Red Hat Security Advisory 2021-2316-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include integer overflow, null pointer, and use-after-free vulnerabilities.
da329e84b8a2493bc5902ca7fbabf7a1154e94c0edc2a8854051da5de179d463
Red Hat Security Advisory 2021-2314-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include integer overflow, null pointer, and use-after-free vulnerabilities.
79e4b14a55ff6019bd546df5f3f2edbb10c04d16a4a1d857ef855c0e9b2df54c
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. Various other issues were also addressed.
469cc31bae7443b09e56a62b4aac4c6a731592910bda9c7097efee0cfc5ebb11
Ubuntu Security Notice 4890-1 - Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information. Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
b25993fe5d12873c32c2eaf455cfa3c641110f1b5ba08a35d185354f593c26a3
Ubuntu Security Notice 4887-1 - De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information or possibly execute arbitrary code. Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
9a06c7465cb26d1b56d2a8903cc4d503a19d30e3db18b40322b2ce482b14f4f4