RHSA-2021:5241: Red Hat Security Advisory: kernel-rt security and bug fix update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus
• Red Hat CodeReady Studio

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2021-12-21

Updated:

2021-12-21

RHSA-2021:5241 - Security Advisory

• Overview
• Updated Packages

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

• kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename() (CVE-2021-20321)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• kernel-rt: update RT source tree to the RHEL-8.5.z1 source tree (BZ#2023988)
• [rt] RHEL-8.6: disable KASAN, KCSAN and UBSAN for kernel-rt (BZ#2026384)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

• Red Hat Enterprise Linux for Real Time 8 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

• BZ - 2013242 - CVE-2021-20321 kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()

Red Hat Enterprise Linux for Real Time 8

SRPM

kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.src.rpm

SHA-256: b482c016475b45175de3cfd881908b2416e83aeea632f9b0bd50640940e1e8df

x86_64

kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 9f0d6bc8ef64dba42242a7b3776c545f363d7d89b3c8ee111a87f68dde156ac0

kernel-rt-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: d0ca75b00fcd8299f089dc6da4232a00892f025992a0f2f42485f9faf677bbc2

kernel-rt-debug-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: c9a9aa232e0edd39ccca183a97b921756e41b81fe9a1fbbc258347e4bdea87a9

kernel-rt-debug-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 9914a2413cc46b2e96be38b15fc7571a964e9364da803a52e22419a4a5d778d3

kernel-rt-debug-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 7ed3f7d5afb23b8ecd632effaa0e1f82485463a1142157aeb623a82956c55627

kernel-rt-debug-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 394eaf4cd0fdc2efa7ffab9cdcbd3f10faf1446561b03bf43947b10339b11f85

kernel-rt-debug-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 06ceb493297def23396c342efb12b6d0642005eb0d0e1fcc86cb551aaf48c7e7

kernel-rt-debug-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: a0ec1d4fe3f40b1163bee81b9f2c88fc86e237b63c85b3dd8561f9f4207337dc

kernel-rt-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 6239add9eb58b0d17e82149b2ee191c7b55047566d65ab7b09970e3bfc3f7d7c

kernel-rt-debuginfo-common-x86_64-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 3bfb3d7a6c52dca46836775ce9abe61a415ccc42c7020f038cc76ebb93693430

kernel-rt-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: d4e58a801af314e60938f0d9cf68499a474495b98fc6d7d293f3a670a357b372

kernel-rt-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 1279762f2bce3bfdec151f62777b5dfca8589012f726c50d16d44537825ebde5

kernel-rt-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 670285cbbbe60a98ea6d63176e32811ad7a3a7e42f6b13c65012a7e3a41dc836

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM

kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.src.rpm

SHA-256: b482c016475b45175de3cfd881908b2416e83aeea632f9b0bd50640940e1e8df

x86_64

kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 9f0d6bc8ef64dba42242a7b3776c545f363d7d89b3c8ee111a87f68dde156ac0

kernel-rt-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: d0ca75b00fcd8299f089dc6da4232a00892f025992a0f2f42485f9faf677bbc2

kernel-rt-debug-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: c9a9aa232e0edd39ccca183a97b921756e41b81fe9a1fbbc258347e4bdea87a9

kernel-rt-debug-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 9914a2413cc46b2e96be38b15fc7571a964e9364da803a52e22419a4a5d778d3

kernel-rt-debug-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 7ed3f7d5afb23b8ecd632effaa0e1f82485463a1142157aeb623a82956c55627

kernel-rt-debug-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 394eaf4cd0fdc2efa7ffab9cdcbd3f10faf1446561b03bf43947b10339b11f85

kernel-rt-debug-kvm-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: a32029e0cecfb2241aeed0afb4dda339e1474368493189d2f8a65c732567c646

kernel-rt-debug-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 06ceb493297def23396c342efb12b6d0642005eb0d0e1fcc86cb551aaf48c7e7

kernel-rt-debug-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: a0ec1d4fe3f40b1163bee81b9f2c88fc86e237b63c85b3dd8561f9f4207337dc

kernel-rt-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 6239add9eb58b0d17e82149b2ee191c7b55047566d65ab7b09970e3bfc3f7d7c

kernel-rt-debuginfo-common-x86_64-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 3bfb3d7a6c52dca46836775ce9abe61a415ccc42c7020f038cc76ebb93693430

kernel-rt-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: d4e58a801af314e60938f0d9cf68499a474495b98fc6d7d293f3a670a357b372

kernel-rt-kvm-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: b3c3c5b3ccbcb1880fcf4014bfbbed7d2d39b80f25ed5c70d35c7769c0b99873

kernel-rt-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 1279762f2bce3bfdec151f62777b5dfca8589012f726c50d16d44537825ebde5

kernel-rt-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm

SHA-256: 670285cbbbe60a98ea6d63176e32811ad7a3a7e42f6b13c65012a7e3a41dc836

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.