alsa-2021:4056
Vulnerability from osv_almalinux
Published
2021-11-02 07:47
Modified
2021-11-02 18:48
Summary
Important: kernel security, bug fix, and enhancement update
Details

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)

  • kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)

  • kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • [HPE 8.3 bug] No EDAC MC0 message with one-DIMM two-processor configuration under AlmaLinux8.3 (BZ#1982182)

  • mlx: devlink port function shows all zero hw_addr (BZ#1986837)

  • net/sched: act_mirred: allow saving the last chain processed on xmit path (BZ#1992230)

  • AlmaLinux8.3 - System hang and / or r/o fs during SVC/v5k/v7k maintenance with ibmvfc (BZ#1993892)

  • AlmaLinux8.1 Snapshot3 - PVT:940:virt:4TB:LPM operation failed by returning HSCLA2CF, HSCL365C SRC's - Linux partition suspend timeout (-> documentation/Linux Alert through LTC bug 182549) (BZ#1993952)

  • AlmaLinux8.4 - benchTableRepDMLAsyncBarrier regresses by 34% on AlmaLinux8.4 on POWER9 compared to AlmaLinux8.2 (performance) (BZ#1997431)

  • [panic] call trace: ice_probe+0x238/0x10f0 [ice] (BZ#1997539)

  • [ice, PTP] ice: fix GPIO 1PPS signal (BZ#1997572)

  • Fix locality handling in the tpm_tis driver (BZ#1998219)

  • [ice, PTP]: fix Tx queue iteration for Tx timestamp enablement (BZ#2000128)

  • PCI passthrough with NVidia GPU "Invalid device 0003:01:00.0 iommu_group file /sys/bus/pci/devices/0003:01:00.0/iommu_group is not a symlink" (BZ#2000602)

  • [DELL 8.4 BUG] - System Hangs at Dell Logo When Boot to OS(e1000e with wrong GbE checksum) (BZ#2002335)

  • AlmaLinux8.4 - kernel: Fix hanging ioctl caused by wrong msg counter (BZ#2002635)

  • kernel: get_timespec64 does not ignore padding in compat syscalls (BZ#2003569)

  • [mlx5] eth0: hw csum failure (BZ#2005980)

  • xlog_grant_head_wait() does not return and system hangs (BZ#2007413)

  • panic while breaking a lease/delegation after user mode helper invocation (BZ#2010331)

  • Lockd invalid cast to nlm_lockowner (BZ#2010820)

  • [xfstests generic/388] XFS: Assertion failed: 0, file: fs/xfs/xfs_mount.c, line: 1218 (BZ#2011919)

Enhancement(s):

  • [Intel 8.5 FEAT] ice: Enable PTP Support (BZ#1998220)

  • [Intel 8.5 FEAT] ice: Enable GPIO/SDP Support (BZ#1998221)

To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-tools-libs-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-305.25.1.el8_4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [HPE 8.3 bug] No EDAC MC0 message with one-DIMM two-processor configuration under AlmaLinux8.3 (BZ#1982182)\n\n* mlx: devlink port function shows all zero hw_addr (BZ#1986837)\n\n* net/sched: act_mirred: allow saving the last chain processed on xmit path (BZ#1992230)\n\n* AlmaLinux8.3 - System hang and / or r/o fs during SVC/v5k/v7k maintenance with ibmvfc (BZ#1993892)\n\n* AlmaLinux8.1 Snapshot3 - PVT:940:virt:4TB:LPM operation failed by returning HSCLA2CF, HSCL365C SRC\u0027s - Linux partition suspend timeout (-\u003e documentation/Linux Alert through LTC bug 182549) (BZ#1993952)\n\n* AlmaLinux8.4 - benchTableRepDMLAsyncBarrier regresses by 34% on AlmaLinux8.4 on POWER9 compared to AlmaLinux8.2 (performance) (BZ#1997431)\n\n* [panic] call trace: ice_probe+0x238/0x10f0 [ice] (BZ#1997539)\n\n* [ice, PTP] ice: fix GPIO 1PPS signal  (BZ#1997572)\n\n* Fix locality handling in the tpm_tis driver (BZ#1998219)\n\n* [ice, PTP]: fix Tx queue iteration for Tx timestamp enablement (BZ#2000128)\n\n* PCI passthrough with NVidia GPU \"Invalid device 0003:01:00.0 iommu_group file /sys/bus/pci/devices/0003:01:00.0/iommu_group is not a symlink\" (BZ#2000602)\n\n* [DELL 8.4 BUG] - System Hangs at Dell Logo When Boot to OS(e1000e with wrong GbE checksum) (BZ#2002335)\n\n* AlmaLinux8.4 - kernel: Fix hanging ioctl caused by wrong msg counter (BZ#2002635)\n\n* kernel: get_timespec64 does not ignore padding in compat syscalls (BZ#2003569)\n\n* [mlx5] eth0: hw csum failure (BZ#2005980)\n\n* xlog_grant_head_wait() does not return and system hangs (BZ#2007413)\n\n* panic while breaking a lease/delegation after user mode helper invocation (BZ#2010331)\n\n* Lockd invalid cast to nlm_lockowner (BZ#2010820)\n\n* [xfstests generic/388] XFS: Assertion failed: 0, file: fs/xfs/xfs_mount.c, line: 1218 (BZ#2011919)\n\nEnhancement(s):\n\n* [Intel 8.5 FEAT] ice: Enable PTP Support (BZ#1998220)\n\n* [Intel 8.5 FEAT] ice: Enable GPIO/SDP Support (BZ#1998221)",
  "id": "ALSA-2021:4056",
  "modified": "2021-11-02T18:48:59Z",
  "published": "2021-11-02T07:47:41Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2020-36385"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-0512"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3656"
    }
  ],
  "related": [
    "CVE-2020-36385",
    "CVE-2021-0512",
    "CVE-2021-3656"
  ],
  "summary": "Important: kernel security, bug fix, and enhancement update"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.