RHSA-2021:1081: Important: kernel-rt security and bug fix update

First published: Tue Apr 06 2021(Updated: )

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<br>Security Fix(es):<br><li> kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)</li> <li> kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374)</li> <li> kernel: Use after free via PI futex state (CVE-2021-3347)</li> <li> kernel: race conditions caused by wrong locking in net/vmw_vsock/af_vsock.c (CVE-2021-26708)</li> <li> kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)</li> <li> kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)</li> <li> Kernel: KVM: host stack overflow due to lazy update IOAPIC (CVE-2020-27152)</li> <li> kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> kernel-rt possible livelock: WARNING: CPU: 28 PID: 3109 at kernel/ptrace.c:242 ptrace_check_attach+0xdd/0x1a0 (BZ#1925308)</li> <li> kernel-rt: update RT source tree to the RHEL-8.3.z3 source tree (BZ#1926369)</li>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/severity
• agent/type
• agent/first-publish-date
• agent/last-modified-date
• agent/softwarecombine
• agent/remedy
• agent/weakness
• agent/title
• agent/description
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2021:1081
• agent/software-canonical-lookup
• agent/references
• agent/event
• agent/tags
• agent/source
• package-manager/redhat