SCIENTIFIC-LINUX-USERS Archives

August 2021

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Patrick Riehecky <[log in to unmask]>
Reply To:
Patrick Riehecky <[log in to unmask]>
Date:
Thu, 19 Aug 2021 13:53:55 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (1 lines)
This update was announced in error.



Pat



On Thu, 2021-08-19 at 13:42 +0000, Dave Dykstra wrote:

> This announcement is no longer on the scientificlinux.org website,

> and I

> according to Red Hat's website it has not published patches for any

> of

> these CVEs on RHEL 7.  Was the announcement a mistake and it has been

> withdrawn?

> 

> Dave

> 

> On Tue, Aug 17, 2021 at 03:45:39PM -0000, Scott Reid wrote on

> scientific-linux-errata:

> > Synopsis:          Important: kernel security update

> > Advisory ID:       SLSA-2021:3173-1

> > Issue Date:        2021-08-17

> > CVE Numbers:       CVE-2021-22543

> >                    CVE-2021-32399

> >                    CVE-2021-22555

> > --

> > 

> > Security Fix(es):

> > 

> > * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can

> > bypass RO

> > checks (CVE-2021-22543)

> > 

> > * kernel: out-of-bounds write in xt_compat_target_from_user() in

> > net/netfilter/x_tables.c (CVE-2021-22555)

> > 

> > * kernel: race condition for removal of the HCI controller

> > (CVE-2021-32399)

> > 

> > For more details about the security issue(s), including the impact,

> > a CVSS

> > score, acknowledgments, and other related information, refer to the

> > CVE

> > --

> > 

> > - Scientific Linux Development Team




ATOM RSS1 RSS2