What is the severity of RHSA-2021:1267?

RHSA-2021:1267 is rated as a moderate severity vulnerability affecting the Linux kernel.

How do I fix RHSA-2021:1267?

To fix RHSA-2021:1267, update your kernel packages to version 3.10.0-693.84.1.el7 or newer.

What vulnerabilities are addressed in RHSA-2021:1267?

RHSA-2021:1267 addresses CVE-2021-27364 and CVE-2021-27365, which are related to out-of-bounds read and heap buffer overflow in the iSCSI subsystem.

Which systems are affected by RHSA-2021:1267?

RHSA-2021:1267 affects systems running the kernel version up to 3.10.0-693.84.1.el7, including various architectures like x86_64 and ppc64le.

Is RHSA-2021:1267 applicable to all Linux distributions?

No, RHSA-2021:1267 specifically applies to Red Hat-based systems using the specified kernel version.

Vulnerability/
RHSA-2021:1267

CWE

119 416 362

20/4/2021

RHSA-2021:1267: Important: kernel security and bug fix update

First published: Tue Apr 20 2021(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)</li> <li> kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)</li> <li> kernel: performance counters race condition use-after-free (CVE-2020-14351)</li> <li> kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> Enable CI and changelog for GitLab workflow (BZ#1930932)</li>

Affected Software	Affected Version	How to fix
redhat/kernel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-abi-whitelists	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debug	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debug-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debug-devel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-devel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-doc	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-headers	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools-libs	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools-libs-devel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/perf	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/perf-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/python-perf	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/python-perf-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-bootwrapper	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debug	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debug-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debug-devel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-debuginfo-common-ppc64le	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-devel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-headers	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools-libs	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/kernel-tools-libs-devel	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/perf	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/perf-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/python-perf	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7
redhat/python-perf-debuginfo	<3.10.0-693.84.1.el7	3.10.0-693.84.1.el7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2021:1267?
RHSA-2021:1267 is rated as a moderate severity vulnerability affecting the Linux kernel.
How do I fix RHSA-2021:1267?
To fix RHSA-2021:1267, update your kernel packages to version 3.10.0-693.84.1.el7 or newer.
What vulnerabilities are addressed in RHSA-2021:1267?
RHSA-2021:1267 addresses CVE-2021-27364 and CVE-2021-27365, which are related to out-of-bounds read and heap buffer overflow in the iSCSI subsystem.
Which systems are affected by RHSA-2021:1267?
RHSA-2021:1267 affects systems running the kernel version up to 3.10.0-693.84.1.el7, including various architectures like x86_64 and ppc64le.
Is RHSA-2021:1267 applicable to all Linux distributions?
No, RHSA-2021:1267 specifically applies to Red Hat-based systems using the specified kernel version.

agent/severity
agent/softwarecombine
agent/type
agent/last-modified-date
agent/references
agent/first-publish-date
agent/remedy
agent/title
agent/weakness
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2021:1267
agent/software-canonical-lookup
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat