You are here
Home > Preporuke > Sigurnosni nedostatak jezgre operacijskog sustava

Sigurnosni nedostatak jezgre operacijskog sustava

by Vlatka Mišić - 0

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2021:0073-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0073
Issue date: 2021-01-12
CVE Names: CVE-2020-25641
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v. 8.2) – aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS EUS (v. 8.2) – aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in
DoS (CVE-2020-25641)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Please backport Jitter Entropy patches (BZ#1884682)

* Sometimes hit “error: kvm run failed Bad address” when launching a guest
on Power8 (BZ#1890883)

* [Intel 8.3 BUG] Unable to insert ‘i10nm_edac.ko’ EDAC kernel module on
JVL after CPU upgraded (BZ#1893330)

* RHEL8.1 – Random memory corruption may occur due to incorrect tlbflush
(BZ#1899209)

* RHEL8.1 Alpha – ISST-LTE:PNV:Witherspoon-DD2.3:woo: KDUMP hang during
shutdown, lpfc loses connection to disks (rootdisk:nvme) (BZ#1900101)

* pmtu of 1280 for vxlan as bridge port won’t work (BZ#1902083)

* Allocating domain failed for ehci-pci device (BZ#1902801)

* [Azure][RHEL8] IP forwarding issue in netvsc (BZ#1904326)

* pmtu not working with tunnels as bridge ports and br_netfilter loaded
(BZ#1907577)

* [Regression] RHEL8.2 – [kernel 148.el8] cpu (sys) time regression in SAP
HANA 2.0 benchmark benchInsertSubSelectPerformance (BZ#1908520)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1881424 – CVE-2020-25641 kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v. 8.2):

Source:
kernel-4.18.0-193.40.1.el8_2.src.rpm

aarch64:
bpftool-4.18.0-193.40.1.el8_2.aarch64.rpm
bpftool-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-core-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-cross-headers-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-core-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-devel-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-modules-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-modules-extra-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-devel-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-headers-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-modules-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-modules-extra-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-tools-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-tools-libs-4.18.0-193.40.1.el8_2.aarch64.rpm
perf-4.18.0-193.40.1.el8_2.aarch64.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
python3-perf-4.18.0-193.40.1.el8_2.aarch64.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm

noarch:
kernel-abi-whitelists-4.18.0-193.40.1.el8_2.noarch.rpm
kernel-doc-4.18.0-193.40.1.el8_2.noarch.rpm

ppc64le:
bpftool-4.18.0-193.40.1.el8_2.ppc64le.rpm
bpftool-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-core-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-cross-headers-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-core-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-devel-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-modules-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-devel-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-headers-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-modules-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-modules-extra-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-tools-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-tools-libs-4.18.0-193.40.1.el8_2.ppc64le.rpm
perf-4.18.0-193.40.1.el8_2.ppc64le.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
python3-perf-4.18.0-193.40.1.el8_2.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm

s390x:
bpftool-4.18.0-193.40.1.el8_2.s390x.rpm
bpftool-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-core-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-cross-headers-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debug-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debug-core-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debug-devel-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debug-modules-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debug-modules-extra-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-devel-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-headers-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-modules-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-modules-extra-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-tools-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-zfcpdump-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-zfcpdump-core-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-zfcpdump-devel-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-zfcpdump-modules-4.18.0-193.40.1.el8_2.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-193.40.1.el8_2.s390x.rpm
perf-4.18.0-193.40.1.el8_2.s390x.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm
python3-perf-4.18.0-193.40.1.el8_2.s390x.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.s390x.rpm

x86_64:
bpftool-4.18.0-193.40.1.el8_2.x86_64.rpm
bpftool-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-core-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-cross-headers-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-core-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-devel-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-modules-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-modules-extra-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-devel-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-headers-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-modules-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-modules-extra-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-tools-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-tools-libs-4.18.0-193.40.1.el8_2.x86_64.rpm
perf-4.18.0-193.40.1.el8_2.x86_64.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
python3-perf-4.18.0-193.40.1.el8_2.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v. 8.2):

aarch64:
bpftool-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
kernel-tools-libs-devel-4.18.0-193.40.1.el8_2.aarch64.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-193.40.1.el8_2.ppc64le.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
kernel-tools-libs-devel-4.18.0-193.40.1.el8_2.x86_64.rpm
perf-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.40.1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-25641
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX/1j9tzjgjWX9erEAQh6WBAAn50pPxs5qoBcYuXzq6YZ+msHDEQsiVwI
jl16U6O4g4GDVH8IkBrVLX3pancG1Cluee0zGPrBQ1DK+aZeyBWPxMR76z7/Hq68
hBXZ7Bp1fwriEKUOKtLiphpcW7J1lrfcmrceTQUlEVcMc2qondDi4IAAndMF1meC
LmG4P3ZLi8N7N/RBx1aul3C8bvAHb9UyVARJzg16MCgoAqzWDnkTaO0iVCu8FgC3
0B/I5Jc5iG35h7RHXhgGDGCRSEkkOiNmJ2itNs5SUIpB9gW1sXd5gE0ATl6jfknc
zKa1NjtxgHYrj1Tr+VCcz2cAPkud+rSx3SZ6yH2RzE5Bm8Uya9cVGvc4Z4avqmDO
jMhCEk7wytVjKDBWyq7xG2DwrcjPlmwEnA5AkFnX6tnktRsqOl7CMwshbTn6n87v
dmsnRGYRZnaptScU2OVfV3IqlrdplwIT/sRmP/1vOrsr3NGlLUTzcU2sipY0gXIi
E4hj/wuOOQMMTHZJg3q/EefNyigT2lv+H7oyrTp+M0Ro1Kk0BclzuE8/IbpGGGGx
KHAo7Z3YFwUxeMBqkk5x/Qi6D18mYFIcMQ5AyXu3/MQ9fxx5WDiXoOkaZDy62cFw
oeX30fl4h1sB2VHpwPvDtQZDw7eLhwt6mdUSQHLF3IFKkRvfzQ6kambKUxKuNC/+
6lTfY9isCdY=
=rj/d
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Vlatka Mišić
Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak jezgre operacijskog sustava Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja, otkrivanje osjetljivih informacija ili...

Close