RHSA-2022:0065: Red Hat Security Advisory: kernel-rt security and bug fix update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus
• Red Hat CodeReady Studio

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2022-01-11

Updated:

2022-01-11

RHSA-2022:0065 - Security Advisory

• Overview
• Updated Packages

Synopsis

Moderate: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

• kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
• kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322)
• kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• kernel-rt: update to the latest RHEL7.9.z11 source tree (BZ#2022891)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

• Red Hat Enterprise Linux for Real Time 7 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

• BZ - 1895961 - CVE-2020-25704 kernel: perf_event_parse_addr_filter memory
• BZ - 1949560 - CVE-2020-36322 kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations
• BZ - 1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver

Red Hat Enterprise Linux for Real Time 7

SRPM

kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.src.rpm

SHA-256: d15cbbe5db5ef8b2b29172a7faaf6ee5c8b7a815c96f1b0a2455ae40104871ba

x86_64

kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: e6e59bb30d94db808f93c692362c7665230310c3404264ff7142b7412babf13c

kernel-rt-debug-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 8214e552bf869935608b9cb114cc9d88abf54fa305b9dcee6a541f76cca45bdf

kernel-rt-debug-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: e07e32d96c1cec09b7cccca4cb941dabece2da1e84659eb0dc2418079a9d378e

kernel-rt-debug-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: f2cbb0f6434555a7129198d062fef78c56c3aeee7effe63d8919ad080c8b5370

kernel-rt-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 4a2c0dfde9726ebc47f7775f955da300a57d48871c1b1ac59ba6781e4375be1b

kernel-rt-debuginfo-common-x86_64-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 949072aca845785195b17b216d1c83a0692d205680036dd0bdc62e326b77a300

kernel-rt-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 9a50674f89cde57d4a7776cfa124399120dcec6b667f1e285d2922b2a2be6c3c

kernel-rt-doc-3.10.0-1160.53.1.rt56.1193.el7.noarch.rpm

SHA-256: 0c92a5a8b81d432113a15c9a22dbe9ff99edcf1673a98a8837d454cf090d8502

kernel-rt-trace-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: c4abb0f04fba627c1ef1525f5ede4601f1556356299d3e3b9769ce0d1d478069

kernel-rt-trace-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 7beb6f8f2462d8b79401cd8f01c9dd0063d77b2e6ca814fe987163752bf331ee

kernel-rt-trace-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: dba46ba0d0a89096c53e39d781a38104e9da551d86accae899ed9d8b84d9f2ee

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM

kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.src.rpm

SHA-256: d15cbbe5db5ef8b2b29172a7faaf6ee5c8b7a815c96f1b0a2455ae40104871ba

x86_64

kernel-rt-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: e6e59bb30d94db808f93c692362c7665230310c3404264ff7142b7412babf13c

kernel-rt-debug-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 8214e552bf869935608b9cb114cc9d88abf54fa305b9dcee6a541f76cca45bdf

kernel-rt-debug-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: e07e32d96c1cec09b7cccca4cb941dabece2da1e84659eb0dc2418079a9d378e

kernel-rt-debug-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: f2cbb0f6434555a7129198d062fef78c56c3aeee7effe63d8919ad080c8b5370

kernel-rt-debug-kvm-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 4cc9fe52ef64fc8f3e5cbc0722a6ede97b5fcdfb479164d773c9147992825820

kernel-rt-debug-kvm-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 2e42987ab290f908e794bcbee10099b9061538939fd464eff854d6f5fa4d6729

kernel-rt-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 4a2c0dfde9726ebc47f7775f955da300a57d48871c1b1ac59ba6781e4375be1b

kernel-rt-debuginfo-common-x86_64-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 949072aca845785195b17b216d1c83a0692d205680036dd0bdc62e326b77a300

kernel-rt-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 9a50674f89cde57d4a7776cfa124399120dcec6b667f1e285d2922b2a2be6c3c

kernel-rt-doc-3.10.0-1160.53.1.rt56.1193.el7.noarch.rpm

SHA-256: 0c92a5a8b81d432113a15c9a22dbe9ff99edcf1673a98a8837d454cf090d8502

kernel-rt-kvm-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 7b0b267e8a30859d585e89859fef70a7b22f1c83250e55efb07815d9dc05116d

kernel-rt-kvm-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: a69689cc6a97da83d5c73acbd53c4d550c391e7a5b6ad082ea280f34b40ba0ee

kernel-rt-trace-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: c4abb0f04fba627c1ef1525f5ede4601f1556356299d3e3b9769ce0d1d478069

kernel-rt-trace-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 7beb6f8f2462d8b79401cd8f01c9dd0063d77b2e6ca814fe987163752bf331ee

kernel-rt-trace-devel-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: dba46ba0d0a89096c53e39d781a38104e9da551d86accae899ed9d8b84d9f2ee

kernel-rt-trace-kvm-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: 35354d88e7cf9ecb47e5af73421f41717af085cacd288ca8634d60b450fbcb0f

kernel-rt-trace-kvm-debuginfo-3.10.0-1160.53.1.rt56.1193.el7.x86_64.rpm

SHA-256: ad79af19c487dbf397964237e51b7d46a7434fb09d9cfe1f32e03de9ccbeadca

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.