Content-Type: |
text/plain; charset="utf-8" |
Date: |
Mon, 12 Apr 2021 18:18:54 -0000 |
Reply-To: |
|
Subject: |
|
MIME-Version: |
1.0 |
Message-ID: |
<20210412181854.1664.2886@4d14c5bc2382> |
Content-Transfer-Encoding: |
7bit |
Sender: |
|
From: |
|
Parts/Attachments: |
|
|
Synopsis: Important: kernel security and bug fix update
Advisory ID: SLSA-2021:1071-1
Issue Date: 2021-04-06
CVE Numbers: CVE-2021-27365
CVE-2021-27363
CVE-2021-27364
--
Security Fix(es):
* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)
* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)
* kernel: iscsi: unrestricted access to sessions and handles
(CVE-2021-27363)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
Bug Fix(es):
* Customer testing eMMC sees and intermittent boot problem on 7.8+, was
not seen on 7.3
* tcm loopback driver causes double-start of scsi command when work is
delayed
* [Azure][SL-7]Mellanox Patches To Prevent Kernel Hang In MLX4
* A patch from upstream c365c292d059 causes us to end up leaving
rt_nr_boosted in an inconsistent state, which causes a hard lockup.
* [SL7.9.z] Add fix to update snd_wl1 in bulk receiver fast path
--
- Scientific Linux Development Team
|
|
|