dcd236883e55eedc9c50b5fcf8641c0061446 |
kernel-rt-trace-kvm-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 08f59f99e04cab49bf641f9b03f870cec2df1189287489a1660386d9153eb94e |
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.62.1.rt56.1203.el7.x86_64.rpm | SHA-256: 76bce1a500c8e967367957750d33de5b3078fae3950713b76b914715a883b1a4 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.