Red Hat Security Advisory 2022-0063-06

Red Hat Security Advisory 2022-0063-06: Posted Jan 16, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0063-06 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.; tags | advisory, overflow, kernel; systems | linux, redhat; advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-42739; SHA-256 | c84c038c92bb6a1bc8473039834465b0179c88c022a2c76894a288c9ffd97cd5; Download | Favorite | View
Red Hat Security Advisory 2022-0063-06

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security and bug fix update
Advisory ID:       RHSA-2022:0063-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:0063
Issue date:        2022-01-11
CVE Names:         CVE-2020-25704 CVE-2020-36322 CVE-2021-42739 
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)

* kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate
situations (CVE-2020-36322)

* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* A gfs2 withdrawal occurs function = gfs2_setbit, file = fs/gfs2/rgrp.c,
line = 109 (BZ#1364234)

* i40e SR-IOV TX driver issue detected on VF 7 - VF connectivity loose
after VF down/up (BZ#1977246)

* duplicate ACK not sent when expected (BZ#1990665)

* [kernel-debug] BUG: bad unlock balance detected! when running LTP
read_all (BZ#2006536)

* Rudimentary support for AMD Milan - Call init_amd_zn() om Family 19h
processors (BZ#2019218)

* A VM with <=8 CPUs handles all the Mellanox NIC interrupts on CPU0 only,
causing low performance (BZ#2019272)

* fix _PSD override quirk for AMD family 19h+ (BZ#2019588)

* generic_file_aio_read returns 0 when interrupted early with a fatal
signal (BZ#2020857)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory
1949560 - CVE-2020-36322 kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations
1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver
2020857 - generic_file_aio_read returns 0 when interrupted early with a fatal signal [rhel-7.9.z]

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1160.53.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.53.1.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.53.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64.rpm
perf-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1160.53.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.53.1.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.53.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64.rpm
perf-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
kernel-3.10.0-1160.53.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.53.1.el7.noarch.rpm

ppc64:
bpftool-3.10.0-1160.53.1.el7.ppc64.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-bootwrapper-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debug-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-devel-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-headers-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-tools-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-tools-libs-3.10.0-1160.53.1.el7.ppc64.rpm
perf-3.10.0-1160.53.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
python-perf-3.10.0-1160.53.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm

ppc64le:
bpftool-3.10.0-1160.53.1.el7.ppc64le.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-bootwrapper-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debug-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-devel-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-headers-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-tools-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-tools-libs-3.10.0-1160.53.1.el7.ppc64le.rpm
perf-3.10.0-1160.53.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
python-perf-3.10.0-1160.53.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm

s390x:
bpftool-3.10.0-1160.53.1.el7.s390x.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.s390x.rpm
kernel-3.10.0-1160.53.1.el7.s390x.rpm
kernel-debug-3.10.0-1160.53.1.el7.s390x.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.s390x.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.s390x.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.s390x.rpm
kernel-debuginfo-common-s390x-3.10.0-1160.53.1.el7.s390x.rpm
kernel-devel-3.10.0-1160.53.1.el7.s390x.rpm
kernel-headers-3.10.0-1160.53.1.el7.s390x.rpm
kernel-kdump-3.10.0-1160.53.1.el7.s390x.rpm
kernel-kdump-debuginfo-3.10.0-1160.53.1.el7.s390x.rpm
kernel-kdump-devel-3.10.0-1160.53.1.el7.s390x.rpm
perf-3.10.0-1160.53.1.el7.s390x.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.s390x.rpm
python-perf-3.10.0-1160.53.1.el7.s390x.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.s390x.rpm

x86_64:
bpftool-3.10.0-1160.53.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64.rpm
perf-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
bpftool-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-debuginfo-common-ppc64-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
kernel-tools-libs-devel-3.10.0-1160.53.1.el7.ppc64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.ppc64.rpm

ppc64le:
bpftool-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
kernel-tools-libs-devel-3.10.0-1160.53.1.el7.ppc64le.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.ppc64le.rpm

x86_64:
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
kernel-3.10.0-1160.53.1.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch.rpm
kernel-doc-3.10.0-1160.53.1.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1160.53.1.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-headers-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.53.1.el7.x86_64.rpm
perf-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.53.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1160.53.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-25704
https://access.redhat.com/security/cve/CVE-2020-36322
https://access.redhat.com/security/cve/CVE-2021-42739
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYeGYNdzjgjWX9erEAQii+A/+PMSOo+AjYd9UPhvYCDvzp2a4jL41c7hg
1cC+yijtbRKqzx07HzvntFKFmwCnUCApj88Fuv0X35UGk2NitdUhXTP4tzSw8pwn
8v+mFnn6AC0bAjEmZ3R0K17bvCP57+SgpabJgKQzVmD0Ar0/GPGUo8sg7jW5rOsB
7PwPzm9/2dYlRwhgfmny284vthYQa0AZB0BuYn5IdjqGmUvtyb3iB5fNanOEDF4L
B5c+bOCQNIcPeEg3yxTX3P7154N+tM0tZedbSpJMeUsRLs5xEJ88oRGXAPU2DmkW
HC5DIjrkuhCtjbjjKsOmXkpFzGDdejlvvEl+/CWQPhArvmObgeSF60sx1GDxnnfT
KraYV80dB2MP230E19i+gqhTxBZOj8Mh6XL/4FKQiQCIUvxIvDJ9MJ3oaxwgcIj/
NUREdRxWP9r89HSREX95WPIMkzKhWeH+gq2CwNtaVqnABZpL/0DNzAzsRO6Q33oY
V/rFLrTieKxk36DoG3Eqau5u80I70KuPNu3Ux9G70IXUqaAk+tF8oJ6sfcofrYHE
1ytTXDXSLKSvv6XmED2oHlqQqNf/nb6uFiaJnji7RJZO6VlkRljGqwuwQdq5/iWs
67W+Cd9ye4MhFA4O8emSgmHK8VUdfcjYGL0ycbPa3nr9vXqWggbGLpx9cnSHSMK2
lnYmCpZ2eQU=
=9ILY
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Top Authors In Last 30 Days

Red Hat 288 files
Ubuntu 99 files
Gentoo 29 files
indoushka 26 files
Debian 16 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
jheysel-r7 2 files
Pierre Kim 2 files
File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other
Red Hat Security Advisory 2022-0063-06

Red Hat Security Advisory 2022-0063-06

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2022-0063-06

Share This

Red Hat Security Advisory 2022-0063-06

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems
