Subject: | |
From: | |
Reply To: | |
Date: | Thu, 19 Aug 2021 13:42:00 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
This announcement is no longer on the scientificlinux.org website, and I
according to Red Hat's website it has not published patches for any of
these CVEs on RHEL 7. Was the announcement a mistake and it has been
withdrawn?
Dave
On Tue, Aug 17, 2021 at 03:45:39PM -0000, Scott Reid wrote on scientific-linux-errata:
> Synopsis: Important: kernel security update
> Advisory ID: SLSA-2021:3173-1
> Issue Date: 2021-08-17
> CVE Numbers: CVE-2021-22543
> CVE-2021-32399
> CVE-2021-22555
> --
>
> Security Fix(es):
>
> * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO
> checks (CVE-2021-22543)
>
> * kernel: out-of-bounds write in xt_compat_target_from_user() in
> net/netfilter/x_tables.c (CVE-2021-22555)
>
> * kernel: race condition for removal of the HCI controller
> (CVE-2021-32399)
>
> For more details about the security issue(s), including the impact, a CVSS
> score, acknowledgments, and other related information, refer to the CVE
> --
>
> - Scientific Linux Development Team
|
|
|