Subject: | |
From: | |
Reply To: | |
Date: | Thu, 19 Aug 2021 13:53:55 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
This update was announced in error.
Pat
On Thu, 2021-08-19 at 13:42 +0000, Dave Dykstra wrote:
> This announcement is no longer on the scientificlinux.org website,
> and I
> according to Red Hat's website it has not published patches for any
> of
> these CVEs on RHEL 7. Was the announcement a mistake and it has been
> withdrawn?
>
> Dave
>
> On Tue, Aug 17, 2021 at 03:45:39PM -0000, Scott Reid wrote on
> scientific-linux-errata:
> > Synopsis: Important: kernel security update
> > Advisory ID: SLSA-2021:3173-1
> > Issue Date: 2021-08-17
> > CVE Numbers: CVE-2021-22543
> > CVE-2021-32399
> > CVE-2021-22555
> > --
> >
> > Security Fix(es):
> >
> > * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can
> > bypass RO
> > checks (CVE-2021-22543)
> >
> > * kernel: out-of-bounds write in xt_compat_target_from_user() in
> > net/netfilter/x_tables.c (CVE-2021-22555)
> >
> > * kernel: race condition for removal of the HCI controller
> > (CVE-2021-32399)
> >
> > For more details about the security issue(s), including the impact,
> > a CVSS
> > score, acknowledgments, and other related information, refer to the
> > CVE
> > --
> >
> > - Scientific Linux Development Team
|
|
|